RFE #7000385: Export AUTO_INCREMENT field.
[phpmyadmin/crack.git] / main.php3
blob568252a8ab016ff47ab49a15cb684a9f5ef842ff
1 <?php
2 /* $Id$ */
3 // vim: expandtab sw=4 ts=4 sts=4:
5 /**
6 * Don't display the page heading
7 */
8 define('PMA_DISPLAY_HEADING', 0);
10 /**
11 * Gets some core libraries and displays a top message if required
13 if (!defined('PMA_GRAB_GLOBALS_INCLUDED')) {
14 include('./libraries/grab_globals.lib.php3');
16 if (!defined('PMA_COMMON_LIB_INCLUDED')) {
17 include('./libraries/common.lib.php3');
19 // Puts the language to use in a cookie that will expire in 30 days
20 if (!isset($pma_uri_parts)) {
21 $pma_uri_parts = parse_url($cfg['PmaAbsoluteUri']);
22 $cookie_path = substr($pma_uri_parts['path'], 0, strrpos($pma_uri_parts['path'], '/'));
23 $is_https = ($pma_uri_parts['scheme'] == 'https') ? 1 : 0;
25 setcookie('lang', $lang, time() + 60*60*24*30, $cookie_path, '', $is_https);
26 // Defines the "item" image depending on text direction
27 $item_img = 'images/item_' . $text_dir . '.png';
28 // Handles some variables that may have been sent by the calling script
29 if (isset($db)) {
30 unset($db);
32 if (isset($table)) {
33 unset($table);
35 $show_query = '1';
36 require('./header.inc.php3');
37 if (isset($message)) {
38 PMA_showMessage($message);
40 else if (isset($reload) && $reload) {
41 // Reloads the navigation frame via JavaScript if required
42 echo "\n";
44 <script type="text/javascript" language="javascript1.2">
45 <!--
46 window.parent.frames['nav'].location.replace('./left.php3?<?php echo PMA_generate_common_url('', '', '&'); ?>');
47 //-->
48 </script>
49 <?php
51 echo "\n";
54 /**
55 * Displays the welcome message and the server informations
58 <h1><?php echo sprintf($strWelcome, ' phpMyAdmin ' . PMA_VERSION); ?></h1>
60 <?php
61 // Don't display server info if $server == 0 (no server selected)
62 // loic1: modified in order to have a valid words order whatever is the
63 // language used
64 if ($server > 0) {
65 // robbat2: Use the verbose name of the server instead of the hostname
66 // if a value is set
67 if(!empty($cfg['Server']['verbose'])) {
68 $server_info = $cfg['Server']['verbose'];
69 } else {
70 $server_info = $cfg['Server']['host'];
72 $server_info .= (empty($cfg['Server']['port']) ? '' : ':' . $cfg['Server']['port']);
73 // loic1: skip this because it's not a so good idea to display sockets
74 // used to everybody
75 // if (!empty($cfg['Server']['socket']) && PMA_PHP_INT_VERSION >= 30010) {
76 // $server_info .= ':' . $cfg['Server']['socket'];
77 // }
78 $local_query = 'SELECT VERSION() as version, USER() as user';
79 $res = PMA_mysql_query($local_query) or PMA_mysqlDie('', $local_query, FALSE, '');
80 $mysql_cur_user_and_host = PMA_mysql_result($res, 0, 'user');
81 $mysql_cur_user = substr($mysql_cur_user_and_host, 0, strrpos($mysql_cur_user_and_host, '@'));
83 $full_string = str_replace('%pma_s1%', PMA_mysql_result($res, 0, 'version'), $strMySQLServerProcess);
84 $full_string = str_replace('%pma_s2%', $server_info, $full_string);
85 $full_string = str_replace('%pma_s3%', $mysql_cur_user_and_host, $full_string);
87 echo '<p><b>' . $full_string . '</b></p><br />' . "\n";
