search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
lang
[phpmyadmin/crack.git] / libraries / common.lib.php3
blob61497ceb92d33a1a39611b8c533796df0dce4fac
1 <?php
2 /* $Id$ */
3
4
5 /**
6 * Misc stuff and functions used by almost all the scripts.
7 * Among other things, it contains the advanced authentification work.
8 */
9
10
11
12 if (!defined('PMA_COMMON_LIB_INCLUDED')){
13 define('PMA_COMMON_LIB_INCLUDED', 1);
14
15 /**
16 * Order of sections for common.lib.php3:
17 *
18 * in PHP3, functions and constants must be physically defined
19 * before they are referenced
20 *
21 * some functions need the constants of libraries/defines.lib.php3
22 * and defines_php.lib.php3
23 *
24 * the PMA_setFontSizes() function must be before the call to the
25 * libraries/auth/cookie.auth.lib.php3 library
26 *
27 * the include of libraries/defines.lib.php3 must be after the connection
28 * to db to get the MySql version
29 *
30 * the PMA_sqlAddslashes() function must be before the connection to db
31 *
32 * the authentication libraries must be before the connection to db but
33 * after the PMA_isInto() function
34 *
35 * the PMA_mysqlDie() function must be before the connection to db but
36 * after mysql extension has been loaded
37 *
38 * the PMA_mysqlDie() function needs the PMA_format_sql() Function
39 *
40 * ... so the required order is:
41 *
42 * - parsing of the configuration file
43 * - first load of the libraries/define.lib.php3 library (won't get the
44 * MySQL release number)
45 * - load of mysql extension (if necessary)
46 * - definition of PMA_sqlAddslashes()
47 * - definition of PMA_format_sql()
48 * - definition of PMA_mysqlDie()
49 * - definition of PMA_isInto()
50 * - definition of PMA_setFontSizes()
51 * - loading of an authentication library
52 * - db connection
53 * - authentication work
54 * - second load of the libraries/define.lib.php3 library to get the MySQL
55 * release number)
56 * - other functions, respecting dependencies
57 */
58
59
60 /**
61 * Avoids undefined variables in PHP3
62 */
63 if (!isset($use_backquotes)) {
64 $use_backquotes = 0;
65 }
66 if (!isset($pos)) {
67 $pos = 0;
68 }
69
70 /**
71 * Parses the configuration file and gets some constants used to define
72 * versions of phpMyAdmin/php/mysql...
73 */
74 $old_error_reporting = error_reporting(0);
75 if (!include('./config.inc.php3')) {
76 // Creates fake settings
77 $cfg = array('DefaultLang' => 'en');
78 // Loads the laguage file
79 include('./libraries/select_lang.lib.php3');
80 // Sends the Content-Type header
81 header('Content-Type: text/html; charset=' . $charset);
82 // Displays the error message
83 ?>
84 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
85 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
86 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="<?php echo $available_languages[$lang][2]; ?>" lang="<?php echo $available_languages[$lang][2]; ?>" dir="<?php echo $text_dir; ?>">
87
88 <head>
89 <title>phpMyAdmin</title>
90 <meta http-equiv="Content-Type" content="text/html; charset=<?php echo $charset; ?>" />
91 <style type="text/css">
92 <!--
93 body {font-family: sans-serif; font-size: small; color: #000000; background-color: #F5F5F5}
94 h1 {font-family: sans-serif; font-size: large; font-weight: bold}
95 //-->
96 </style>
97 </head>
98
99
100 <body bgcolor="#ffffff">
101 <h1>phpMyAdmin - <?php echo $strError; ?></h1>
102 <p>
103 <?php echo $strConfigFileError; ?><br /><br />
104 <a href="config.inc.php3" target="_blank">config.inc.php3</a>
105 </p>
106 </body>
107
108 </html>
109 <?php
110 exit();
111 }
112 error_reporting($old_error_reporting);
113 unset($old_error_reporting);
114
115 /**
116 * Reads in the developer edition config file. This is used exclusively during
117 * the development cycle of PMA, to prevent the accident of the developers ever
118 * submitting their config.inc.php3 file.
119 */
120 if (file_exists('./config.inc.developer.php3')) {
121 include('./config.inc.developer.php3');
122 }
123
124 /**
125 * Include MySQL wrappers.
126 */
127 include('./libraries/mysql_wrappers.lib.php3');
128
129 /**
130 * Gets constants that defines the PHP version number.
131 * This include must be located physically before any code that needs to
132 * reference the constants, else PHP 3.0.16 won't be happy.
133 */
134 include('./libraries/defines_php.lib.php3');
135
136 /**
137 * Charset conversion.
138 */
139 include('./libraries/charset_conversion.lib.php3');
140
141 /**
142 * Gets constants that defines the MySQL version number.
143 * This include must be located physically before any code that needs to
144 * reference the constants, else PHP 3.0.16 won't be happy; and must be
145 * located after we are connected to db to get the MySql version (see
146 * below).
147 */
148 include('./libraries/defines.lib.php3');
149
150
151 // For compatibility with old config.inc.php3
152 if (!isset($cfg['FileRevision']) || (int) substr($cfg['FileRevision'], 13, 3) < 120) {
153 include('./libraries/config_import.lib.php3');
154 }
155
156 // If zlib output compression is set in the php configuration file, no
157 // output buffering should be run
158 if (PMA_PHP_INT_VERSION < 40000
159 || (PMA_PHP_INT_VERSION >= 40005 && @ini_get('zlib.output_compression'))) {
160 $cfg['OBGzip'] = FALSE;
161 }
162
163
164 /**
165 * Loads the mysql extensions if it is not loaded yet
166 * staybyte - 26. June 2001
167 */
168 if (((PMA_PHP_INT_VERSION >= 40000 && !@ini_get('safe_mode') && @ini_get('enable_dl'))
169 || (PMA_PHP_INT_VERSION < 40000 && PMA_PHP_INT_VERSION > 30009 && !@get_cfg_var('safe_mode')))
170 && @function_exists('dl')) {
171 if (PMA_PHP_INT_VERSION < 40000) {
172 $extension = 'MySQL';
173 } else {
174 $extension = 'mysql';
175 }
176 if (PMA_IS_WINDOWS) {
177 $suffix = '.dll';
178 } else {
179 $suffix = '.so';
180 }
181 if (!@extension_loaded($extension)) {
182 @dl($extension.$suffix);
183 }
184 if (!@extension_loaded($extension)) {
185 echo $strCantLoadMySQL;
186 exit();
187 }
188 } // end load mysql extension
189
190
191 /**
192 * Add slashes before "'" and "\" characters so a value containing them can
193 * be used in a sql comparison.
