path disclosure
[phpmyadmin/crack.git] / server_common.inc.php3
blobfa67f0c21b47d35f739439c27a6df0ff90033b83
1 <?php
2 /* $Id$ */
3 // vim: expandtab sw=4 ts=4 sts=4:
5 /**
6 * Gets some core libraries
7 */
8 if (!defined('PMA_GRAB_GLOBALS_INCLUDED')) {
9 include('./libraries/grab_globals.lib.php3');
11 if (!defined('PMA_COMMON_LIB_INCLUDED')) {
12 include('./libraries/common.lib.php3');
15 /**
16 * Handles some variables that may have been sent by the calling script
18 if (isset($db)) {
19 unset($db);
21 if (isset($table)) {
22 unset($table);
25 /**
26 * Set parameters for links
28 $url_query = PMA_generate_common_url();
30 /**
31 * Defines the urls to return to in case of error in a sql statement
33 $err_url = 'main.php3' . $url_query;
35 /**
36 * Displays the headers
38 require('./header.inc.php3');
40 /**
41 * Checks for superuser privileges
43 // We were checking privileges with 'USE mysql' but users with the global
44 // priv CREATE TEMPORARY TABLES or LOCK TABLES can do a 'USE mysql'
45 // (even if they cannot see the tables)
47 $is_superuser = @PMA_mysql_query('SELECT COUNT(*) FROM mysql.user', $userlink);
49 // now, select the mysql db
50 if ($is_superuser) {
51 @PMA_mysql_query('USE mysql', $userlink);