search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Translated using Weblate (Slovenian)
[phpmyadmin.git] / index.php
blob33365c38148644d21f23eee2dc08fe9455271595
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * Main loader script
5 *
6 * @package PhpMyAdmin
7 */
8
9 /**
10 * Gets some core libraries and displays a top message if required
11 */
12 require_once 'libraries/common.inc.php';
13
14 /**
15 * display Git revision if requested
16 */
17 require_once 'libraries/display_git_revision.lib.php';
18
19 /**
20 * pass variables to child pages
21 */
22 $drops = array(
23 'lang',
24 'server',
25 'collation_connection',
26 'db',
27 'table'
28 );
29 foreach ($drops as $each_drop) {
30 if (array_key_exists($each_drop, $_GET)) {
31 unset($_GET[$each_drop]);
32 }
33 }
34 unset($drops, $each_drop);
35
36 /*
37 * Black list of all scripts to which front-end must submit data.
38 * Such scripts must not be loaded on home page.
39 *
40 */
41 $target_blacklist = array (
42 'import.php', 'export.php'
43 );
44
45 // If we have a valid target, let's load that script instead
46 if (! empty($_REQUEST['target'])
47 && is_string($_REQUEST['target'])
48 && ! preg_match('/^index/', $_REQUEST['target'])
49 && ! in_array($_REQUEST['target'], $target_blacklist)
50 && in_array($_REQUEST['target'], $goto_whitelist)
51 ) {
52 include $_REQUEST['target'];
53 exit;
54 }
55
56 if (isset($_REQUEST['ajax_request']) && ! empty($_REQUEST['access_time'])) {
57 exit;
58 }
59
60 // See FAQ 1.34
61 if (! empty($_REQUEST['db'])) {
62 $page = null;
63 if (! empty($_REQUEST['table'])) {
64 $page = PMA_Util::getScriptNameForOption(
65 $GLOBALS['cfg']['DefaultTabTable'], 'table'
66 );
67 } else {
68 $page = PMA_Util::getScriptNameForOption(
69 $GLOBALS['cfg']['DefaultTabDatabase'], 'database'
70 );
71 }
72 include $page;
73 exit;
74 }
75
76 /**
77 * Check if it is an ajax request to reload the recent tables list.
78 */
79 require_once 'libraries/RecentFavoriteTable.class.php';
80 if ($GLOBALS['is_ajax_request'] && ! empty($_REQUEST['recent_table'])) {
81 $response = PMA_Response::getInstance();
82 $response->addJSON(
83 'list',
84 PMA_RecentFavoriteTable::getInstance('recent')->getHtmlList()
85 );
86 exit;
87 }
88
89 if ($GLOBALS['PMA_Config']->isGitRevision()) {
90 if (isset($_REQUEST['git_revision']) && $GLOBALS['is_ajax_request'] == true) {
91 PMA_printGitRevision();
92 exit;
93 }
94 echo '<div id="is_git_revision"></div>';
95 }
96
97 // Handles some variables that may have been sent by the calling script
98 $GLOBALS['db'] = '';
99 $GLOBALS['table'] = '';
100 $show_query = '1';
101
102 // Any message to display?
103 if (! empty($message)) {
104 echo PMA_Util::getMessage($message);
105 unset($message);
106 }
107
108 $common_url_query = PMA_URL_getCommon();
109 $mysql_cur_user_and_host = '';
110
111 // when $server > 0, a server has been chosen so we can display
112 // all MySQL-related information
113 if ($server > 0) {
114 include 'libraries/server_common.inc.php';
115 include 'libraries/StorageEngine.class.php';
116
117 // Use the verbose name of the server instead of the hostname
118 // if a value is set
119 $server_info = '';
120 if (! empty($cfg['Server']['verbose'])) {
121 $server_info .= htmlspecialchars($cfg['Server']['verbose']);
122 if ($GLOBALS['cfg']['ShowServerInfo']) {
123 $server_info .= ' (';
124 }
125 }
126 if ($GLOBALS['cfg']['ShowServerInfo'] || empty($cfg['Server']['verbose'])) {
127 $server_info .= $GLOBALS['dbi']->getHostInfo();
128 }
129 if (! empty($cfg['Server']['verbose']) && $GLOBALS['cfg']['ShowServerInfo']) {
130 $server_info .= ')';
131 }
132 $mysql_cur_user_and_host = $GLOBALS['dbi']->fetchValue('SELECT USER();');
133
134 // should we add the port info here?
