3.3.10-rc1
[phpmyadmin/crack.git] / main.php
blob4bb6a756c091a5cff3d46445dd3a76d6ede4f058
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
5 * @version $Id$
6 * @package phpMyAdmin
7 */
9 /**
10 * Gets some core libraries and displays a top message if required
12 define('PMA_MOORAINBOW', true);
13 require_once './libraries/common.inc.php';
14 $GLOBALS['js_include'][] = 'mootools.js';
15 $GLOBALS['js_include'][] = 'mooRainbow/mooRainbow.js';
16 $GLOBALS['js_include'][] = 'mootools-domready-rainbow.js';
18 // Handles some variables that may have been sent by the calling script
19 $GLOBALS['db'] = '';
20 $GLOBALS['table'] = '';
21 $show_query = '1';
22 require_once './libraries/header.inc.php';
24 // Any message to display?
25 if (! empty($message)) {
26 PMA_showMessage($message);
27 unset($message);
30 $common_url_query = PMA_generate_common_url('', '');
32 // when $server > 0, a server has been chosen so we can display
33 // all MySQL-related information
34 if ($server > 0) {
35 require './libraries/server_common.inc.php';
36 require './libraries/StorageEngine.class.php';
37 require './libraries/server_links.inc.php';
39 // Use the verbose name of the server instead of the hostname
40 // if a value is set
41 $server_info = '';
42 if (! empty($cfg['Server']['verbose'])) {
43 $server_info .= htmlspecialchars($cfg['Server']['verbose']);
44 if ($GLOBALS['cfg']['ShowServerInfo']) {
45 $server_info .= ' (';
48 if ($GLOBALS['cfg']['ShowServerInfo'] || empty($cfg['Server']['verbose'])) {
49 $server_info .= PMA_DBI_get_host_info();
51 if (! empty($cfg['Server']['verbose']) && $GLOBALS['cfg']['ShowServerInfo']) {
52 $server_info .= ')';
54 $mysql_cur_user_and_host = PMA_DBI_fetch_value('SELECT USER();');
56 // should we add the port info here?
57 $short_server_info = (!empty($GLOBALS['cfg']['Server']['verbose'])
58 ? $GLOBALS['cfg']['Server']['verbose']
59 : $GLOBALS['cfg']['Server']['host']);
62 echo '<div id="maincontainer">' . "\n";
63 echo '<div id="main_pane_left">';
65 if ($server > 0
66 || (! $cfg['LeftDisplayServers'] && count($cfg['Servers']) > 1)) {
67 echo '<div class="group">';
68 echo '<h2>' . $strActions . '</h2>';
69 echo '<ul>';
71 /**
72 * Displays the MySQL servers choice form
74 if (! $cfg['LeftDisplayServers']
75 && (count($cfg['Servers']) > 1 || $server == 0 && count($cfg['Servers']) == 1)) {
76 echo '<li id="li_select_server">';
77 require_once './libraries/select_server.lib.php';
78 PMA_select_server(true, true);
79 echo '</li>';
82 /**
83 * Displays the mysql server related links
85 if ($server > 0) {
86 require_once './libraries/check_user_privileges.lib.php';
88 // Logout for advanced authentication
89 if ($cfg['Server']['auth_type'] != 'config') {
90 if ($cfg['ShowChgPassword']) {
91 PMA_printListItem($strChangePassword, 'li_change_password',
92 './user_password.php?' . $common_url_query);
95 $http_logout = ($cfg['Server']['auth_type'] == 'http')
96 ? '<a href="./Documentation.html#login_bug" target="documentation">'
97 . ($cfg['ReplaceHelpImg'] ? '<img class="icon" src="' . $pmaThemeImage . 'b_info.png" width="11" height="11" alt="Info" />' : '(*)') . '</a>'
98 : '';
99 PMA_printListItem('<strong>' . $strLogout . '</strong> ' . $http_logout,
100 'li_log_out',
101 './index.php?' . $common_url_query . '&amp;old_usr=' . urlencode($PHP_AUTH_USER), null, '_parent');
102 } // end if
103 } // end of if ($server > 0)
105 echo '</ul>';
106 echo '</div>';
110 if ($server > 0) {
111 echo '<div class="group">';
112 echo '<h2>MySQL ' . $short_server_info . '</h2>';
113 echo '<ul>' . "\n";
115 if ($cfg['ShowCreateDb']) {
116 echo '<li id="li_create_database">';
117 require './libraries/display_create_database.lib.php';
118 echo '</li>' . "\n";
121 echo ' <li id="li_select_mysql_collation">';
122 echo ' <form method="post" action="index.php" target="_parent">' . "\n"
123 . PMA_generate_common_hidden_inputs(null, null, 4, 'collation_connection')
124 . ' <label for="select_collation_connection">' . "\n"
125 . ' ' . $strMySQLConnectionCollation . ': ' . "\n"
126 . ' </label>' . "\n"
127 . PMA_generateCharsetDropdownBox(PMA_CSDROPDOWN_COLLATION, 'collation_connection', 'select_collation_connection', $collation_connection, true, 4, true)
128 . ' <noscript><input type="submit" value="' . $strGo . '" /></noscript>' . "\n"
129 // put the doc link in the form so that it appears on the same line
130 . PMA_showMySQLDocu('MySQL_Database_Administration', 'Charset-connection') . "\n"
131 . ' </form>' . "\n"
132 . ' </li>' . "\n";
134 echo ' </ul>';
135 echo ' </div>';
138 echo '<div class="group">';