194 *
195 * @param string the string to slash
196 * @param boolean whether the string will be used in a 'LIKE' clause
197 * (it then requires two more escaped sequences) or not
198 *
199 * @return string the slashed string
200 *
201 * @access public
202 */
203 function PMA_sqlAddslashes($a_string = '', $is_like = FALSE)
204 {
205 if ($is_like) {
206 $a_string = str_replace('\\', '\\\\\\\\', $a_string);
207 } else {
208 $a_string = str_replace('\\', '\\\\', $a_string);
209 }
210 $a_string = str_replace('\'', '\\\'', $a_string);
211
212 return $a_string;
213 } // end of the 'PMA_sqlAddslashes()' function
214
215
216 /**
217 * format sql strings
218 *
219 * @param string sql
220 *
221 * @return string the formatted sql
222 *
223 * @global array the configuration array
224 * @global boolean whether the current statement is a multiple one or not
225 *
226 * @access public
227 *
228 * @author Mike Beck <mikebeck@users.sourceforge.net>
229 */
230 function PMA_format_sql ($sql) {
231 global $cfg, $mult;
232
233 // lem9: bypass this function for now
234 return $sql;
235
236 $sfuncs = '^' . implode('$|^', $cfg['Functions']) . '$';
237 $skeyw = '^' . implode('$|^', $cfg['keywords']) . '$';
238 $scoltype = '^' . implode('$|^', $cfg['ColumnTypes']) . '$';
239 $add = '^' . implode('$|^', $cfg['additional']) . '$';
240
241 // First of all lets remove all newlines - we'll add our own later
242 $sql = str_replace("\n", ' ', $sql);
243 // There should always be blanks around = and after , ()
244 // fixme - i would like to replace ';' with '; ' but then i need
245 // to know how to do that without getting ; within strings as well
246 $sql = str_replace('=', ' = ', $sql);
247 $sql = str_replace(',', ', ', $sql);
248 $sql = str_replace(')', ' ) ', $sql);
249 $sql = str_replace('(', ' ( ', $sql);
250
251 // Now split everything by the blanks
252 $sql_parts = explode(' ', $sql);
253 // Start a loop over the parts check each word and put them back into
254 // $sql
255 unset($sql);
256 $s_nr = 0;
257
258 while (list($num, $word) = each($sql_parts)) {
259 // We might have added to many blanks when checking for = and,
260 // which might lead to empty members in the array
261 if (strlen($word) == 0) {
262 continue;
263 }
264 $is_string = FALSE;
265
266 // Anything inside quots might be more than one word
267 // so as we splitted by the blanks we have to try to get those
268 // parts back together
269 if ((substr($word, 0, 1) == '\'' || substr($word, 0, 1) == '"')
270 && !isset($temp)) {
271 // start of a string
272 $temp = $word;
273 $is_string = TRUE;
274 } else {
275 if (isset($temp)) {
276 // We are continuing a string
277 $temp .= $word;
278 $is_string = TRUE;
279 }
280 } // end if... else...
281
282 if (substr($word, strlen($word) - 1, 1) == '\''
283 || substr($word, strlen($word) - 1, 1) == '"') {
284 // End of a String
285 $word = '<font color="' . $cfg['colorStrings'] . '">' . htmlspecialchars($temp) . '</font>';
286 unset($temp);
287 // Debug echo "fertig " . $word . '<br />';
288 $is_string = FALSE;
289 } // end if
290
291 if (!isset($is_string) || $is_string == FALSE) {
292 // No String
293 if (eregi($sfuncs, $word)) {
294 $word = '<font color="' . $cfg['colorFunctions'].'">' . htmlspecialchars($word) . '</font>';
295 } else if (eregi($skeyw, $word)) {
296 $word = '<font color="' . $cfg['colorKeywords'].'">' . htmlspecialchars($word) . '</font>';
297 if (!isset($mult) || $mult != TRUE) {
298 $word = "\n" . $word;
299 }
300 } else if (eregi($scoltype, $word)) {
301 $word = '<font color="' . $cfg['colorColType'].'">' . htmlspecialchars($word) . '</font>';
302 } else if (eregi($add, $word)) {
303 $word = '<font color="' . $cfg['colorAdd'].'">' . htmlspecialchars($word) . '</font>';
304 } else if ($word == '(') {
305 if (isset($brack_o)) {
306 $skey = count($brack_o);
307 } else {
308 $skey = 0;
309 }
310 $brack_o[$skey] = $s_nr;
311 } else if ($word == ')') {
312 if (isset($brack_o)) {
313 unset($brack_o[count($brack_o) - 1]);
314 if (count($brack_o) == 0) {
315 unset($brack_o);
316 }
317 } else {
318 $brack_c[] = $s_nr;
319 }
320 } else if ($word == ';') {
321 $word = ';' . "\n";
322 }
323 }
324
325 if (!isset($temp) || strlen($temp) == 0) {
326 $sql_p[$s_nr] = $word;
327 $s_nr++;
328 }
329 } // end while
330
331 if (isset($brack_o)) {
332 while (list($num, $elem) = each($brack_o)) {
333 $sql_p[$elem] = '<font color="red">' . $sql_p[$elem] . '</font>';
334 echo '<br /><font color="red">' . $GLOBALS['strMissingBracket'] . '</font><br />';
335 }
336 }
337
338 if (isset($brack_c)) {
339 while (list($num, $elem) = each($brack_c)) {
340 $sql_p[$elem] = '<font color="red">' . $sql_p[$elem] . '</font>';
341 echo '<br /><font color="red">' . $GLOBALS['strMissingBracket'] . '</font><br />';
342 }
343 }
344
345 $sql = implode(' ', $_sql_p);
346 $sql = ereg_replace("((\015\012)|(\015)|(\012))+", '<br />', $sql);
347 $sql = ereg_replace('<br />[ ]*<br />', '<br />', $sql);
348
349 return $sql;
350 } // end of the "PMA_format_sql()" function
351
352
353 /**
354 * Displays a MySQL error message in the right frame.
355 *
356 * @param string the error mesage
357 * @param string the sql query that failed
358 * @param boolean whether to show a "modify" link or not
359 * @param string the "back" link url (full path is not required)
360 *
361 * @global array the configuration array
362 *
363 * @access public
364 */
365 function PMA_mysqlDie($error_message = '', $the_query = '',
366 $is_modify_link = TRUE, $back_url = '')
367 {
368 global $cfg;
369
370 if (empty($GLOBALS['is_header_sent'])) {
371 // rabus: If we include header.inc.php3 here, we get a huge set of
372 // "Undefined variable" errors (see bug #549570)!
