search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix check for encrypted file (bug #1596304).
[phpmyadmin/crack.git] / import.php
blobbcb613f186da645790ffccd34c736cda02345280
1 <?php
2 /* $Id$ */
3 // vim: expandtab sw=4 ts=4 sts=4:
4
5 /* Core script for import, this is just the glue around all other stuff */
6
7 /**
8 * Get the variables sent or posted to this script and a core script
9 */
10 require_once('./libraries/common.lib.php');
11 $js_to_run = 'functions.js';
12
13 // default values
14 $GLOBALS['reload'] = false;
15
16 // Are we just executing plain query or sql file? (eg. non import, but query box/window run)
17 if (!empty($sql_query)) {
18 // run SQL query
19 $import_text = $sql_query;
20 $import_type = 'query';
21 $format = 'sql';
22
23 // refresh left frame on changes in table or db structure
24 if (preg_match('/^(CREATE|ALTER|DROP)\s+(VIEW|TABLE|DATABASE|SCHEMA)\s+/i', $sql_query)) {
25 $GLOBALS['reload'] = true;
26 }
27
28 unset($sql_query);
29 } elseif (!empty($sql_localfile)) {
30 // run SQL file on server
31 $local_import_file = $sql_localfile;
32 $import_type = 'queryfile';
33 $format = 'sql';
34 unset($sql_localfile);
35 } elseif (!empty($sql_file)) {
36 // run uploaded SQL file
37 $import_file = $sql_file;
38 $import_type = 'queryfile';
39 $format = 'sql';
40 unset($sql_file);
41 } elseif (!empty($id_bookmark)) {
42 // run bookmark
43 $import_type = 'query';
44 $format = 'sql';
45 }
46
47 // If we didn't get any parameters, either user called this directly, or
48 // upload limit has been reached, let's assume the second possibility.
49 if ($_POST == array() && $_GET == array()) {
50 require_once('./libraries/header.inc.php');
51 $show_error_header = TRUE;
52 PMA_showMessage(sprintf($strUploadLimit, '[a@./Documentation.html#faq1_16@_blank]', '[/a]'));
53 require('./libraries/footer.inc.php');
54 }
55
56 // Check needed parameters
57 PMA_checkParameters(array('import_type', 'format'));
58
59 // We don't want anything special in format
60 $format = PMA_securePath($format);
61
62 // Import functions
63 require_once('./libraries/import.lib.php');
64
65 // Create error and goto url
66 if ($import_type == 'table') {
67 $err_url = 'tbl_import.php?' . PMA_generate_common_url($db, $table);
68 $goto = 'tbl_import.php';
69 } elseif ($import_type == 'database') {
70 $err_url = 'db_import.php?' . PMA_generate_common_url($db);
71 $goto = 'db_import.php';
72 } elseif ($import_type == 'server') {
73 $err_url = 'server_import.php?' . PMA_generate_common_url();
74 $goto = 'server_import.php';
75 } else {
76 if (empty($goto) || !preg_match('@^(server|db|tbl)(_[a-z]*)*\.php$@i', $goto)) {
77 if (isset($table) && isset($db)) {
78 $goto = 'tbl_structure.php';
79 } elseif (isset($db)) {
80 $goto = 'db_structure.php';
81 } else {
82 $goto = 'server_sql.php';
83 }
84 }
85 if (isset($table) && isset($db)) {
86 $common = PMA_generate_common_url($db, $table);
87 } elseif (isset($db)) {
88 $common = PMA_generate_common_url($db);
89 } else {
90 $common = PMA_generate_common_url();
91 }
92 $err_url = $goto
93 . '?' . $common
94 . (preg_match('@^tbl_[a-z]*\.php$@', $goto) ? '&amp;table=' . urlencode($table) : '');
95 }
96
97
98 if (isset($db)) {
99 PMA_DBI_select_db($db);
100 }
101
102 @set_time_limit($cfg['ExecTimeLimit']);
103 if (!empty($cfg['MemoryLimit'])) {
104 @ini_set('memory_limit', $cfg['MemoryLimit']);
105 }
106
107 $timestamp = time();
108 if (isset($allow_interrupt)) {
109 $maximum_time = ini_get('max_execution_time');
110 } else {
111 $maximum_time = 0;
112 }
113
114 // set default values
115 $timeout_passed = FALSE;
116 $error = FALSE;
117 $read_multiply = 1;
118 $finished = FALSE;
119 $offset = 0;
120 $max_sql_len = 0;
121 $file_to_unlink = '';
122 $sql_query = '';