139 echo '<h2>' . $strInterface . '</h2>';
140 echo ' <ul>';
142 // Displays language selection combo
143 if (empty($cfg['Lang'])) {
144 echo '<li id="li_select_lang">';
145 require_once './libraries/display_select_lang.lib.php';
146 PMA_select_language();
147 echo '</li>';
150 // added by Michael Keck <mail_at_michaelkeck_dot_de>
151 // ThemeManager if available
153 if ($GLOBALS['cfg']['ThemeManager']) {
154 echo '<li id="li_select_theme">';
155 echo $_SESSION['PMA_Theme_Manager']->getHtmlSelectBox();
156 echo '</li>';
158 <script type="text/javascript">
159 //<![CDATA[
160 document.write('<li id="li_custom_color">');
161 document.write('<?php echo PMA_escapeJsString($strCustomColor) . ': '; ?>');
162 document.write('<img id="myRainbow" src="js/mooRainbow/images/rainbow.png" alt="[r]" width="16" height="16" />');
163 document.write('<form name="rainbowform" id="rainbowform" method="post" action="index.php" target="_parent">');
164 document.write('<?php echo PMA_generate_common_hidden_inputs(); ?>');
165 document.write('<input type="hidden" name="custom_color" />');
166 document.write('<input type="hidden" name="custom_color_rgb" />');
167 document.write('<input type="submit" name="custom_color_reset" value="<?php echo $strReset; ?>" />');
168 document.write('</form>');
169 document.write('</li>');
170 //]]>
171 </script>
172 <?php
174 echo '<li id="li_select_fontsize">';
175 echo PMA_Config::getFontsizeForm();
176 echo '</li>';
178 echo '</ul>';
179 echo '</div>';
182 echo '</div>';
183 echo '<div id="main_pane_right">';
186 if ($server > 0 && $GLOBALS['cfg']['ShowServerInfo']) {
187 echo '<div class="group">';
188 echo '<h2>MySQL</h2>';
189 echo '<ul>' . "\n";
190 PMA_printListItem($strServer . ': ' . $server_info, 'li_server_info');
191 PMA_printListItem($strServerVersion . ': ' . PMA_MYSQL_STR_VERSION, 'li_server_version');
192 PMA_printListItem($strProtocolVersion . ': ' . PMA_DBI_get_proto_info(),
193 'li_mysql_proto');
194 PMA_printListItem($strUser . ': ' . htmlspecialchars($mysql_cur_user_and_host),
195 'li_user_info');
197 echo ' <li id="li_select_mysql_charset">';
198 echo ' ' . $strMySQLCharset . ': '
199 . ' <span xml:lang="en" dir="ltr">'
200 . ' ' . $mysql_charsets_descriptions[$mysql_charset_map[strtolower($charset)]] . "\n"
201 . ' (' . $mysql_charset_map[strtolower($charset)] . ')' . "\n"
202 . ' </span>' . "\n"
203 . ' </li>' . "\n";
204 echo ' </ul>';
205 echo ' </div>';
208 if ($GLOBALS['cfg']['ShowServerInfo'] || $GLOBALS['cfg']['ShowPhpInfo']) {
209 echo '<div class="group">';
210 echo '<h2>' . $strWebServer . '</h2>';
211 echo '<ul>';
212 if ($GLOBALS['cfg']['ShowServerInfo']) {
213 PMA_printListItem($_SERVER['SERVER_SOFTWARE'], 'li_web_server_software');
215 if ($server > 0) {
216 PMA_printListItem($strMysqlClientVersion . ': ' . PMA_DBI_get_client_info(),
217 'li_mysql_client_version');
218 PMA_printListItem($strPHPExtension . ': ' . $GLOBALS['cfg']['Server']['extension'],
219 'li_used_php_extension');
223 if ($cfg['ShowPhpInfo']) {
224 PMA_printListItem($strShowPHPInfo, 'li_phpinfo', './phpinfo.php?' . $common_url_query);
226 echo ' </ul>';
227 echo ' </div>';
230 echo '<div class="group">';
231 echo '<h2>phpMyAdmin</h2>';
232 echo '<ul>';
233 PMA_printListItem($strVersionInformation . ': ' . PMA_VERSION, 'li_pma_version');
234 PMA_printListItem($strDocu, 'li_pma_docs', 'Documentation.html', null, '_blank');
235 PMA_printListItem($strWiki, 'li_pma_wiki', 'http://wiki.phpmyadmin.net', null, '_blank');
237 // does not work if no target specified, don't know why
238 PMA_printListItem($strHomepageOfficial, 'li_pma_homepage', 'http://www.phpMyAdmin.net/', null, '_blank');
240 <li><bdo xml:lang="en" dir="ltr">
241 [<a href="changelog.php" target="_blank">ChangeLog</a>]
242 [<a href="http://phpmyadmin.git.sourceforge.net/git/gitweb-index.cgi"
243 target="_blank">Git</a>]
244 [<a href="http://sourceforge.net/mail/?group_id=23067"
245 target="_blank">Lists</a>]
246 </bdo>
247 </li>
248 </ul>
249 </div>
251 </div>
253 <?php
255 * BUG: MSIE needs two <br /> here, otherwise it will not extend the outer div to the
256 * full height of the inner divs
259 <br class="clearfloat" />
260 <br class="clearfloat" />
261 </div>
263 <?php
265 * Warning if using the default MySQL privileged account
266 * modified: 2004-05-05 mkkeck
268 if ($server != 0
269 && $cfg['Server']['user'] == 'root'
270 && $cfg['Server']['password'] == '') {
271 trigger_error($strInsecureMySQL, E_USER_WARNING);
275 * Nijel: As we try to handle charsets by ourself, mbstring overloads just
276 * break it, see bug 1063821.