373 include('./header.inc.php3');
374 }
375
376 if (!$error_message) {
377 $error_message = PMA_mysql_error();
378 }
379 if (!$the_query && !empty($GLOBALS['sql_query'])) {
380 $the_query = $GLOBALS['sql_query'];
381 }
382
383 echo '<p><b>'. $GLOBALS['strError'] . '</b></p>' . "\n";
384 // if the config password is wrong, or the MySQL server does not
385 // respond, do not show the query that would reveal the
386 // username/password
387 if (!empty($the_query) && !strstr($the_query, 'connect')) {
388 $query_base = htmlspecialchars($the_query);
389 $query_base = ereg_replace("((\015\012)|(\015)|(\012)){3,}", "\n\n", $query_base);
390 echo '<p>' . "\n";
391 echo ' ' . $GLOBALS['strSQLQuery'] . '&nbsp;:&nbsp;' . "\n";
392 if ($is_modify_link) {
393 echo ' ['
394 . '<a href="db_details.php3?lang=' . $GLOBALS['lang'] . '&amp;convcharset=' . $GLOBALS['convcharset'] . '&amp;server=' . urlencode($GLOBALS['server']) . '&amp;db=' . urlencode($GLOBALS['db']) . '&amp;sql_query=' . urlencode($the_query) . '&amp;show_query=y">' . $GLOBALS['strEdit'] . '</a>'
395 . ']' . "\n";
396 } // end if
397 echo '<p>' . "\n"
398 . ' ' . ($cfg['UseSyntaxColoring'] ? PMA_format_sql($query_base) : $query_base) . "\n"
399 . '</p>' . "\n";
400 } // end if
401 if (!empty($error_message)) {
402 $error_message = htmlspecialchars($error_message);
403 $error_message = ereg_replace("((\015\012)|(\015)|(\012)){3,}", "\n\n", $error_message);
404 }
405 echo '<p>' . "\n";
406 echo ' ' . $GLOBALS['strMySQLSaid'] . '<br />' . "\n";
407 echo '<pre>' . "\n" . $error_message . "\n" . '</pre>' . "\n";
408 echo '</p>' . "\n";
409 if (!empty($back_url)) {
410 echo '<a href="' . $back_url . '">' . $GLOBALS['strBack'] . '</a>';
411 }
412 echo "\n";
413
414 include('./footer.inc.php3');
415 exit();
416 } // end of the 'PMA_mysqlDie()' function
417
418
419 /**
420 * Defines whether a string exists inside an array or not
421 *
422 * @param string string to search for
423 * @param mixed array to search into
424 *
425 * @return integer the rank of the $toFind string in the array or '-1' if
426 * it hasn't been found
427 *
428 * @access public
429 */
430 function PMA_isInto($toFind = '', &$in)
431 {
432 $max = count($in);
433 for ($i = 0; $i < $max && ($toFind != $in[$i]); $i++) {
434 // void();
435 }
436
437 return ($i < $max) ? $i : -1;
438 } // end of the 'PMA_isInto()' function
439
440
441 /**
442 * Determines the font sizes to use depending on the os and browser of the
443 * user.
444 *
445 * This function is based on an article from phpBuilder (see
446 * http://www.phpbuilder.net/columns/tim20000821.php3).
447 *
448 * @return boolean always true
449 *
450 * @global string the standard font size
451 * @global string the font size for titles
452 * @global string the small font size
453 * @global string the smallest font size
454 *
455 * @access public
456 *
457 * @version 1.1
458 */
459 function PMA_setFontSizes()
460 {
461 global $font_size, $font_bigger, $font_smaller, $font_smallest;
462
463 // IE (<6)/Opera for win case: needs smaller fonts than anyone else
464 if (PMA_USR_OS == 'Win'
465 && ((PMA_USR_BROWSER_AGENT == 'IE' && PMA_USR_BROWSER_VER < 6) || PMA_USR_BROWSER_AGENT == 'OPERA')) {
466 $font_size = 'x-small';
467 $font_bigger = 'large';
468 $font_smaller = '90%';
469 $font_smallest = '7pt';
470 }
471 // IE6 and other browsers for win case
472 else if (PMA_USR_OS == 'Win') {
473 $font_size = 'small';
474 $font_bigger = 'large';
475 $font_smaller = (PMA_USR_BROWSER_AGENT == 'IE')
476 ? '90%'
477 : 'x-small';
478 $font_smallest = 'x-small';
479 }
480 // Some mac browsers need also smaller default fonts size (OmniWeb &
481 // Opera)...
482 else if (PMA_USR_OS == 'Mac'
483 && (PMA_USR_BROWSER_AGENT == 'OMNIWEB' || PMA_USR_BROWSER_AGENT == 'OPERA')) {
484 $font_size = 'x-small';
485 $font_bigger = 'large';
486 $font_smaller = '90%';
487 $font_smallest = '7pt';
488 }
489 // ... but most of them (except IE 5+ & NS 6+) need bigger fonts
490 else if (PMA_USR_OS == 'Mac'
491 && ((PMA_USR_BROWSER_AGENT != 'IE' && PMA_USR_BROWSER_AGENT != 'MOZILLA')
492 || PMA_USR_BROWSER_VER < 5)) {
493 $font_size = 'medium';
494 $font_bigger = 'x-large';
495 $font_smaller = 'small';
496 $font_smallest = 'x-small';
497 }
498 // OS/2 browser
499 else if (PMA_USR_OS == 'OS/2'
500 && PMA_USR_BROWSER_AGENT == 'OPERA') {
501 $font_size = 'small';
502 $font_bigger = 'medium';
503 $font_smaller = 'x-small';
504 $font_smallest = 'x-small';
505 }
506 else {
507 $font_size = 'small';
508 $font_bigger = 'large';
509 $font_smaller = 'x-small';
510 $font_smallest = 'x-small';
511 }
512
513 return true;
514 } // end of the 'PMA_setFontSizes()' function
515
516
517 /**
518 * $cfg['PmaAbsoluteUri'] is a required directive else cookies won't be
519 * set properly and, depending on browsers, inserting or updating a
520 * record might fail
521 */
522 $display_pmaAbsoluteUri_warning = 0;
523
524 // Olivier: Setup a default value to let the people and lazy syadmins
525 // work anyway, but display a big warning on the main.php3
526 // page.
527 if (empty($cfg['PmaAbsoluteUri'])) {
528 $port_in_HTTP_HOST = (strpos($HTTP_SERVER_VARS['HTTP_HOST'], ':') > 0);
529 $cfg['PmaAbsoluteUri'] = (!empty($HTTP_SERVER_VARS['HTTPS']) ? 'https' : 'http') . '://'
530 . $HTTP_SERVER_VARS['HTTP_HOST']
531 . ((!empty($HTTP_SERVER_VARS['SERVER_PORT']) && !$port_in_HTTP_HOST) ? ':' . $HTTP_SERVER_VARS['SERVER_PORT'] : '')
532 . substr($PHP_SELF, 0, strrpos($PHP_SELF, '/') + 1);
533 // We display the warning by default, but not if it is disabled thru
534 // via the $cfg['PmaAbsoluteUri_DisableWarning'] variable.
535 // This is intended for sysadmins that actually want the default
536 // behaviour of auto-detection due to their setup.
537 // See the mailing list message:
538 // http://sourceforge.net/mailarchive/forum.php?thread_id=859093&forum_id=2141
539 if ($cfg['PmaAbsoluteUri_DisableWarning'] === FALSE) {
540 $display_pmaAbsoluteUri_warning = 1;
541 }
542 }
543 // Adds a trailing slash et the end of the phpMyAdmin uri if it does not
544 // exist
545 else if (substr($cfg['PmaAbsoluteUri'], -1) != '/') {
546 $cfg['PmaAbsoluteUri'] .= '/';
547 }
548
549
550 /**
551 * Make sure $cfg['DefaultTabDatabase'] and $cfg['DefaultTabTable'] are set.
552 * Todo: check if it is set to a *valid* value.
553 */
554 if (empty($cfg['DefaultTabDatabase'])) {
555 $cfg['DefaultTabDatabase'] = 'db_details_structure.php3';
556 }
557
558 if (empty($cfg['DefaultTabTable'])) {
559 $cfg['DefaultTabTable'] = 'tbl_properties_structure.php3';
560 }
561
562
563 /**
564 * Use mysql_connect() or mysql_pconnect()?