88 } // end if
91 /**
92 * Reload mysql (flush privileges)
94 if (($server > 0) && isset($mode) && ($mode == 'reload')) {
95 $result = PMA_mysql_query('FLUSH PRIVILEGES'); // Debug: or PMA_mysqlDie('', 'FLUSH PRIVILEGES', FALSE, 'main.php3?' . PMA_generate_common_url());
96 echo '<p><b>';
97 if ($result != 0) {
98 echo $strMySQLReloaded;
99 } else {
100 echo $strReloadFailed;
102 echo '</b></p>' . "\n\n";
107 * Displays the MySQL servers choice form
109 if ($server == 0 || count($cfg['Servers']) > 1) {
111 <!-- MySQL servers choice form -->
112 <table>
113 <tr>
114 <th><?php echo $strServerChoice; ?></th>
115 </tr>
116 <tr>
117 <td>
118 <form method="post" action="index.php3" target="_parent">
119 <select name="server">
120 <?php
121 echo "\n";
122 reset($cfg['Servers']);
123 while (list($key, $val) = each($cfg['Servers'])) {
124 if (!empty($val['host'])) {
125 echo ' <option value="' . $key . '"';
126 if (!empty($server) && ($server == $key)) {
127 echo ' selected="selected"';
129 echo '>';
130 if (!empty($val['verbose'])) {
131 echo $val['verbose'];
132 } else {
133 echo $val['host'];
134 if (!empty($val['port'])) {
135 echo ':' . $val['port'];
137 // loic1: skip this because it's not a so good idea to display
138 // sockets used to everybody
139 // if (!empty($val['socket']) && PMA_PHP_INT_VERSION >= 30010) {
140 // echo ':' . $val['socket'];
141 // }
143 // loic1: if 'only_db' is an array and there is more than one
144 // value, displaying such informations may not be a so good
145 // idea
146 if (!empty($val['only_db'])) {
147 echo ' - ' . (is_array($val['only_db']) ? implode(', ', $val['only_db']) : $val['only_db']);
149 if (!empty($val['user']) && ($val['auth_type'] == 'config')) {
150 echo ' (' . $val['user'] . ')';
152 echo '&nbsp;</option>' . "\n";
153 } // end if (!empty($val['host']))
154 } // end while
156 </select>
157 <input type="hidden" name="lang" value="<?php echo $lang; ?>" />
158 <input type="hidden" name="convcharset" value="<?php echo $convcharset; ?>" />
159 <input type="submit" value="<?php echo $strGo; ?>" />
160 </form>
161 </td>
162 </tr>
163 </table>
164 <br />
165 <?php
166 } // end of the servers choice form
169 <!-- MySQL and phpMyAdmin related links -->
170 <table>
171 <tr>
173 <?php
175 * Displays the mysql server related links
177 $is_superuser = FALSE;
178 if ($server > 0) {
179 // Get user's global privileges ($dbh and $userlink are links to MySQL
180 // defined in the "common.lib.php3" library)
181 $is_create_priv = FALSE;
182 $is_process_priv = TRUE;
183 $is_reload_priv = FALSE;
184 $is_superuser = @PMA_mysql_query('USE mysql', $userlink);
185 if ($dbh) {
186 $local_query = 'SELECT Create_priv, Process_priv, Reload_priv FROM mysql.user WHERE User = \'' . PMA_sqlAddslashes($mysql_cur_user) . '\'';
187 $rs_usr = PMA_mysql_query($local_query, $dbh); // Debug: or PMA_mysqlDie('', $local_query, FALSE);
188 if ($rs_usr) {
189 while ($result_usr = PMA_mysql_fetch_array($rs_usr)) {
190 if (!$is_create_priv) {
191 $is_create_priv = ($result_usr['Create_priv'] == 'Y');
193 /* 02-12-09 rabus: Every user has access to the process list -
194 at least to its own :-)
