search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
2.5.2 maybe
[phpmyadmin/crack.git] / read_dump.php3
blobdf794d3d1b8309beb28679c6600a11a441809800
1 <?php
2 /* $Id$ */
3 // vim: expandtab sw=4 ts=4 sts=4:
4
5 /**
6 * Gets some core libraries
7 */
8 require('./libraries/read_dump.lib.php3');
9 require('./libraries/grab_globals.lib.php3');
10 require('./libraries/common.lib.php3');
11
12 if (!isset($db)) {
13 $db = '';
14 }
15
16 /**
17 * Increases the max. allowed time to run a script
18 */
19 @set_time_limit($cfg['ExecTimeLimit']);
20
21
22 /**
23 * Defines the url to return to in case of error in a sql statement
24 */
25 if (!isset($goto) || !eregi('^(db_details|tbl_properties)(_[a-z]*)?\.php3$', $goto)) {
26 $goto = 'db_details.php3';
27 }
28 $err_url = $goto
29 . '?' . PMA_generate_common_url($db)
30 . (eregi('^tbl_properties(_[a-z]*)?\.php3$', $goto) ? '&amp;table=' . urlencode($table) : '');
31
32
33 /**
34 * Set up default values for some variables
35 */
36 $view_bookmark = 0;
37 $sql_bookmark = isset($sql_bookmark) ? $sql_bookmark : '';
38 $sql_query = isset($sql_query) ? $sql_query : '';
39 if (!empty($sql_localfile) && $cfg['UploadDir'] != '') {
40 $sql_file = $cfg['UploadDir'] . $sql_localfile;
41 } else if (empty($sql_file)) {
42 $sql_file = 'none';
43 }
44
45
46 /**
47 * Bookmark Support: get a query back from bookmark if required
48 */
49 if (!empty($id_bookmark)) {
50 include('./libraries/bookmark.lib.php3');
51 switch ($action_bookmark) {
52 case 0: // bookmarked query that have to be run
53 $sql_query = PMA_queryBookmarks($db, $cfg['Bookmark'], $id_bookmark);
54 if (isset($bookmark_variable) && !empty($bookmark_variable)) {
55 $sql_query = preg_replace('|/\*(.*)\[VARIABLE\](.*)\*/|imsU', '${1}' . PMA_sqlAddslashes($bookmark_variable) . '${2}', $sql_query);
56 }
57 break;
58 case 1: // bookmarked query that have to be displayed
59 $sql_query = PMA_queryBookmarks($db, $cfg['Bookmark'], $id_bookmark);
60 $view_bookmark = 1;
61 break;
62 case 2: // bookmarked query that have to be deleted
63 $sql_query = PMA_deleteBookmarks($db, $cfg['Bookmark'], $id_bookmark);
64 break;
65 }
66 } // end if
67
68
69 /**
70 * Prepares the sql query
71 */
72 // Gets the query from a file if required
73 if ($sql_file != 'none') {
74 // loic1 : fixed a security issue
75 // if ((file_exists($sql_file) && is_uploaded_file($sql_file))
76 // || file_exists($cfg['UploadDir'] . $sql_localfile)) {
77 if (file_exists($sql_file)
78 && ((isset($sql_localfile) && $sql_file == $cfg['UploadDir'] . $sql_localfile) || is_uploaded_file($sql_file))) {
79 $open_basedir = '';
80 if (PMA_PHP_INT_VERSION >= 40000) {
81 $open_basedir = @ini_get('open_basedir');
82 }
83 if (empty($open_basedir)) {
84 $open_basedir = @get_cfg_var('open_basedir');
85 }
86
87 // If we are on a server with open_basedir, we must move the file
88 // before opening it. The doc explains how to create the "./tmp"
89 // directory
90
91 if (!empty($open_basedir)) {
92
93 $tmp_subdir = (PMA_IS_WINDOWS ? '.\\tmp\\' : './tmp/');
94
95 // function is_writeable() is valid on PHP3 and 4
96 if (!is_writeable($tmp_subdir)) {
97 // if we cannot move the file, let PHP report the error
98 error_reporting(E_ALL);
99 $sql_query = PMA_readFile($sql_file, $sql_file_compression);
100 }
101 else {
102 $sql_file_new = $tmp_subdir . basename($sql_file);
103 if (PMA_PHP_INT_VERSION < 40003) {
104 copy($sql_file, $sql_file_new);
105 } else {
106 move_uploaded_file($sql_file, $sql_file_new);
107 }
108 $sql_query = PMA_readFile($sql_file_new, $sql_file_compression);
109 unlink($sql_file_new);
110 }
111 }
112 else {
113 // read from the normal upload dir
114 $sql_query = PMA_readFile($sql_file, $sql_file_compression);
115 }
116
117 // Convert the file's charset if necessary
118 if ($cfg['AllowAnywhereRecoding'] && $allow_recoding
119 && isset($charset_of_file) && $charset_of_file != $charset) {
120 $sql_query = PMA_convert_string($charset_of_file, $charset, $sql_query);
121 }
122 } // end uploaded file stuff
123 }
124
125 // Kanji convert SQL textfile 2002/1/4 by Y.Kawada
126 if (@function_exists('PMA_kanji_str_conv')) {
127 $sql_tmp = trim($sql_query);
128 PMA_change_enc_order();
129 $sql_query = PMA_kanji_str_conv($sql_tmp, $knjenc, isset($xkana) ? $xkana : '');
130 PMA_change_enc_order();
131 } else {
132 $sql_query = trim($sql_query);
133 }
134
135 // $sql_query come from the query textarea, if it's a reposted query gets its
136 // 'true' value
137 if (!empty($prev_sql_query)) {
138 $prev_sql_query = urldecode($prev_sql_query);
139 if ($sql_query == trim(htmlspecialchars($prev_sql_query))) {
140 $sql_query = $prev_sql_query;
141 }
142 }
143
144 // Drop database is not allowed -> ensure the query can be run
145 if (!$cfg['AllowUserDropDatabase']
146 && eregi('DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE ', $sql_query)) {
147 // Checks if the user is a Superuser
148 // TODO: set a global variable with this information
149 // loic1: optimized query
150 $result = @PMA_mysql_query('USE mysql');
151 if (PMA_mysql_error()) {
152 include('./header.inc.php3');
153 PMA_mysqlDie($strNoDropDatabases, '', '', $err_url);
154 }
155 }
156 define('PMA_CHK_DROP', 1);
157
158 /**
159 * Executes the query
160 */
161 if ($sql_query != '') {
162 $pieces = array();
163 PMA_splitSqlFile($pieces, $sql_query, PMA_MYSQL_INT_VERSION);
164 $pieces_count = count($pieces);
165 if ($pieces_count > 1) {
166 $is_multiple = TRUE;
167 }
168
169 // Copy of the cleaned sql statement for display purpose only (see near the
170 // beginning of "db_details.php3" & "tbl_properties.php3")
171 if ($sql_file != 'none' && $pieces_count > 10) {
172 // Be nice with bandwidth...