135 $short_server_info = (!empty($GLOBALS['cfg']['Server']['verbose'])
136 ? $GLOBALS['cfg']['Server']['verbose']
137 : $GLOBALS['cfg']['Server']['host']);
138 }
139
140 echo '<div id="maincontainer">' . "\n";
141 // Anchor for favorite tables synchronization.
142 echo PMA_RecentFavoriteTable::getInstance('favorite')->getHtmlSyncFavoriteTables();
143 echo '<div id="main_pane_left">';
144 if ($server > 0 || count($cfg['Servers']) > 1
145 ) {
146 if ($cfg['DBG']['demo']) {
147 echo '<div class="group">';
148 echo '<h2>' . __('phpMyAdmin Demo Server') . '</h2>';
149 echo '<p style="margin: 0.5em 1em 0.5em 1em">';
150 printf(
151 __(
152 'You are using the demo server. You can do anything here, but '
153 . 'please do not change root, debian-sys-maint and pma users. '
154 . 'More information is available at %s.'
155 ),
156 '<a href="http://demo.phpmyadmin.net/">demo.phpmyadmin.net</a>'
157 );
158 echo '</p>';
159 echo '</div>';
160 }
161 echo '<div class="group">';
162 echo '<h2>' . __('General Settings') . '</h2>';
163 echo '<ul>';
164
165 /**
166 * Displays the MySQL servers choice form
167 */
168 if ($cfg['ServerDefault'] == 0
169 || (! $cfg['NavigationDisplayServers']
170 && (count($cfg['Servers']) > 1
171 || ($server == 0 && count($cfg['Servers']) == 1)))
172 ) {
173 echo '<li id="li_select_server" class="no_bullets" >';
174 include_once 'libraries/select_server.lib.php';
175 echo PMA_Util::getImage('s_host.png') . " " . PMA_selectServer(true, true);
176 echo '</li>';
177 }
178
179 /**
180 * Displays the mysql server related links
181 */
182 if ($server > 0 && ! PMA_DRIZZLE) {
183 include_once 'libraries/check_user_privileges.lib.php';
184
185 // Logout for advanced authentication
186 if ($cfg['Server']['auth_type'] != 'config') {
187 if ($cfg['ShowChgPassword']) {
188 $conditional_class = 'ajax';
189 PMA_printListItem(
190 PMA_Util::getImage('s_passwd.png') . " " . __('Change password'),
191 'li_change_password',
192 'user_password.php' . $common_url_query,
193 null,
194 null,
195 'change_password_anchor',
196 "no_bullets",
197 $conditional_class
198 );
199 }
200 } // end if
201 echo ' <li id="li_select_mysql_collation" class="no_bullets" >';
202 echo ' <form method="post" action="index.php">' . "\n"
203 . PMA_URL_getHiddenInputs(null, null, 4, 'collation_connection')
204 . ' <label for="select_collation_connection">' . "\n"
205 . ' ' . PMA_Util::getImage('s_asci.png') . " "
206 . __('Server connection collation') . "\n"
207 // put the doc link in the form so that it appears on the same line
208 . PMA_Util::showMySQLDocu('Charset-connection')
209 . ': ' . "\n"
210 . ' </label>' . "\n"
211
212 . PMA_generateCharsetDropdownBox(
213 PMA_CSDROPDOWN_COLLATION,
214 'collation_connection',
215 'select_collation_connection',
216 $collation_connection,
217 true,
218 true
219 )
220 . ' </form>' . "\n"
221 . ' </li>' . "\n";
222 } // end of if ($server > 0 && !PMA_DRIZZLE)
223 echo '</ul>';
224 echo '</div>';
225 }
226
227 echo '<div class="group">';
228 echo '<h2>' . __('Appearance Settings') . '</h2>';
229 echo ' <ul>';
230
231 // Displays language selection combo
232 if (empty($cfg['Lang']) && count($GLOBALS['available_languages']) > 1) {
233 echo '<li id="li_select_lang" class="no_bullets">';
234 include_once 'libraries/display_select_lang.lib.php';
235 echo PMA_Util::getImage('s_lang.png') . " " . PMA_getLanguageSelectorHtml();
236 echo '</li>';
237 }
238
239 // ThemeManager if available
240
241 if ($GLOBALS['cfg']['ThemeManager']) {