195 if (!$is_process_priv) {
196 $is_process_priv = ($result_usr['Process_priv'] == 'Y');
199 if (!$is_reload_priv) {
200 $is_reload_priv = ($result_usr['Reload_priv'] == 'Y');
202 } // end while
203 mysql_free_result($rs_usr);
204 } // end if
205 } // end if
207 // If the user has Create priv on a inexistant db, show him in the dialog
208 // the first inexistant db name that we find, in most cases it's probably
209 // the one he just dropped :)
210 if (!$is_create_priv) {
211 $local_query = 'SELECT DISTINCT Db FROM mysql.db WHERE Create_priv = \'Y\' AND User = \'' . PMA_sqlAddslashes($mysql_cur_user) . '\'';
212 $rs_usr = PMA_mysql_query($local_query, $dbh); // Debug: or PMA_mysqlDie('', $local_query, FALSE);
213 if ($rs_usr) {
214 $re0 = '(^|(\\\\\\\\)+|[^\])'; // non-escaped wildcards
215 $re1 = '(^|[^\])(\\\)+'; // escaped wildcards
216 while ($row = PMA_mysql_fetch_array($rs_usr)) {
217 if (ereg($re0 . '(%|_)', $row['Db'])
218 || (!PMA_mysql_select_db(ereg_replace($re1 . '(%|_)', '\\1\\3', $row['Db']), $userlink) && @mysql_errno() != 1044)) {
219 $db_to_create = ereg_replace($re0 . '%', '\\1...', ereg_replace($re0 . '_', '\\1?', $row['Db']));
220 $db_to_create = ereg_replace($re1 . '(%|_)', '\\1\\3', $db_to_create);
221 $is_create_priv = TRUE;
222 break;
223 } // end if
224 } // end while
225 mysql_free_result($rs_usr);
226 } // end if
227 else if (PMA_MYSQL_INT_VERSION >= 32304) {
228 // Finally, let's try to get the user's privileges by using SHOW
229 // GRANTS...
230 // Maybe we'll find a little CREATE priv there :)
231 $local_query = 'SHOW GRANTS FOR ' . $mysql_cur_user_and_host;
232 $rs_usr = PMA_mysql_query($local_query, $dbh);
233 if (!$rs_usr) {
234 // OK, now we'd have to guess the user's hostname, but we
235 // only try out the 'username'@'%' case.
236 $local_query = 'SHOW GRANTS FOR ' . $mysql_cur_user;
237 $rs_usr = PMA_mysql_query($local_query, $dbh);
239 if ($rs_usr) {
240 $re0 = '(^|(\\\\\\\\)+|[^\])'; // non-escaped wildcards
241 $re1 = '(^|[^\])(\\\)+'; // escaped wildcards
242 while ($row = PMA_mysql_fetch_row($rs_usr)) {
243 $show_grants_dbname = substr($row[0], strpos($row[0], ' ON ') + 4,(strpos($row[0], '.', strpos($row[0], ' ON ')) - strpos($row[0], ' ON ') - 4));
244 $show_grants_str = substr($row[0],6,(strpos($row[0],' ON ')-6));
245 if (($show_grants_str == 'ALL') || ($show_grants_str == 'ALL PRIVILEGES') || ($show_grants_str == 'CREATE') || strpos($show_grants_str, 'CREATE')) {
246 if ($show_grants_dbname == '*') {
247 $is_create_priv = TRUE;
248 $db_to_create = '';
249 break;
250 } // end if
251 else if (ereg($re0 . '%|_', $show_grants_dbname) || !PMA_mysql_select_db($show_grants_dbname, $userlink) && @mysql_errno() != 1044) {
252 $db_to_create = ereg_replace($re0 . '%', '\\1...', ereg_replace($re0 . '_', '\\1?', $show_grants_dbname));
253 $db_to_create = ereg_replace($re1 . '(%|_)', '\\1\\3', $db_to_create);
254 $is_create_priv = TRUE;
255 break;
256 } // end elseif
257 } // end if
258 } // end while
259 unset($show_grants_dbname);
260 unset($show_grants_str);
261 mysql_free_result($rs_usr);
262 } // end if
263 } // end elseif
264 } // end if
265 else {
266 $db_to_create = '';