173 $sql_query_cpy = $sql_query = '';
174 } else {
175 $sql_query_cpy = implode(";\n", $pieces) . ';';
176 // Be nice with bandwidth... for now, an arbitrary limit of 500,
177 // could be made configurable but probably not necessary
178 if (strlen($sql_query_cpy) > 500) {
179 $sql_query_cpy = $sql_query = '';
180 }
181 }
182
183 // really run the query?
184 if ($view_bookmark == 0) {
185 // Only one query to run
186 if ($pieces_count == 1 && !empty($pieces[0])) {
187 $sql_query = $pieces[0];
188 if (eregi('^(DROP|CREATE)[[:space:]]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)', $sql_query)) {
189 $reload = 1;
190 }
191 include('./sql.php3');
192 exit();
193 }
194
195 // Runs multiple queries
196 else if (PMA_mysql_select_db($db)) {
197 $mult = TRUE;
198 for ($i = 0; $i < $pieces_count; $i++) {
199 $a_sql_query = $pieces[$i];
200 if ($i == $pieces_count - 1 && eregi('^SELECT', $a_sql_query)) {
201 $complete_query = $sql_query;
202 $sql_query = $a_sql_query;
203 include('./sql.php3');
204 exit();
205 }
206 $result = PMA_mysql_query($a_sql_query);
207 if ($result == FALSE) { // readdump failed
208 $my_die = $a_sql_query;
209 break;
210 }
211 if (!isset($reload) && eregi('^(DROP|CREATE)[[:space:]]+(IF EXISTS[[:space:]]+)?(TABLE|DATABASE)[[:space:]]+(.+)', $a_sql_query)) {
212 $reload = 1;
213 }
214 } // end for
215 } // end else if
216 } // end if (really run the query)
217 unset($pieces);
218 } // end if
219
220
221
222 /**
223 * MySQL error
224 */
225 if (isset($my_die)) {
226 $js_to_run = 'functions.js';
227 include('./header.inc.php3');
228 PMA_mysqlDie('', $my_die, '', $err_url . '&TEST');
229 }
230
231
232 /**
233 * Go back to the calling script
234 */
235 // Checks for a valid target script
236 if (isset($table) && $table == '') {
237 unset($table);
238 }
239 if (isset($db) && $db == '') {
240 unset($db);
241 }
242 $is_db = $is_table = FALSE;
243 if ($goto == 'tbl_properties.php3') {
244 if (!isset($table)) {
245 $goto = 'db_details.php3';
246 } else {
247 PMA_mysql_select_db($db);
248 $is_table = @PMA_mysql_query('SHOW TABLES LIKE \'' . PMA_sqlAddslashes($table, TRUE) . '\'');
249 if (!($is_table && @mysql_numrows($is_table))) {
250 $goto = 'db_details.php3';
251 unset($table);
252 }
253 } // end if... else...
254 }
255 if ($goto == 'db_details.php3') {
256 if (isset($table)) {
257 unset($table);
258 }
259 if (!isset($db)) {
260 $goto = 'main.php3';
261 } else {
262 $is_db = @PMA_mysql_select_db($db);
263 if (!$is_db) {
264 $goto = 'main.php3';
265 unset($db);
266 }
267 } // end if... else...
268 }
269 // Defines the message to be displayed
270 if (!empty($id_bookmark) && $action_bookmark == 2) {
271 $message = $strBookmarkDeleted;
272 } else if (!isset($sql_query_cpy)) {
273 $message = $strNoQuery;
274 } else if ($sql_query_cpy == '') {
275 $message = "$strSuccess&nbsp;:<br />$strTheContent ($pieces_count $strInstructions)&nbsp;";
276 } else {
277 $message = $strSuccess;
278 }
279 // Loads to target script
280 if ($goto == 'db_details.php3' || $goto == 'tbl_properties.php3') {
281 $js_to_run = 'functions.js';
282 }
283 if ($goto != 'main.php3') {
284 include('./header.inc.php3');
285 }
286 $active_page = $goto;
287 require('./' . $goto);
288 ?>
Drizzle / GSOC 2011