242 echo '<li id="li_select_theme" class="no_bullets">';
243 echo PMA_Util::getImage('s_theme.png') . " "
244 . $_SESSION['PMA_Theme_Manager']->getHtmlSelectBox();
245 echo '</li>';
246 }
247 echo '<li id="li_select_fontsize">';
248 echo PMA_Config::getFontsizeForm();
249 echo '</li>';
250
251 echo '</ul>';
252
253 // User preferences
254
255 if ($server > 0) {
256 echo '<ul>';
257 PMA_printListItem(
258 PMA_Util::getImage('b_tblops.png') . " " . __('More settings'),
259 'li_user_preferences',
260 'prefs_manage.php' . $common_url_query,
261 null,
262 null,
263 null,
264 "no_bullets"
265 );
266 echo '</ul>';
267 }
268
269 echo '</div>';
270
271
272 echo '</div>';
273 echo '<div id="main_pane_right">';
274
275
276 if ($server > 0 && $GLOBALS['cfg']['ShowServerInfo']) {
277
278 echo '<div class="group">';
279 echo '<h2>' . __('Database server') . '</h2>';
280 echo '<ul>' . "\n";
281 PMA_printListItem(
282 __('Server:') . ' ' . $server_info,
283 'li_server_info'
284 );
285 PMA_printListItem(
286 __('Server type:') . ' ' . PMA_Util::getServerType(),
287 'li_server_type'
288 );
289 PMA_printListItem(
290 __('Server version:')
291 . ' '
292 . PMA_MYSQL_STR_VERSION . ' - ' . PMA_MYSQL_VERSION_COMMENT,
293 'li_server_version'
294 );
295 PMA_printListItem(
296 __('Protocol version:') . ' ' . $GLOBALS['dbi']->getProtoInfo(),
297 'li_mysql_proto'
298 );
299 PMA_printListItem(
300 __('User:') . ' ' . htmlspecialchars($mysql_cur_user_and_host),
301 'li_user_info'
302 );
303
304 echo ' <li id="li_select_mysql_charset">';
305 echo ' ' . __('Server charset:') . ' '
306 . ' <span lang="en" dir="ltr">';
307 if (! PMA_DRIZZLE) {
308 echo ' '
309 . $mysql_charsets_descriptions[$mysql_charset_map['utf-8']];
310 }
311 echo ' (' . $mysql_charset_map['utf-8'] . ')'
312 . ' </span>'
313 . ' </li>'
314 . ' </ul>'
315 . ' </div>';
316 }
317
318 if ($GLOBALS['cfg']['ShowServerInfo'] || $GLOBALS['cfg']['ShowPhpInfo']) {
319 echo '<div class="group">';
320 echo '<h2>' . __('Web server') . '</h2>';
321 echo '<ul>';
322 if ($GLOBALS['cfg']['ShowServerInfo']) {
323 PMA_printListItem($_SERVER['SERVER_SOFTWARE'], 'li_web_server_software');
324
325 if ($server > 0) {
326 $client_version_str = $GLOBALS['dbi']->getClientInfo();
327 if (preg_match('#\d+\.\d+\.\d+#', $client_version_str)) {
328 $client_version_str = 'libmysql - ' . $client_version_str;
329 }
330 PMA_printListItem(
331 __('Database client version:') . ' ' . $client_version_str,
332 'li_mysql_client_version'
333 );
334
335 $php_ext_string = __('PHP extension:') . ' ';
336 if (PMA_DatabaseInterface::checkDbExtension('mysqli')) {
337 $extension = 'mysqli';
338 } else {
339 $extension = 'mysql';
340 }
341 $php_ext_string .= $extension . ' '
342 . PMA_Util::showPHPDocu('book.' . $extension . '.php');
343
344 PMA_printListItem(
345 $php_ext_string,
346 'li_used_php_extension'
347 );
348
349 $php_version_string = __('PHP version:') . ' ' . phpversion();
350
351 PMA_printListItem(
352 $php_version_string,
353 'li_used_php_version'
354 );
355 }
356 }
357
358 if ($cfg['ShowPhpInfo']) {
359 PMA_printListItem(
360 __('Show PHP information'),
361 'li_phpinfo',
362 'phpinfo.php' . $common_url_query,
363 null,
364 '_blank'
365 );
366 }
367 echo ' </ul>';
368 echo ' </div>';
369 }
370
371 echo '<div class="group pmagroup">';
372 echo '<h2>phpMyAdmin</h2>';
373 echo '<ul>';
374 $class = null;
375 // We rely on CSP to allow access to http://www.phpmyadmin.net, but IE lacks
376 // support here and does not allow request to http once using https.