123 $sql_query_disabled = FALSE;
124 $go_sql = FALSE;
125 $executed_queries = 0;
126 $run_query = TRUE;
127 $charset_conversion = FALSE;
128 $reset_charset = FALSE;
129 $bookmark_created = FALSE;
130
131 // Bookmark Support: get a query back from bookmark if required
132 if (!empty($id_bookmark)) {
133 require_once('./libraries/bookmark.lib.php');
134 switch ($action_bookmark) {
135 case 0: // bookmarked query that have to be run
136 $import_text = PMA_queryBookmarks($db, $cfg['Bookmark'], $id_bookmark, 'id', isset($action_bookmark_all));
137 if (isset($bookmark_variable) && !empty($bookmark_variable)) {
138 $import_text = preg_replace('|/\*(.*)\[VARIABLE\](.*)\*/|imsU', '${1}' . PMA_sqlAddslashes($bookmark_variable) . '${2}', $import_text);
139 }
140
141 // refresh left frame on changes in table or db structure
142 if (preg_match('/^(CREATE|ALTER|DROP)\s+(VIEW|TABLE|DATABASE|SCHEMA)\s+/i', $import_text)) {
143 $GLOBALS['reload'] = true;
144 }
145
146 break;
147 case 1: // bookmarked query that have to be displayed
148 $import_text = PMA_queryBookmarks($db, $cfg['Bookmark'], $id_bookmark);
149 $run_query = FALSE;
150 break;
151 case 2: // bookmarked query that have to be deleted
152 $import_text = PMA_queryBookmarks($db, $cfg['Bookmark'], $id_bookmark);
153 PMA_deleteBookmarks($db, $cfg['Bookmark'], $id_bookmark);
154 $run_query = FALSE;
155 $error = TRUE; // this is kind of hack to skip processing the query
156 break;
157 }
158 } // end bookmarks reading
159
160 // Do no run query if we show PHP code
161 if (isset($GLOBALS['show_as_php'])) {
162 $run_query = FALSE;
163 $go_sql = TRUE;
164 }
165
166 // Store the query as a bookmark before executing it if bookmarklabel was given
167 if (!empty($bkm_label) && !empty($import_text)) {
168 require_once('./libraries/bookmark.lib.php');
169 $bfields = array(
170 'dbase' => $db,
171 'user' => $cfg['Bookmark']['user'],
172 'query' => urlencode($import_text),
173 'label' => $bkm_label
174 );
175
176 // Should we replace bookmark?
177 if (isset($bkm_replace)) {
178 $bookmarks = PMA_listBookmarks($db, $cfg['Bookmark']);
179 foreach ($bookmarks as $key => $val) {
180 if ($val == $bkm_label) {
181 PMA_deleteBookmarks($db, $cfg['Bookmark'], $key);
182 }
183 }
184 }
185
186 PMA_addBookmarks($bfields, $cfg['Bookmark'], isset($bkm_all_users));
187
188 $bookmark_created = TRUE;
189 } // end store bookmarks
190
191 // We can not read all at once, otherwise we can run out of memory
192 $memory_limit = trim(@ini_get('memory_limit'));
193 // 2 MB as default
194 if (empty($memory_limit)) {
195 $memory_limit = 2 * 1024 * 1024;
196 }
197 // In case no memory limit we work on 10MB chunks
198 if ($memory_limit = -1) {
199 $memory_limit = 10 * 1024 * 1024;
200 }
201
202 // Calculate value of the limit
203 if (strtolower(substr($memory_limit, -1)) == 'm') {
204 $memory_limit = (int)substr($memory_limit, 0, -1) * 1024 * 1024;
205 } elseif (strtolower(substr($memory_limit, -1)) == 'k') {
206 $memory_limit = (int)substr($memory_limit, 0, -1) * 1024;
207 } elseif (strtolower(substr($memory_limit, -1)) == 'g') {
208 $memory_limit = (int)substr($memory_limit, 0, -1) * 1024 * 1024 * 1024;
209 } else {
210 $memory_limit = (int)$memory_limit;
211 }
212
213 $read_limit = $memory_limit / 8; // Just to be sure, there might be lot of memory needed for uncompression
214
215 // handle filenames
216 if (!empty($local_import_file) && !empty($cfg['UploadDir'])) {
217
218 // sanitize $local_import_file as it comes from a POST
219 $local_import_file = PMA_securePath($local_import_file);
220
221 $import_file = PMA_userDir($cfg['UploadDir']) . $local_import_file;
222 } elseif (empty($import_file) || !is_uploaded_file($import_file)) {
223 $import_file = 'none';
224 }
225
226 // Do we have file to import?