565 */
566 $connect_func = ($cfg['PersistentConnections']) ? 'mysql_pconnect' : 'mysql_connect';
567 $dblist = array();
568
569
570 /**
571 * Gets the valid servers list and parameters
572 */
573 reset($cfg['Servers']);
574 while (list($key, $val) = each($cfg['Servers'])) {
575 // Don't use servers with no hostname
576 if (empty($val['host'])) {
577 unset($cfg['Servers'][$key]);
578 }
579 }
580
581 if (empty($server) || !isset($cfg['Servers'][$server]) || !is_array($cfg['Servers'][$server])) {
582 $server = $cfg['ServerDefault'];
583 }
584
585
586 /**
587 * If no server is selected, make sure that $cfg['Server'] is empty (so
588 * that nothing will work), and skip server authentication.
589 * We do NOT exit here, but continue on without logging into any server.
590 * This way, the welcome page will still come up (with no server info) and
591 * present a choice of servers in the case that there are multiple servers
592 * and '$cfg['ServerDefault'] = 0' is set.
593 */
594 if ($server == 0) {
595 $cfg['Server'] = array();
596 }
597
598 /**
599 * Otherwise, set up $cfg['Server'] and do the usual login stuff.
600 */
601 else if (isset($cfg['Servers'][$server])) {
602 $cfg['Server'] = $cfg['Servers'][$server];
603
604 // Check how the config says to connect to the server
605 $server_port = (empty($cfg['Server']['port']))
606 ? ''
607 : ':' . $cfg['Server']['port'];
608 if (strtolower($cfg['Server']['connect_type']) == 'tcp') {
609 $cfg['Server']['socket'] = '';
610 }
611 $server_socket = (empty($cfg['Server']['socket']) || PMA_PHP_INT_VERSION < 30010)
612 ? ''
613 : ':' . $cfg['Server']['socket'];
614
615 // Gets the authentication library that fits the $cfg['Server'] settings
616 // and run authentication
617 include('./libraries/auth/' . $cfg['Server']['auth_type'] . '.auth.lib.php3');
618 if (!PMA_auth_check()) {
619 PMA_auth();
620 } else {
621 PMA_auth_set_user();
622 }
623
624 // Check IP-based Allow/Deny rules as soon as possible to reject the
625 // user
626 // Based on mod_access in Apache:
627 // http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/aaa/mod_access.c?rev=1.37&content-type=text/vnd.viewcvs-markup
628 // Look at: "static int check_dir_access(request_rec *r)"
629 // Robbat2 - May 10, 2002
630 if (isset($cfg['Server']['AllowDeny']) && $cfg['Server']['AllowDeny']['order']) {
631 include('./libraries/ip_allow_deny.lib.php3');
632
633 $allowDeny_forbidden = FALSE; // default
634 if ($cfg['Server']['AllowDeny']['order'] == 'allow,deny') {
635 $allowDeny_forbidden = TRUE;
636 if (PMA_allowDeny('allow')) {
637 $allowDeny_forbidden = FALSE;
638 }
639 if (PMA_allowDeny('deny')) {
640 $allowDeny_forbidden = TRUE;
641 }
642 } else if ($cfg['Server']['AllowDeny']['order'] == 'deny,allow') {
643 if (PMA_allowDeny('deny')) {
644 $allowDeny_forbidden = TRUE;
645 }
646 if (PMA_allowDeny('allow')) {
647 $allowDeny_forbidden = FALSE;
648 }
649 } else if ($cfg['Server']['AllowDeny']['order'] == 'explicit') {
650 if (PMA_allowDeny('allow')
651 && !PMA_allowDeny('deny')) {
652 $allowDeny_forbidden = FALSE;
653 } else {
654 $allowDeny_forbidden = TRUE;
655 }
656 } // end if... else if... else if
657
658 // Ejects the user if banished
659 if ($allowDeny_forbidden) {
660 PMA_auth_fails();
661 }
662 unset($allowDeny_forbidden); //Clean up after you!
663 } // end if
664
665 // The user can work with only some databases
666 if (isset($cfg['Server']['only_db']) && $cfg['Server']['only_db'] != '') {
667 if (is_array($cfg['Server']['only_db'])) {
668 $dblist = $cfg['Server']['only_db'];
669 } else {
670 $dblist[] = $cfg['Server']['only_db'];
671 }
672 } // end if
673
674 if (PMA_PHP_INT_VERSION >= 40000) {
675 $bkp_track_err = @ini_set('track_errors', 1);
676 }
677
678 // Try to connect MySQL with the control user profile (will be used to
679 // get the privileges list for the current user but the true user link
680 // must be open after this one so it would be default one for all the
681 // scripts)
682 if ($cfg['Server']['controluser'] != '') {
683 $dbh = @$connect_func(
684 $cfg['Server']['host'] . $server_port . $server_socket,
685 $cfg['Server']['controluser'],
686 $cfg['Server']['controlpass']
687 );
688 if ($dbh == FALSE) {
689 if (PMA_mysql_error()) {
690 $conn_error = PMA_mysql_error();
691 } else if (isset($php_errormsg)) {
692 $conn_error = $php_errormsg;
693 } else {
694 $conn_error = 'Cannot connect: invalid settings.';
695 }
696 $local_query = $connect_func . '('
697 . $cfg['Server']['host'] . $server_port . $server_socket . ', '
698 . $cfg['Server']['controluser'] . ', '
699 . $cfg['Server']['controlpass'] . ')';
700 if (empty($GLOBALS['is_header_sent'])) {
701 include('./header.inc.php3');
702 }
703 PMA_mysqlDie($conn_error, $local_query, FALSE);
704 } // end if
705 } // end if
706
707 // Pass #1 of DB-Config to read in master level DB-Config will go here
708 // Robbat2 - May 11, 2002
709
710 // Connects to the server (validates user's login)
711 $userlink = @$connect_func(
712 $cfg['Server']['host'] . $server_port . $server_socket,
713 $cfg['Server']['user'],
714 $cfg['Server']['password']
715 );
716 if ($userlink == FALSE) {
717 PMA_auth_fails();
718 } // end if
719
720 // Pass #2 of DB-Config to read in user level DB-Config will go here
721 // Robbat2 - May 11, 2002
722
723 if (PMA_PHP_INT_VERSION >= 40000) {
724 @ini_set('track_errors', $bkp_track_err);
725 }
726
727 // If controluser isn't defined, use the current user settings to get
728 // his rights
729 if ($cfg['Server']['controluser'] == '') {
730 $dbh = $userlink;
731 }
732
733 // Runs the "defines.lib.php3" for the second time to get the mysql
734 // release number
735 include('./libraries/defines.lib.php3');
736
737 // if 'only_db' is set for the current user, there is no need to check for
738 // available databases in the "mysql" db
739 $dblist_cnt = count($dblist);
740 if ($dblist_cnt) {
741 $true_dblist = array();
742 $is_show_dbs = TRUE;
743 for ($i = 0; $i < $dblist_cnt; $i++) {
744 if ($is_show_dbs && ereg('(^|[^\])(_|%)', $dblist[$i])) {
745 $local_query = 'SHOW DATABASES LIKE \'' . $dblist[$i] . '\'';
746 $rs = PMA_mysql_query($local_query, $dbh);
747 // "SHOW DATABASES" statement is disabled
748 if ($i == 0
749 && (PMA_mysql_error() && mysql_errno() == 1045)) {
750 $true_dblist[] = str_replace('\\_', '_', str_replace('\\%', '%', $dblist[$i]));
751 $is_show_dbs = FALSE;
752 }
753 // Debug
754 // else if (PMA_mysql_error()) {
755 // PMA_mysqlDie('', $local_query, FALSE);
756 // }
757 while ($row = @PMA_mysql_fetch_row($rs)) {
758 $true_dblist[] = $row[0];
759 } // end while
760 if ($rs) {
761 mysql_free_result($rs);
762 }
763 } else {
764 $true_dblist[] = str_replace('\\_', '_', str_replace('\\%', '%', $dblist[$i]));
765 } // end if... else...