377 if ($GLOBALS['cfg']['VersionCheck']
378 && (! $GLOBALS['PMA_Config']->get('is_https') || PMA_USR_BROWSER_AGENT != 'IE')
379 ) {
380 $class = 'jsversioncheck';
381 }
382 PMA_printListItem(
383 __('Version information:') . ' <span class="version">' . PMA_VERSION . '</span>',
384 'li_pma_version',
385 null,
386 null,
387 null,
388 null,
389 $class
390 );
391 PMA_printListItem(
392 __('Documentation'),
393 'li_pma_docs',
394 PMA_Util::getDocuLink('index'),
395 null,
396 '_blank'
397 );
398 PMA_printListItem(
399 __('Wiki'),
400 'li_pma_wiki',
401 PMA_linkURL('http://wiki.phpmyadmin.net/'),
402 null,
403 '_blank'
404 );
405
406 // does not work if no target specified, don't know why
407 PMA_printListItem(
408 __('Official Homepage'),
409 'li_pma_homepage',
410 PMA_linkURL('http://www.phpMyAdmin.net/'),
411 null,
412 '_blank'
413 );
414 PMA_printListItem(
415 __('Contribute'),
416 'li_pma_contribute',
417 PMA_linkURL('https://www.phpmyadmin.net/contribute/'),
418 null,
419 '_blank'
420 );
421 PMA_printListItem(
422 __('Get support'),
423 'li_pma_support',
424 PMA_linkURL('https://www.phpmyadmin.net/support/'),
425 null,
426 '_blank'
427 );
428 PMA_printListItem(
429 __('List of changes'),
430 'li_pma_changes',
431 'changelog.php' . PMA_URL_getCommon(),
432 null,
433 '_blank'
434 );
435 echo ' </ul>';
436 echo ' </div>';
437
438 echo '</div>';
439
440 echo '</div>';
441
442 /**
443 * Warning if using the default MySQL privileged account
444 */
445 if ($server != 0
446 && $cfg['Server']['user'] == 'root'
447 && $cfg['Server']['password'] == ''
448 ) {
449 trigger_error(
450 __(
451 'You are connected as \'root\' with no password, which'
452 . ' corresponds to the default MySQL privileged account.'
453 . ' Your MySQL server is running with this default, is open to'
454 . ' intrusion, and you really should fix this security hole by'
455 . ' setting a password for user \'root\'.'
456 ),
457 E_USER_WARNING
458 );
459 }
460
461 /**
462 * As we try to handle charsets by ourself, mbstring overloads just
463 * break it, see bug 1063821.
464 */
465 if (@extension_loaded('mbstring') && @ini_get('mbstring.func_overload') > 1) {
466 trigger_error(
467 __(
468 'You have enabled mbstring.func_overload in your PHP '
469 . 'configuration. This option is incompatible with phpMyAdmin '
470 . 'and might cause some data to be corrupted!'
471 ),
472 E_USER_WARNING
473 );
474 }
475
476 /**
477 * mbstring is used for handling multibytes inside parser, so it is good
478 * to tell user something might be broken without it, see bug #1063149.