227 if ($import_file != 'none' && !$error) {
228 // work around open_basedir and other limitations
229 $open_basedir = @ini_get('open_basedir');
230
231 // If we are on a server with open_basedir, we must move the file
232 // before opening it. The doc explains how to create the "./tmp"
233 // directory
234
235 if (!empty($open_basedir)) {
236
237 $tmp_subdir = (PMA_IS_WINDOWS ? '.\\tmp\\' : './tmp/');
238
239 // function is_writeable() is valid on PHP3 and 4
240 if (is_writeable($tmp_subdir)) {
241 $import_file_new = $tmp_subdir . basename($import_file);
242 if (move_uploaded_file($import_file, $import_file_new)) {
243 $import_file = $import_file_new;
244 $file_to_unlink = $import_file_new;
245 }
246 }
247 }
248
249 // Handle file compression
250 $compression = PMA_detectCompression($import_file);
251 if ($compression === FALSE) {
252 $message = $strFileCouldNotBeRead;
253 $show_error_header = TRUE;
254 $error = TRUE;
255 } else {
256 switch ($compression) {
257 case 'application/bzip2':
258 if ($cfg['BZipDump'] && @function_exists('bzopen')) {
259 $import_handle = @bzopen($import_file, 'r');
260 } else {
261 $message = sprintf($strUnsupportedCompressionDetected, $compression);
262 $show_error_header = TRUE;
263 $error = TRUE;
264 }
265 break;
266 case 'application/gzip':
267 if ($cfg['GZipDump'] && @function_exists('gzopen')) {
268 $import_handle = @gzopen($import_file, 'r');
269 } else {
270 $message = sprintf($strUnsupportedCompressionDetected, $compression);
271 $show_error_header = TRUE;
272 $error = TRUE;
273 }
274 break;
275 case 'application/zip':
276 if ($cfg['GZipDump'] && @function_exists('gzinflate')) {
277 include_once('./libraries/unzip.lib.php');
278 $import_handle = new SimpleUnzip();
279 $import_handle->ReadFile($import_file);
280 if ($import_handle->Count() == 0) {
281 $message = $strNoFilesFoundInZip;
282 $show_error_header = TRUE;
283 $error = TRUE;
284 } elseif ($import_handle->GetError(0) != 0) {
285 $message = $strErrorInZipFile . ' ' . $import_handle->GetErrorMsg(0);
286 $show_error_header = TRUE;
287 $error = TRUE;
288 } else {
289 $import_text = $import_handle->GetData(0);
290 }
291 // We don't need to store it further
292 $import_handle = '';
293 } else {
294 $message = sprintf($strUnsupportedCompressionDetected, $compression);
295 $show_error_header = TRUE;
296 $error = TRUE;
297 }
298 break;
299 case 'none':
300 $import_handle = @fopen($import_file, 'r');
301 break;
302 default:
303 $message = sprintf($strUnsupportedCompressionDetected, $compression);
304 $show_error_header = TRUE;
305 $error = TRUE;
306 break;
307 }
308 }
309 if (!$error && $import_handle === FALSE) {
310 $message = $strFileCouldNotBeRead;
311 $show_error_header = TRUE;
312 $error = TRUE;
313 }
314 } elseif (!$error) {
315 if (!isset($import_text) || empty($import_text)) {
316 $message = $strNoDataReceived;
317 $show_error_header = TRUE;
318 $error = TRUE;
319 }
320 }
321
322 // Convert the file's charset if necessary
323 if ($cfg['AllowAnywhereRecoding'] && $allow_recoding
324 && isset($charset_of_file)) {
325 if ($charset_of_file != $charset) {
326 $charset_conversion = TRUE;
327 }
328 } elseif (PMA_MYSQL_INT_VERSION >= 40100
329 && isset($charset_of_file) && $charset_of_file != 'utf8') {
330 PMA_DBI_query('SET NAMES \'' . $charset_of_file . '\'');
331 // We can not show query in this case, it is in different charset
332 $sql_query_disabled = TRUE;
333 $reset_charset = TRUE;
334 }
335
336 // Something to skip?
