protection against XSS when register_globals is on and .htaccess has no effect
[phpmyadmin/crack.git] / libraries / db_common.inc.php
blob693d28aec7ca93a8a1b6ca791c1ace61019d2e13
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
5 * @version $Id$
6 */
7 if (! defined('PHPMYADMIN')) {
8 exit;
11 /**
12 * Gets some core libraries
14 require_once './libraries/common.inc.php';
15 require_once './libraries/bookmark.lib.php';
17 PMA_checkParameters(array('db'));
19 $is_show_stats = $cfg['ShowStats'];
21 if (PMA_MYSQL_INT_VERSION >= 50002 && $db == 'information_schema') {
22 $is_show_stats = false;
23 $db_is_information_schema = true;
24 } else {
25 $db_is_information_schema = false;
28 /**
29 * Defines the urls to return to in case of error in a sql statement
31 $err_url_0 = 'main.php?' . PMA_generate_common_url();
32 $err_url = $cfg['DefaultTabDatabase'] . '?' . PMA_generate_common_url($db);
35 /**
36 * Ensures the database exists (else move to the "parent" script) and displays
37 * headers
39 if (!isset($is_db) || !$is_db) {
40 // Not a valid db name -> back to the welcome page
41 if (strlen($db)) {
42 $is_db = PMA_DBI_select_db($db);
44 if (! strlen($db) || !$is_db) {
45 PMA_sendHeaderLocation($cfg['PmaAbsoluteUri'] . 'main.php?' . PMA_generate_common_url('', '', '&') . (isset($message) ? '&message=' . urlencode($message) : '') . '&reload=1');
46 exit;
48 } // end if (ensures db exists)
50 /**
51 * Changes database charset if requested by the user
53 if (isset($submitcollation) && !empty($db_collation) && PMA_MYSQL_INT_VERSION >= 40101) {
54 list($db_charset) = explode('_', $db_collation);
55 $sql_query = 'ALTER DATABASE ' . PMA_backquote($db) . ' DEFAULT' . PMA_generateCharsetQueryPart($db_collation);
56 $result = PMA_DBI_query($sql_query);
57 $message = $strSuccess;
58 unset($db_charset, $db_collation);
61 $js_to_run = 'functions.js';
62 require_once './libraries/header.inc.php';
64 /**
65 * Set parameters for links
67 $url_query = PMA_generate_common_url($db);