766 } // end for
767 $dblist = $true_dblist;
768 unset($true_dblist);
769 } // end if
770
771 // 'only_db' is empty for the current user...
772 else {
773 // ... first checks whether the "safe_show_database" is on or not
774 // (if MYSQL supports this)
775 if (PMA_MYSQL_INT_VERSION >= 32330) {
776 $local_query = 'SHOW VARIABLES LIKE \'safe_show_database\'';
777 $rs = PMA_mysql_query($local_query, $dbh); // Debug: or PMA_mysqlDie('', $local_query, FALSE);
778 $is_safe_show_dbs = ($rs) ? @PMA_mysql_result($rs, 0, 'Value') : FALSE;
779
780 // ... and if on, try to get the available dbs list
781 if ($is_safe_show_dbs && strtoupper($is_safe_show_dbs) != 'OFF') {
782 $uva_alldbs = mysql_list_dbs($userlink);
783 while ($uva_row = PMA_mysql_fetch_array($uva_alldbs)) {
784 $dblist[] = $uva_row[0];
785 } // end while
786 $dblist_cnt = count($dblist);
787 unset($uva_alldbs);
788 mysql_free_result($rs);
789 } // end if ($is_safe_show_dbs)
790 } //end if (PMA_MYSQL_INT_VERSION)
791
792 // ... else checks for available databases in the "mysql" db
793 if (!$dblist_cnt) {
794 $auth_query = 'SELECT User, Select_priv '
795 . 'FROM mysql.user '
796 . 'WHERE User = \'' . PMA_sqlAddslashes($cfg['Server']['user']) . '\'';
797 $rs = PMA_mysql_query($auth_query, $dbh); // Debug: or PMA_mysqlDie('', $auth_query, FALSE);
798 } // end
799 } // end if (!$dblist_cnt)
800
801 // Access to "mysql" db allowed and dblist still empty -> gets the
802 // usable db list
803 if (!$dblist_cnt
804 && ($rs && @mysql_numrows($rs))) {
805 $row = PMA_mysql_fetch_array($rs);
806 mysql_free_result($rs);
807 // Correction uva 19991215
808 // Previous code assumed database "mysql" admin table "db" column
809 // "db" contains literal name of user database, and works if so.
810 // Mysql usage generally (and uva usage specifically) allows this
811 // column to contain regular expressions (we have all databases
812 // owned by a given student/faculty/staff beginning with user i.d.
813 // and governed by default by a single set of privileges with
814 // regular expression as key). This breaks previous code.
815 // This maintenance is to fix code to work correctly for regular
816 // expressions.
817 if ($row['Select_priv'] != 'Y') {
818
819 // 1. get allowed dbs from the "mysql.db" table
820 // lem9: User can be blank (anonymous user)
821 $local_query = 'SELECT DISTINCT Db FROM mysql.db WHERE Select_priv = \'Y\' AND (User = \'' . PMA_sqlAddslashes($cfg['Server']['user']) . '\' OR User = \'\')';
822 $rs = PMA_mysql_query($local_query, $dbh); // Debug: or PMA_mysqlDie('', $local_query, FALSE);
823 if ($rs && @mysql_numrows($rs)) {
824 // Will use as associative array of the following 2 code
825 // lines:
826 // the 1st is the only line intact from before
827 // correction,
828 // the 2nd replaces $dblist[] = $row['Db'];
829 $uva_mydbs = array();
830 // Code following those 2 lines in correction continues
831 // populating $dblist[], as previous code did. But it is
832 // now populated with actual database names instead of
833 // with regular expressions.
834 while ($row = PMA_mysql_fetch_array($rs)) {
835 // loic1: all databases cases - part 1
836 if (empty($row['Db']) || $row['Db'] == '%') {
837 $uva_mydbs['%'] = 1;
838 break;
839 }
840 // loic1: avoid multiple entries for dbs
841 if (!isset($uva_mydbs[$row['Db']])) {
842 $uva_mydbs[$row['Db']] = 1;
843 }
844 } // end while
845 mysql_free_result($rs);
846 $uva_alldbs = mysql_list_dbs($dbh);
847 // loic1: all databases cases - part 2
848 if (isset($uva_mydbs['%'])) {
849 while ($uva_row = PMA_mysql_fetch_array($uva_alldbs)) {
850 $dblist[] = $uva_row[0];
851 } // end while
852 } // end if
853 else {
854 while ($uva_row = PMA_mysql_fetch_array($uva_alldbs)) {
855 $uva_db = $uva_row[0];
856 if (isset($uva_mydbs[$uva_db]) && $uva_mydbs[$uva_db] == 1) {
857 $dblist[] = $uva_db;
858 $uva_mydbs[$uva_db] = 0;
859 } else if (!isset($dblist[$uva_db])) {
860 reset($uva_mydbs);
861 while (list($uva_matchpattern, $uva_value) = each($uva_mydbs)) {
862 // loic1: fixed bad regexp
863 // TODO: db names may contain characters
864 // that are regexp instructions
865 $re = '(^|(\\\\\\\\)+|[^\])';
866 $uva_regex = ereg_replace($re . '%', '\\1.*', ereg_replace($re . '_', '\\1.{1}', $uva_matchpattern));
867 // Fixed db name matching
868 // 2000-08-28 -- Benjamin Gandon
869 if (ereg('^' . $uva_regex . '$', $uva_db)) {
870 $dblist[] = $uva_db;
871 break;
872 }
873 } // end while
874 } // end if ... else if....
875 } // end while
876 } // end else
877 mysql_free_result($uva_alldbs);
878 unset($uva_mydbs);
879 } // end if
880
881 // 2. get allowed dbs from the "mysql.tables_priv" table
882 $local_query = 'SELECT DISTINCT Db FROM mysql.tables_priv WHERE Table_priv LIKE \'%Select%\' AND User = \'' . PMA_sqlAddslashes($cfg['Server']['user']) . '\'';
883 $rs = PMA_mysql_query($local_query, $dbh); // Debug: or PMA_mysqlDie('', $local_query, FALSE);
884 if ($rs && @mysql_numrows($rs)) {
885 while ($row = PMA_mysql_fetch_array($rs)) {
886 if (PMA_isInto($row['Db'], $dblist) == -1) {
887 $dblist[] = $row['Db'];
888 }
889 } // end while
890 mysql_free_result($rs);
891 } // end if
892 } // end if
893 } // end building available dbs from the "mysql" db
894
895 } // end server connecting
896
897 /**
898 * Missing server hostname
899 */
900 else {
901 echo $strHostEmpty;
902 }
903
904
905 /**
906 * Get the list and number of available databases.