278 if (@extension_loaded('mbstring') && @ini_get('mbstring.func_overload') > 1) {
279 trigger_error($strMbOverloadWarning, E_USER_WARNING);
283 * Nijel: mbstring is used for handling multibyte inside parser, so it is good
284 * to tell user something might be broken without it, see bug #1063149.
286 if (! @extension_loaded('mbstring')) {
287 trigger_error($strMbExtensionMissing, E_USER_WARNING);
291 * Check whether session.gc_maxlifetime limits session validity.
293 $gc_time = (int)@ini_get('session.gc_maxlifetime');
294 if ($gc_time < $GLOBALS['cfg']['LoginCookieValidity'] ) {
295 trigger_error(PMA_Message::decodeBB($strSessionGCWarning), E_USER_WARNING);
299 * Check if user does not have defined blowfish secret and it is being used.
301 if (!empty($_SESSION['auto_blowfish_secret']) &&
302 empty($GLOBALS['cfg']['blowfish_secret'])) {
303 trigger_error($strSecretRequired, E_USER_WARNING);
307 * Check for existence of config directory which should not exist in
308 * production environment.
310 if (file_exists('./config')) {
311 trigger_error($strConfigDirectoryWarning, E_USER_WARNING);
315 * Check whether relations are supported.
317 if ($server > 0) {
318 require_once './libraries/relation.lib.php';
319 $cfgRelation = PMA_getRelationsParam();
320 if(!$cfgRelation['allworks'] && $cfg['PmaNoRelation_DisableWarning'] == false) {
321 $message = PMA_Message::notice('strRelationNotWorking');
322 $message->addParam('<a href="' . $cfg['PmaAbsoluteUri'] . 'chk_rel.php?' . $common_url_query . '">', false);
323 $message->addParam('</a>', false);
324 /* Show error if user has configured something, notice elsewhere */
325 if (!empty($cfg['Servers'][$server]['pmadb'])) {
326 $message->isError(true);
328 $message->display();
329 } // end if
333 * Warning about different MySQL library and server version
334 * (a difference on the third digit does not count).
335 * If someday there is a constant that we can check about mysqlnd, we can use it instead
336 * of strpos().
337 * If no default server is set, PMA_DBI_get_client_info() is not defined yet.
339 if (function_exists('PMA_DBI_get_client_info')) {
340 $_client_info = PMA_DBI_get_client_info();
341 if ($server > 0 && strpos($_client_info, 'mysqlnd') === false && substr(PMA_MYSQL_CLIENT_API, 0, 3) != substr(PMA_MYSQL_INT_VERSION, 0, 3)) {
342 trigger_error(PMA_sanitize(sprintf($strMysqlLibDiffersServerVersion,
343 $_client_info,
344 substr(PMA_MYSQL_STR_VERSION, 0, strpos(PMA_MYSQL_STR_VERSION . '-', '-')))),
345 E_USER_NOTICE);
347 unset($_client_info);
351 * Warning about Suhosin
353 if ($cfg['SuhosinDisableWarning'] == false && @ini_get('suhosin.request.max_value_length')) {
354 trigger_error(PMA_sanitize(sprintf($strSuhosin, '[a@./Documentation.html#faq1_38@_blank]', '[/a]')), E_USER_WARNING);
358 * prints list item for main page
360 * @param string $name displayed text
361 * @param string $id id, used for css styles
362 * @param string $url make item as link with $url as target
363 * @param string $mysql_help_page display a link to MySQL's manual
364 * @param string $target special target for $url
366 function PMA_printListItem($name, $id = null, $url = null, $mysql_help_page = null, $target = null)
368 echo '<li id="' . $id . '">';
369 if (null !== $url) {
370 echo '<a href="' . $url . '"';
371 if (null !== $target) {
372 echo ' target="' . $target . '"';
374 echo '>';
377 echo $name;
379 if (null !== $url) {
380 echo '</a>' . "\n";
382 if (null !== $mysql_help_page) {
383 echo PMA_showMySQLDocu('', $mysql_help_page);
385 echo '</li>';
389 * Displays the footer
391 require_once './libraries/footer.inc.php';