479 */
480 if (! @extension_loaded('mbstring')) {
481 trigger_error(
482 __(
483 'The mbstring PHP extension was not found and you seem to be using'
484 . ' a multibyte charset. Without the mbstring extension phpMyAdmin'
485 . ' is unable to split strings correctly and it may result in'
486 . ' unexpected results.'
487 ),
488 E_USER_WARNING
489 );
490 }
491
492 if ($cfg['LoginCookieValidityDisableWarning'] == false) {
493 /**
494 * Check whether session.gc_maxlifetime limits session validity.
495 */
496 $gc_time = (int)@ini_get('session.gc_maxlifetime');
497 if ($gc_time < $GLOBALS['cfg']['LoginCookieValidity'] ) {
498 trigger_error(
499 __('Your PHP parameter [a@http://php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime@_blank]session.gc_maxlifetime[/a] is lower than cookie validity configured in phpMyAdmin, because of this, your login might expire sooner than configured in phpMyAdmin.'),
500 E_USER_WARNING
501 );
502 }
503 }
504
505 /**
506 * Check whether LoginCookieValidity is limited by LoginCookieStore.
507 */
508 if ($GLOBALS['cfg']['LoginCookieStore'] != 0
509 && $GLOBALS['cfg']['LoginCookieStore'] < $GLOBALS['cfg']['LoginCookieValidity']
510 ) {
511 trigger_error(
512 __('Login cookie store is lower than cookie validity configured in phpMyAdmin, because of this, your login will expire sooner than configured in phpMyAdmin.'),
513 E_USER_WARNING
514 );
515 }
516
517 /**
518 * Check if user does not have defined blowfish secret and it is being used.
519 */
520 if (! empty($_SESSION['encryption_key'])
521 && empty($GLOBALS['cfg']['blowfish_secret'])
522 ) {
523 trigger_error(
524 __('The configuration file now needs a secret passphrase (blowfish_secret).'),
525 E_USER_WARNING
526 );
527 }
528
529 /**
530 * Check for existence of config directory which should not exist in
531 * production environment.
532 */
533 if (file_exists('config')) {
534 trigger_error(
535 __('Directory [code]config[/code], which is used by the setup script, still exists in your phpMyAdmin directory. It is strongly recommended to remove it once phpMyAdmin has been configured. Otherwise the security of your server may be compromised by unauthorized people downloading your configuration.'),
536 E_USER_WARNING
537 );
538 }
539
540 if ($server > 0) {
541 $cfgRelation = PMA_getRelationsParam();
542 if (! $cfgRelation['allworks']
543 && $cfg['PmaNoRelation_DisableWarning'] == false
544 ) {
545 $msg_text = __(
546 'The phpMyAdmin configuration storage is not completely '
547 . 'configured, some extended features have been deactivated. '
548 . '%sFind out why%s. '
549 );
550 if ($cfg['ZeroConf'] == true) {
551 $msg_text .= '<br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;' .
552 __(
553 'Or alternately go to \'Operations\' tab of any database '
554 . 'to set it up there.'
555 );
556 }
557 $msg = PMA_Message::notice($msg_text);
558 $msg->addParam(
559 '<a href="' . $cfg['PmaAbsoluteUri'] . 'chk_rel.php'
560 . $common_url_query . '">',
561 false
562 );
563 $msg->addParam('</a>', false);
564 /* Show error if user has configured something, notice elsewhere */
565 if (!empty($cfg['Servers'][$server]['pmadb'])) {
566 $msg->isError(true);
567 }
568 $msg->display();
569 } // end if
570 }
571
572 /**
573 * Warning about different MySQL library and server version
574 * (a difference on the third digit does not count).
575 * If someday there is a constant that we can check about mysqlnd,
576 * we can use it instead of strpos().
577 * If no default server is set, $GLOBALS['dbi'] is not defined yet.
578 * Drizzle can speak MySQL protocol, so don't warn about version mismatch for
579 * Drizzle servers.
580 * We also do not warn if MariaDB is detected, as it has its own version
581 * numbering.