907 *
908 * @param string the url to go back to in case of error
909 *
910 * @return boolean always true
911 *
912 * @global array the list of available databases
913 * @global integer the number of available databases
914 */
915 function PMA_availableDatabases($error_url = '')
916 {
917 global $dblist;
918 global $num_dbs;
919
920 $num_dbs = count($dblist);
921
922 // 1. A list of allowed databases has already been defined by the
923 // authentification process -> gets the available databases list
924 if ($num_dbs) {
925 $true_dblist = array();
926 for ($i = 0; $i < $num_dbs; $i++) {
927 $dblink = @PMA_mysql_select_db($dblist[$i]);
928 if ($dblink) {
929 $true_dblist[] = $dblist[$i];
930 } // end if
931 } // end for
932 $dblist = array();
933 $dblist = $true_dblist;
934 unset($true_dblist);
935 $num_dbs = count($dblist);
936 } // end if
937
938 // 2. Allowed database list is empty -> gets the list of all databases
939 // on the server
940 else {
941 $dbs = mysql_list_dbs() or PMA_mysqlDie('', 'mysql_list_dbs()', FALSE, $error_url);
942 $num_dbs = ($dbs) ? @mysql_num_rows($dbs) : 0;
943 $real_num_dbs = 0;
944 for ($i = 0; $i < $num_dbs; $i++) {
945 $db_name_tmp = PMA_mysql_dbname($dbs, $i);
946 $dblink = @PMA_mysql_select_db($db_name_tmp);
947 if ($dblink) {
948 $dblist[] = $db_name_tmp;
949 $real_num_dbs++;
950 }
951 } // end for
952 mysql_free_result($dbs);
953 $num_dbs = $real_num_dbs;
954 } // end else
955
956 return TRUE;
957 } // end of the 'PMA_availableDatabases()' function
958
959
960
961 /* ----------------------- Set of misc functions ----------------------- */
962
963
964 /**
965 * Adds backquotes on both sides of a database, table or field name.
966 * Since MySQL 3.23.6 this allows to use non-alphanumeric characters in
967 * these names.
968 *
969 * @param mixed the database, table or field name to "backquote" or
970 * array of it
971 * @param boolean a flag to bypass this function (used by dump
972 * functions)
973 *
974 * @return mixed the "backquoted" database, table or field name if the
975 * current MySQL release is >= 3.23.6, the original one
976 * else
977 *
978 * @access public
979 */
980 function PMA_backquote($a_name, $do_it = TRUE)
981 {
982 if ($do_it
983 && PMA_MYSQL_INT_VERSION >= 32306
984 && !empty($a_name) && $a_name != '*') {
985
986 if (is_array($a_name)) {
987 $result = array();
988 reset($a_name);
989 while(list($key, $val) = each($a_name)) {
990 $result[$key] = '`' . $val . '`';
991 }
992 return $result;
993 } else {
994 return '`' . $a_name . '`';
995 }
996 } else {
997 return $a_name;
998 }
999 } // end of the 'PMA_backquote()' function
1000
1001
1002 /**
1003 * Format a string so it can be passed to a javascript function.
1004 * This function is used to displays a javascript confirmation box for
1005 * "DROP/DELETE/ALTER" queries.
1006 *
1007 * @param string the string to format
1008 * @param boolean whether to add backquotes to the string or not
1009 *
1010 * @return string the formated string
1011 *
1012 * @access public
1013 */
1014 function PMA_jsFormat($a_string = '', $add_backquotes = TRUE)
1015 {
1016 if (is_string($a_string)) {
1017 $a_string = str_replace('"', '&quot;', $a_string);
1018 $a_string = str_replace('\\', '\\\\', $a_string);
1019 $a_string = str_replace('\'', '\\\'', $a_string);
1020 $a_string = str_replace('#', '\\#', $a_string);
1021 $a_string = str_replace("\012", '\\\\n', $a_string);
1022 $a_string = str_replace("\015", '\\\\r', $a_string);
1023 }
1024
1025 return (($add_backquotes) ? PMA_backquote($a_string) : $a_string);
1026 } // end of the 'PMA_jsFormat()' function
1027
1028
1029 /**
1030 * Defines the <CR><LF> value depending on the user OS.
1031 *
1032 * @return string the <CR><LF> value to use
1033 *
1034 * @access public
1035 */
1036 function PMA_whichCrlf()
1037 {
1038 $the_crlf = "\n";
1039
1040 // The 'PMA_USR_OS' constant is defined in "./libraries/defines.lib.php3"
1041 // Win case
1042 if (PMA_USR_OS == 'Win') {
1043 $the_crlf = "\r\n";
1044 }
1045 // Mac case
1046 else if (PMA_USR_OS == 'Mac') {
1047 $the_crlf = "\r";
1048 }
1049 // Others
1050 else {
1051 $the_crlf = "\n";
1052 }
1053
1054 return $the_crlf;
1055 } // end of the 'PMA_whichCrlf()' function
1056
1057
1058 /**
1059 * Counts and displays the number of records in a table
1060 *
1061 * Last revision 13 July 2001: Patch for limiting dump size from
1062 * vinay@sanisoft.com & girish@sanisoft.com
1063 *
1064 * @param string the current database name
1065 * @param string the current table name
1066 * @param boolean whether to retain or to displays the result
1067 *
1068 * @return mixed the number of records if retain is required, true else
1069 *
1070 * @access public
1071 */
1072 function PMA_countRecords($db, $table, $ret = FALSE)
1073 {
1074 $result = PMA_mysql_query('SELECT COUNT(*) AS num FROM ' . PMA_backquote($db) . '.' . PMA_backquote($table));
1075 $num = ($result) ? PMA_mysql_result($result, 0, 'num') : 0;
1076 mysql_free_result($result);
1077 if ($ret) {
1078 return $num;
1079 } else {
1080 echo number_format($num, 0, $GLOBALS['number_decimal_separator'], $GLOBALS['number_thousands_separator']);
1081 return TRUE;
1082 }
1083 } // end of the 'PMA_countRecords()' function
1084
1085
1086 /**
1087 * Displays a message at the top of the "main" (right) frame
1088 *
1089 * @param string the message to display
1090 *
1091 * @global array the configuration array
1092 *
1093 * @access public
1094 */
1095 function PMA_showMessage($message)
1096 {
1097 global $cfg;
1098
1099 // Reloads the navigation frame via JavaScript if required
1100 if (isset($GLOBALS['reload']) && $GLOBALS['reload']) {
1101 echo "\n";
1102 $reload_url = './left.php3'
1103 . '?lang=' . $GLOBALS['lang']
1104 . '&convcharset=' . $GLOBALS['convcharset']
1105 . '&server=' . $GLOBALS['server']