267 } // end else
269 if (!$cfg['SuggestDBName']) {
270 $db_to_create = '';
273 $common_url_query = PMA_generate_common_url();
275 if ($is_superuser) {
276 $cfg['ShowMysqlInfo'] = TRUE;
277 $cfg['ShowMysqlVars'] = TRUE;
278 $cfg['ShowChgPassword'] = TRUE;
280 if ($cfg['Server']['auth_type'] == 'config') {
281 $cfg['ShowChgPassword'] = FALSE;
284 // loic1: Displays the MySQL column only if at least one feature has to be
285 // displayed
286 if ($is_superuser || $is_create_priv || $is_process_priv || $is_reload_priv
287 || $cfg['ShowMysqlInfo'] || $cfg['ShowMysqlVars'] || $cfg['ShowChgPassword']
288 || $cfg['Server']['auth_type'] != 'config') {
290 <!-- MySQL server related links -->
291 <td valign="top" align="<?php echo $cell_align_left; ?>">
292 <table>
293 <tr>
294 <th colspan="2">&nbsp;&nbsp;MySQL</th>
295 </tr>
296 <?php
297 // The user is allowed to create a db
298 if ($is_create_priv) {
299 echo "\n";
301 <!-- db creation form -->
302 <tr>
303 <td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
304 <td>
305 <form method="post" action="db_create.php3">
306 <?php echo $strCreateNewDatabase . '&nbsp;' . PMA_showMySQLDocu('Reference', 'CREATE_DATABASE'); ?><br />
307 <?php echo PMA_generate_common_hidden_inputs(); ?>
308 <input type="hidden" name="reload" value="1" />
309 <input type="text" name="db" value="<?php echo $db_to_create; ?>" maxlength="64" class="textfield" />
310 <input type="submit" value="<?php echo $strCreate; ?>" />
311 </form>
312 </td>
313 </tr>
314 <?php
315 } else {
316 echo "\n";
318 <!-- db creation no privileges message -->
319 <tr>
320 <td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
321 <td>
322 <?php echo $strCreateNewDatabase . ':&nbsp;' . PMA_showMySQLDocu('Reference', 'CREATE_DATABASE'); ?><br />
323 <?php echo '<i>' . $strNoPrivileges .'</i>'; ?><br />
324 </td>
325 </tr>
326 <?php
327 } // end create db form or message
328 echo "\n";
330 // Server related links
332 <!-- server-related links -->
333 <?php
334 if ($cfg['ShowMysqlInfo']) {
335 echo "\n";
337 <tr>
338 <td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
339 <td>
340 <a href="./server_status.php3?<?php echo $common_url_query; ?>">
341 <?php echo $strMySQLShowStatus . "\n"; ?>
342 </a>
343 </td>
344 </tr>
345 <?php
346 } // end if
347 if ($cfg['ShowMysqlVars']) {
348 echo "\n";
350 <tr>
351 <td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
352 <td>
353 <a href="./server_variables.php3?<?php echo $common_url_query; ?>">
354 <?php echo $strMySQLShowVars;?></a>&nbsp;
355 <?php echo PMA_showMySQLDocu('MySQL_Database_Administration', 'SHOW_VARIABLES') . "\n"; ?>
356 </td>
357 </tr>
358 <?php
361 // if ($is_process_priv) {
362 echo "\n";
364 <tr>
365 <td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
366 <td>
367 <a href="./server_processlist.php3?<?php echo $common_url_query; ?>">
368 <?php echo $strMySQLShowProcess; ?></a>&nbsp;
369 <?php echo PMA_showMySQLDocu('MySQL_Database_Administration', 'SHOW_PROCESSLIST') . "\n"; ?>
370 </td>
371 </tr>
372 <?php
373 // } // end if
375 if ($is_reload_priv) {
376 echo "\n";
378 <tr>
379 <td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
380 <td>