582 */
583 if (isset($GLOBALS['dbi'])
584 && !PMA_DRIZZLE
585 && $cfg['ServerLibraryDifference_DisableWarning'] == false
586 ) {
587 /** @var PMA_String $pmaString */
588 $pmaString = $GLOBALS['PMA_String'];
589
590 $_client_info = $GLOBALS['dbi']->getClientInfo();
591 if ($server > 0
592 && /*overload*/mb_strpos($_client_info, 'mysqlnd') === false
593 && /*overload*/mb_strpos(PMA_MYSQL_STR_VERSION, 'MariaDB') === false
594 && substr(PMA_MYSQL_CLIENT_API, 0, 3) != substr(
595 PMA_MYSQL_INT_VERSION, 0, 3
596 )
597 ) {
598 trigger_error(
599 PMA_sanitize(
600 sprintf(
601 __('Your PHP MySQL library version %s differs from your MySQL server version %s. This may cause unpredictable behavior.'),
602 $_client_info,
603 substr(
604 PMA_MYSQL_STR_VERSION,
605 0,
606 strpos(PMA_MYSQL_STR_VERSION . '-', '-')
607 )
608 )
609 ),
610 E_USER_NOTICE
611 );
612 }
613 unset($_client_info);
614 }
615
616 /**
617 * Warning about Suhosin only if its simulation mode is not enabled
618 */
619 if ($cfg['SuhosinDisableWarning'] == false
620 && @ini_get('suhosin.request.max_value_length')
621 && @ini_get('suhosin.simulation') == '0'
622 ) {
623 trigger_error(
624 sprintf(
625 __('Server running with Suhosin. Please refer to %sdocumentation%s for possible issues.'),
626 '[doc@faq1-38]',
627 '[/doc]'
628 ),
629 E_USER_WARNING
630 );
631 }
632
633 /**
634 * Warning about incomplete translations.
635 *
636 * The data file is created while creating release by ./scripts/remove-incomplete-mo
637 */
638 if (file_exists('libraries/language_stats.inc.php')) {
639 include 'libraries/language_stats.inc.php';
640 /*
641 * This message is intentionally not translated, because we're
642 * handling incomplete translations here and focus on english
643 * speaking users.
644 */
645 if (isset($GLOBALS['language_stats'][$lang])
646 && $GLOBALS['language_stats'][$lang] < $cfg['TranslationWarningThreshold']
647 ) {
648 trigger_error(
649 'You are using an incomplete translation, please help to make it '
650 . 'better by [a@https://www.phpmyadmin.net/translate/'
651 . '@_blank]contributing[/a].',
652 E_USER_NOTICE
653 );
654 }
655 }
656
657 /**
658 * prints list item for main page
659 *
660 * @param string $name displayed text
661 * @param string $listId id, used for css styles
662 * @param string $url make item as link with $url as target
663 * @param string $mysql_help_page display a link to MySQL's manual
664 * @param string $target special target for $url
665 * @param string $a_id id for the anchor,
666 * used for jQuery to hook in functions
667 * @param string $class class for the li element
668 * @param string $a_class class for the anchor element
669 *
670 * @return void
671 */
672 function PMA_printListItem($name, $listId = null, $url = null,
673 $mysql_help_page = null, $target = null, $a_id = null, $class = null,
674 $a_class = null
675 ) {
676 echo '<li id="' . $listId . '"';
677 if (null !== $class) {
678 echo ' class="' . $class . '"';
679 }
680 echo '>';
681 if (null !== $url) {
682 echo '<a href="' . $url . '"';
683 if (null !== $target) {
684 echo ' target="' . $target . '"';
685 }
686 if (null !== $a_id) {
687 echo ' id="' . $a_id . '"';
688 }
689 if (null !== $a_class) {
690 echo ' class="' . $a_class . '"';
691 }
692 echo '>';
693 }
694
695 echo $name;
696
697 if (null !== $url) {
698 echo '</a>' . "\n";
699 }
700 if (null !== $mysql_help_page) {
701 echo PMA_Util::showMySQLDocu($mysql_help_page);
702 }
703 echo '</li>';
704 }
phpMyAdmin