1106 . ((!empty($GLOBALS['db'])) ? '&db=' . urlencode($GLOBALS['db']) : '');
1107 ?>
1108 <script type="text/javascript" language="javascript1.2">
1109 <!--
1110 window.parent.frames['nav'].location.replace('<?php echo $reload_url; ?>');
1111 //-->
1112 </script>
1113 <?php
1114 }
1115
1116 // Corrects the tooltip text via JS if required
1117 else if (isset($GLOBALS['table']) && $cfg['ShowTooltip'] && PMA_MYSQL_INT_VERSION >= 32303) {
1118 $result = @PMA_mysql_query('SHOW TABLE STATUS FROM ' . PMA_backquote($GLOBALS['db']) . ' LIKE \'' . PMA_sqlAddslashes($GLOBALS['table'], TRUE) . '\'');
1119 if ($result) {
1120 $tmp = PMA_mysql_fetch_array($result, MYSQL_ASSOC);
1121 $tooltip = (empty($tmp['Comment']))
1122 ? ''
1123 : $tmp['Comment'] . ' ';
1124 $tooltip .= '(' . $tmp['Rows'] . ' ' . $GLOBALS['strRows'] . ')';
1125 mysql_free_result($result);
1126 unset($tmp);
1127 $md5_tbl = md5($GLOBALS['table']);
1128 echo "\n";
1129 ?>
1130 <script type="text/javascript" language="javascript1.2">
1131 <!--
1132 if (typeof(document.getElementById) != 'undefined'
1133 && typeof(window.parent.frames['nav']) != 'undefined'
1134 && typeof(window.parent.frames['nav'].document.getElementById('<?php echo $md5_tbl; ?>')) != 'undefined'
1135 && typeof(window.parent.frames['nav'].document.getElementById('<?php echo $md5_tbl; ?>').title) == 'string') {
1136 window.parent.frames['nav'].document.getElementById('<?php echo $md5_tbl; ?>').title = '<?php echo PMA_jsFormat($tooltip, FALSE); ?>';
1137 }
1138 //-->
1139 </script>
1140 <?php
1141 } // end if
1142 } // end if... else if
1143
1144 echo "\n";
1145 ?>
1146 <div align="<?php echo $GLOBALS['cell_align_left']; ?>">
1147 <table border="<?php echo $cfg['Border']; ?>" cellpadding="5">
1148 <tr>
1149 <td bgcolor="<?php echo $cfg['ThBgcolor']; ?>">
1150 <b><?php echo (get_magic_quotes_gpc()) ? stripslashes($message) : $message; ?></b><br />
1151 </td>
1152 </tr>
1153 <?php
1154 if ($cfg['ShowSQL'] == TRUE && !empty($GLOBALS['sql_query'])) {
1155 // Basic url query part
1156 $url_qpart = '?convcharset=' . $GLOBALS['convcharset']
1157 . '&amp;lang=' . $GLOBALS['lang']
1158 . '&amp;server=' . $GLOBALS['server']
1159 . ((!empty($GLOBALS['db'])) ? '&amp;db=' . urlencode($GLOBALS['db']) : '')
1160 . ((!empty($GLOBALS['table'])) ? '&amp;table=' . urlencode($GLOBALS['table']) : '');
1161
1162 echo "\n";
1163 ?>
1164 <tr>
1165 <td bgcolor="<?php echo $cfg['BgcolorOne']; ?>">
1166 <?php
1167 echo "\n";
1168 // Html format the query to be displayed
1169 // The nl2br function isn't used because its result isn't a valid
1170 // xhtml1.0 statement before php4.0.5 ("<br>" and not "<br />")
1171 // If we want to show some sql code it is easiest to create it here
1172 $sqlnr = 1;
1173 if (!empty($GLOBALS['show_as_php'])) {
1174 $new_line = '&quot;;<br />' . "\n" . ' $sql .= &quot;';
1175 } else if ($cfg['UseSyntaxColoring'] == FALSE) {
1176 $new_line = '<br />' . "\n";
1177 }
1178 if (isset($new_line)) {
1179 $query_base = htmlspecialchars($GLOBALS['sql_query']);
1180 $query_base = ereg_replace("((\015\012)|(\015)|(\012))+", $new_line, $query_base);
1181 } else {
1182 $query_base = $GLOBALS['sql_query'];
1183 }
1184 if (!empty($GLOBALS['show_as_php'])) {
1185 $query_base = '$sql = &quot;' . $query_base;
1186 } else if ($cfg['UseSyntaxColoring']) {
1187 $query_base = PMA_format_sql($query_base);
1188 }
1189
1190 // Prepares links that may be displayed to edit/explain the query
1191 if (!isset($GLOBALS['show_query']) || $GLOBALS['show_query'] != 'y') {
1192 if (!isset($GLOBALS['goto'])) {
1193 $edit_target = (isset($GLOBALS['table'])) ? 'tbl_properties.php3' : 'db_details.php3';
1194 } else if ($GLOBALS['goto'] != 'main.php3') {
1195 $edit_target = $GLOBALS['goto'];
1196 } else {
1197 $edit_target = '';
1198 }
1199 if ($edit_target == 'tbl_properties.php3') {
1200 $edit_link = '<a href="tbl_properties.php3'
1201 . $url_qpart
1202 . '&amp;sql_query=' . urlencode($GLOBALS['sql_query']) . '&amp;show_query=y#querybox">' . $GLOBALS['strEdit'] . '</a>';
1203 } else if ($edit_target != '') {
1204 $edit_link = '<a href="db_details.php3'
1205 . $url_qpart
1206 . '&amp;sql_query=' . urlencode($GLOBALS['sql_query']) . '&amp;show_query=y#querybox">' . $GLOBALS['strEdit'] . '</a>';
1207 }
1208 // Want to have the query explained (Mike Beck 2002-05-22)
1209 // but only explain a SELECT (that has not been explained)
1210 if (eregi('^SELECT[[:space:]]+', $GLOBALS['sql_query'])) {
1211 $explain_link = '[<a href="sql.php3'
1212 . $url_qpart
1213 . '&amp;sql_query=' . urlencode('EXPLAIN ' . $GLOBALS['sql_query']) . '">' . $GLOBALS['strExplain'] . '</a>]&nbsp;';
1214 } else {
1215 $explain_link = '';
1216 }
1217 // Also we would like to get the SQL formed in some nice
1218 // php-code (Mike Beck 2002-05-22)
1219 if (!empty($GLOBALS['show_as_php'])) {
1220 $php_link = '<a href="sql.php3'
1221 . $url_qpart
1222 . '&amp;sql_query=' . urlencode($GLOBALS['sql_query']) . '&amp;show_as_php=0">' . $GLOBALS['strNoPhp'] . '</a>';
1223 } else {
1224 $php_link = '<a href="sql.php3'
1225 . $url_qpart
1226 . '&amp;sql_query=' . urlencode($GLOBALS['sql_query']) . '&amp;show_as_php=1">' . $GLOBALS['strPhp'] . '</a>';
1227 }
1228 } // end if (prepare links)
1229
1230 // Displays the message
1231 echo ' ' . $GLOBALS['strSQLQuery'] . '&nbsp;:';
1232 if (!empty($edit_target)) {
1233 echo '&nbsp;[' . $edit_link . ']&nbsp;' . $explain_link . '[' . $php_link . ']<br />' . "\n";
1234 } else {
1235 echo '<br />' . "\n";
1236 }
1237 echo ' ' . $query_base;
1238 // If a 'LIMIT' clause has been programatically added to the query
1239 // displays it
1240 if (!empty($GLOBALS['sql_limit_to_append'])) {
1241 if($cfg['UseSyntaxColoring']) {
1242 echo PMA_format_sql($GLOBALS['sql_limit_to_append']);