381 <a href="main.php3?<?php echo $common_url_query; ?>&amp;mode=reload">
382 <?php echo $strReloadMySQL; ?></a>&nbsp;
383 <?php echo PMA_showMySQLDocu('MySQL_Database_Administration', 'FLUSH') . "\n"; ?>
384 </td>
385 </tr>
386 <?php
389 if ($is_superuser) {
390 echo "\n";
392 <tr>
393 <td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
394 <td>
395 <a href="server_privileges.php3?<?php echo $common_url_query; ?>">
396 <?php echo $strPrivileges; ?></a>&nbsp;
397 </td>
398 </tr>
399 <?php
402 <tr>
403 <td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
404 <td>
405 <a href="./server_databases.php3?<?php echo $common_url_query; ?>">
406 <?php echo $strDatabases; ?></a>
407 </td>
408 </tr>
409 <?php
411 // Change password (needs another message)
412 if ($cfg['ShowChgPassword']) {
413 echo "\n";
415 <tr>
416 <td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
417 <td>
418 <a href="user_password.php3?<?php echo $common_url_query; ?>">
419 <?php echo ($strChangePassword); ?></a>
420 </td>
421 </tr>
422 <?php
423 } // end if
425 // Logout for advanced authentication
426 if ($cfg['Server']['auth_type'] != 'config') {
427 $http_logout = ($cfg['Server']['auth_type'] == 'http')
428 ? "\n" . ' <a href="./Documentation.html#login_bug" target="documentation">(*)</a>'
429 : '';
430 echo "\n";
432 <tr>
433 <td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
434 <td>
435 <a href="index.php3?<?php echo $common_url_query; ?>&amp;old_usr=<?php echo urlencode($PHP_AUTH_USER); ?>" target="_parent">
436 <b><?php echo $strLogout; ?></b></a>&nbsp;<?php echo $http_logout . "\n"; ?>
437 </td>
438 </tr>
439 <?php
440 } // end if
441 echo "\n";
443 </table>
444 </td>
446 <td>&nbsp;&nbsp;&nbsp;&nbsp;</td>
447 <?php
448 } // end if
449 } // end of if ($server > 0)
450 echo "\n";
454 * Displays the phpMyAdmin related links
458 <!-- phpMyAdmin related links -->
459 <td valign="top" align="<?php echo $cell_align_left; ?>">
460 <table>
461 <tr>
462 <th colspan="2">&nbsp;&nbsp;phpMyAdmin</th>
463 </tr>
465 <?php
466 // Displays language selection combo
467 if (empty($cfg['Lang'])) {
469 <!-- Language Selection -->
470 <tr>
471 <td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
472 <td nowrap="nowrap">
473 <form method="post" action="index.php3" target="_parent">
474 <input type="hidden" name="convcharset" value="<?php echo $convcharset; ?>" />
475 <input type="hidden" name="server" value="<?php echo $server; ?>" />
476 Language <a href="./translators.html" target="documentation">(*)</a>:
477 <select name="lang" dir="ltr" onchange="this.form.submit();">
478 <?php
479 echo "\n";
482 * Sorts available languages by their true names
484 * @param array the array to be sorted
485 * @param mixed a required parameter
487 * @return the sorted array
489 * @access private
491 function PMA_cmp(&$a, $b)
493 return (strcmp($a[1], $b[1]));
494 } // end of the 'PMA_cmp()' function
496 uasort($available_languages, 'PMA_cmp');
497 reset($available_languages);
498 while (list($id, $tmplang) = each($available_languages)) {
499 $lang_name = ucfirst(substr(strstr($tmplang[0], '|'), 1));
500 if ($lang == $id) {
501 $selected = ' selected="selected"';