337 if (!$error && isset($skip)) {
338 $original_skip = $skip;
339 while ($skip > 0) {
340 PMA_importGetNextChunk($skip < $read_limit ? $skip : $read_limit);
341 $read_multiply = 1; // Disable read progresivity, otherwise we eat all memory!
342 $skip -= $read_limit;
343 }
344 unset($skip);
345 }
346
347 if (!$error) {
348 // Check for file existance
349 if (!file_exists('./libraries/import/' . $format . '.php')) {
350 $error = TRUE;
351 $message = $strCanNotLoadImportPlugins;
352 $show_error_header = TRUE;
353 } else {
354 // Do the real import
355 $plugin_param = $import_type;
356 require('./libraries/import/' . $format . '.php');
357 }
358 }
359
360 // Cleanup temporary file
361 if ($file_to_unlink != '') {
362 unlink($file_to_unlink);
363 }
364
365 // Reset charset back, if we did some changes
366 if ($reset_charset) {
367 PMA_DBI_query('SET CHARACTER SET utf8');
368 PMA_DBI_query('SET SESSION collation_connection =\'' . $collation_connection . '\'');
369 }
370
371 // Show correct message
372 if (!empty($id_bookmark) && $action_bookmark == 2) {
373 $message = $strBookmarkDeleted;
374 $display_query = $import_text;
375 $error = FALSE; // unset error marker, it was used just to skip processing
376 } elseif (!empty($id_bookmark) && $action_bookmark == 1) {
377 $message = $strShowingBookmark;
378 } elseif ($bookmark_created) {
379 $special_message = '[br]' . sprintf($strBookmarkCreated, htmlspecialchars($bkm_label));
380 } elseif ($finished && !$error) {
381 if ($import_type == 'query') {
382 $message = $strSuccess;
383 } else {
384 $message = sprintf($strImportSuccessfullyFinished, $executed_queries);
385 }
386 }
387
388 // Did we hit timeout? Tell it user.
389 if ($timeout_passed) {
390 $message = $strTimeoutPassed;
391 if ($offset == 0 || (isset($original_skip) && $original_skip == $offset)) {
392 $message .= ' ' . $strTimeoutNothingParsed;
393 }
394 }
395
396 // Parse and analyze the query, for correct db and table name
397 // in case of a query typed in the query window
398 require_once('./libraries/parse_analyze.lib.php');
399
400 // There was an error?
401 if (isset($my_die)) {
402 foreach ($my_die AS $key => $die) {
403 PMA_mysqlDie($die['error'], $die['sql'], '', $err_url, $error);
404 }
405 }
406
407 if ($go_sql) {
408 if (isset($_GET['pos'])) {
409 // comes from the Refresh link
410 $pos = $_GET['pos'];
411 } else {
412 // Set pos to zero to possibly append limit
413 $pos = 0;
414 }
415 require('./sql.php');
416 } else {
417 $active_page = $goto;
418 require('./' . $goto);
419 }
420 exit();
421 ?>
Drizzle / GSOC 2011