1243 } else {
1244 echo $GLOBALS['sql_limit_to_append'];
1245 }
1246 }
1247 if (!empty($GLOBALS['show_as_php'])) {
1248 echo '&quot;;';
1249 }
1250 echo "\n";
1251 ?>
1252 </td>
1253 </tr>
1254 <?php
1255 }
1256 echo "\n";
1257 ?>
1258 </table>
1259 </div><br />
1260 <?php
1261 } // end of the 'PMA_showMessage()' function
1262
1263
1264 /**
1265 * Displays a link to the official MySQL documentation (short)
1266 *
1267 * @param string an anchor to move to
1268 *
1269 * @return string the html link
1270 *
1271 * @access public
1272 */
1273 function PMA_showDocuShort($link)
1274 {
1275 if (!empty($GLOBALS['cfg']['ManualBaseShort'])) {
1276 return '[<a href="' . $GLOBALS['cfg']['ManualBaseShort'] . '/' . $link .'" target="mysql_doc">' . $GLOBALS['strDocu'] . '</a>]';
1277 }
1278 } // end of the 'PMA_showDocuShort()' function
1279
1280
1281 /**
1282 * Formats $value to byte view
1283 *
1284 * @param double the value to format
1285 * @param integer the sensitiveness
1286 * @param integer the number of decimals to retain
1287 *
1288 * @return array the formatted value and its unit
1289 *
1290 * @access public
1291 *
1292 * @author staybyte
1293 * @version 1.2 - 18 July 2002
1294 */
1295 function PMA_formatByteDown($value, $limes = 6, $comma = 0)
1296 {
1297 $dh = pow(10, $comma);
1298 $li = pow(10, $limes);
1299 $return_value = $value;
1300 $unit = $GLOBALS['byteUnits'][0];
1301
1302 for ( $d = 6, $ex = 15; $d >= 1; $d--, $ex-=3 ) {
1303 if (isset($GLOBALS['byteUnits'][$d]) && $value >= $li * pow(10, $ex)) {
1304 $value = round($value / ( pow(1024, $d) / $dh) ) /$dh;
1305 $unit = $GLOBALS['byteUnits'][$d];
1306 break 1;
1307 } // end if
1308 } // end for
1309
1310 if ($unit != $GLOBALS['byteUnits'][0]) {
1311 $return_value = number_format($value, $comma, $GLOBALS['number_decimal_separator'], $GLOBALS['number_thousands_separator']);
1312 } else {
1313 $return_value = number_format($value, 0, $GLOBALS['number_decimal_separator'], $GLOBALS['number_thousands_separator']);
1314 }
1315
1316 return array($return_value, $unit);
1317 } // end of the 'PMA_formatByteDown' function
1318
1319
1320 /**
1321 * Ensures a database/table/field's name is not a reserved word (for MySQL
1322 * releases < 3.23.6)
1323 *
1324 * @param string the name to check
1325 * @param string the url to go back in case of error
1326 *
1327 * @return boolean true if the name is valid (no return else)
1328 *
1329 * @access public
1330 *
1331 * @author Dell'Aiera Pol; Olivier Blin
1332 */
1333 function PMA_checkReservedWords($the_name, $error_url)
1334 {
1335 // The name contains caracters <> a-z, A-Z and "_" -> not a reserved
1336 // word
1337 if (!ereg('^[a-zA-Z_]+$', $the_name)) {
1338 return TRUE;
1339 }
1340
1341 // Else do the work
1342 $filename = 'badwords.txt';
1343 if (file_exists($filename)) {
1344 // Builds the reserved words array
1345 $fd = fopen($filename, 'r');
1346 $contents = fread($fd, filesize($filename) - 1);
1347 fclose ($fd);
1348 $word_list = explode("\n", $contents);
1349
1350 // Do the checking
1351 $word_cnt = count($word_list);
1352 for ($i = 0; $i < $word_cnt; $i++) {
1353 if (strtolower($the_name) == $word_list[$i]) {
1354 PMA_mysqlDie(sprintf($GLOBALS['strInvalidName'], $the_name), '', FALSE, $error_url);
1355 } // end if
1356 } // end for
1357 } // end if
1358 } // end of the 'PMA_checkReservedWords' function
1359
1360
1361 /**
1362 * Writes localised date
1363 *
1364 * @param string the current timestamp
1365 *
1366 * @return string the formatted date
1367 *
1368 * @access public
1369 */
1370 function PMA_localisedDate($timestamp = -1)
1371 {
1372 global $datefmt, $month, $day_of_week;
1373
1374 if ($timestamp == -1) {
1375 $timestamp = time();
1376 }
1377
1378 $date = ereg_replace('%[aA]', $day_of_week[(int)strftime('%w', $timestamp)], $datefmt);
1379 $date = ereg_replace('%[bB]', $month[(int)strftime('%m', $timestamp)-1], $date);
1380
1381 return strftime($date, $timestamp);
1382 } // end of the 'PMA_localisedDate()' function
1383
1384
1385 /**
1386 * Prints out a tab for tabbed navigation.
1387 * If the variables $link and $args ar left empty, an inactive tab is created
1388 *
1389 * @param string the text to be displayed as link
1390 * @param string main link file, e.g. "test.php3"
1391 * @param string link arguments
1392 * @param string link attributes
1393 *
1394 * @return string two table cells, the first beeing a separator, the second the tab itself
1395 *
1396 * @access public
1397 */
1398 function PMA_printTab($text, $link, $args = '', $attr = '') {
1399 global $PHP_SELF;
1400 global $db_details_links_count_tabs;
1401
1402 if (basename($PHP_SELF) == $link
1403 && ($text != $GLOBALS['strEmpty'] && $text != $GLOBALS['strDrop'])) {
1404 $bgcolor = 'silver';
1405 } else {
1406 $bgcolor = '#DFDFDF';
1407 }
1408
1409 $db_details_links_count_tabs++;
1410 if (!empty($attr)) {
1411 $attr = ' ' . $attr;
1412 }
1413
1414 $out = "\n" . ' '
1415 . '<td bgcolor="' . $bgcolor . '" align="center" width="64" nowrap="nowrap" class="tab">'
1416 . "\n" . ' ';
1417 if (strlen($link) > 0) {
1418 $out .= '<a href="' . $link . '?' . $args . '"' . $attr . '>'
1419 . '<b>' . $text . '</b></a>';
1420 } else {
1421 $out .= '<b>' . $text . '</b>';
1422 }
1423 $out .= "\n" . ' '
1424 . '</td>'
1425 . "\n" . ' '
1426 . '<td width="8">&nbsp;</td>';
1427
1428 return $out;
1429 } // end of the 'PMA_printTab()' function
1430
1431
1432
1433 // Kanji encoding convert feature appended by Y.Kawada (2002/2/20)
1434 if (PMA_PHP_INT_VERSION >= 40006
1435 && @function_exists('mb_convert_encoding')
1436 && strpos(' ' . $lang, 'ja-')
1437 && file_exists('./libraries/kanji-encoding.lib.php3')) {
1438 include('./libraries/kanji-encoding.lib.php3');
1439 } // end if
1440
1441 } // $__PMA_COMMON_LIB__
1442 ?>
Drizzle / GSOC 2011