502 } else {
503 $selected = '';
505 echo ' ';
506 echo '<option value="' . $id . '"' . $selected . '>' . $lang_name . ' (' . $id . ')</option>' . "\n";
509 </select>
510 <noscript><input type="submit" value="Go" /></noscript>
511 </form>
512 </td>
513 </tr>
514 <?php
517 if (isset($cfg['AllowAnywhereRecoding']) && $cfg['AllowAnywhereRecoding']
518 && $allow_recoding) {
519 echo "\n";
521 <!-- Charset Selection -->
522 <tr>
523 <td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
524 <td nowrap="nowrap">
525 <form method="post" action="index.php3" target="_parent">
526 <input type="hidden" name="server" value="<?php echo $server; ?>" />
527 <input type="hidden" name="lang" value="<?php echo $lang; ?>" />
528 <?php echo $strMySQLCharset;?>:
529 <select name="convcharset" dir="ltr" onchange="this.form.submit();">
530 <?php
531 echo "\n";
532 reset($cfg['AvailableCharsets']);
533 while (list($id, $tmpcharset) = each($cfg['AvailableCharsets'])) {
534 if ($convcharset == $tmpcharset) {
535 $selected = ' selected="selected"';
536 } else {
537 $selected = '';
539 echo ' ';
540 echo '<option value="' . $tmpcharset . '"' . $selected . '>' . $tmpcharset . '</option>' . "\n";
543 </select>
544 <noscript><input type="submit" value="Go" /></noscript>
545 </form>
546 </td>
547 </tr>
548 <?php
550 echo "\n";
553 <!-- Documentation -->
554 <tr>
555 <td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
556 <td>
557 <a href="Documentation.html" target="documentation"><b><?php echo $strPmaDocumentation; ?></b></a>
558 </td>
559 </tr>
561 <?php
562 if ($is_superuser || $cfg['ShowPhpInfo']) {
564 <!-- PHP Information -->
565 <tr>
566 <td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
567 <td>
568 <a href="phpinfo.php3" target="_new"><?php echo $strShowPHPInfo; ?></a>
569 </td>
570 </tr>
571 <?php
573 echo "\n";
576 <!-- phpMyAdmin related urls -->
577 <tr>
578 <td valign="baseline"><img src="<?php echo $item_img; ?>" width="7" height="7" alt="item" /></td>
579 <td>
580 <a href="http://www.phpMyAdmin.net/" target="_new"><?php echo $strHomepageOfficial; ?></a><br />
581 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;[<a href="ChangeLog" target="_new">ChangeLog</a>]
582 &nbsp;&nbsp;&nbsp;[<a href="http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/phpmyadmin/phpMyAdmin/" target="_new">CVS</a>]
583 &nbsp;&nbsp;&nbsp;[<a href="http://sourceforge.net/mail/?group_id=23067" target="_new">Lists</a>]
584 </td>
585 </tr>
586 </table>
587 </td>
589 </tr>
590 </table>
593 <?php
595 * Displays the "empty $cfg['PmaAbsoluteUri'] warning"
597 if ($display_pmaAbsoluteUri_warning) {
598 echo '<p class="warning">' . $strPmaUriError . '</p>' . "\n";
602 * Warning if using the default MySQL privileged account
604 if ($server != 0
605 && $cfg['Server']['user'] == 'root'
606 && $cfg['Server']['password'] == '') {
607 echo '<p class="warning">' . $strInsecureMySQL . '</p>' . "\n";
611 * Warning for PHP 4.2.3
614 if (PMA_PHP_INT_VERSION == 40203 && @extension_loaded('mbstring')) {
615 echo '<p class="warning">' . $strPHP40203 . '</p>' . "\n";
619 * Displays the footer
621 echo "\n";
622 require('./footer.inc.php3');