search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
bug #3072492 Error for wrong SQL disappears
[phpmyadmin/crack.git] / main.php
blob0cd46f5a0c597f298fe20646a34a45673c821af0
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 *
5 * @package phpMyAdmin
6 */
7
8 /**
9 * Gets some core libraries and displays a top message if required
10 */
11 define('PMA_COLORPICKER', true);
12 require_once './libraries/common.inc.php';
13
14 $GLOBALS['js_include'][] = 'colorpicker/js/colorpicker.js';
15 $GLOBALS['js_include'][] = 'main_custom_color.js';
16 $GLOBALS['js_include'][] = 'jquery/jquery-ui-1.8.custom.js';
17
18 // Handles some variables that may have been sent by the calling script
19 $GLOBALS['db'] = '';
20 $GLOBALS['table'] = '';
21 $show_query = '1';
22 require_once './libraries/header.inc.php';
23
24 // Any message to display?
25 if (! empty($message)) {
26 PMA_showMessage($message);
27 unset($message);
28 }
29
30 $common_url_query = PMA_generate_common_url('', '');
31
32 // when $server > 0, a server has been chosen so we can display
33 // all MySQL-related information
34 if ($server > 0) {
35 require './libraries/server_common.inc.php';
36 require './libraries/StorageEngine.class.php';
37 require './libraries/server_links.inc.php';
38
39 // Use the verbose name of the server instead of the hostname
40 // if a value is set
41 $server_info = '';
42 if (! empty($cfg['Server']['verbose'])) {
43 $server_info .= htmlspecialchars($cfg['Server']['verbose']);
44 if ($GLOBALS['cfg']['ShowServerInfo']) {
45 $server_info .= ' (';
46 }
47 }
48 if ($GLOBALS['cfg']['ShowServerInfo'] || empty($cfg['Server']['verbose'])) {
49 $server_info .= PMA_DBI_get_host_info();
50 }
51 if (! empty($cfg['Server']['verbose']) && $GLOBALS['cfg']['ShowServerInfo']) {
52 $server_info .= ')';
53 }
54 $mysql_cur_user_and_host = PMA_DBI_fetch_value('SELECT USER();');
55
56 // should we add the port info here?
57 $short_server_info = (!empty($GLOBALS['cfg']['Server']['verbose'])
58 ? $GLOBALS['cfg']['Server']['verbose']
59 : $GLOBALS['cfg']['Server']['host']);
60 }
61
62 echo '<div id="maincontainer">' . "\n";
63 echo '<div id="main_pane_left">';
64 if ($server > 0
65 || (! $cfg['LeftDisplayServers'] && count($cfg['Servers']) > 1)) {
66 echo '<div class="group">';
67 echo '<h2>' . __('General Settings') . '</h2>';
68 echo '<ul>';
69
70 /**
71 * Displays the MySQL servers choice form
72 */
73 if (! $cfg['LeftDisplayServers']
74 && (count($cfg['Servers']) > 1 || $server == 0 && count($cfg['Servers']) == 1)) {
75 echo '<li id="li_select_server">';
76 require_once './libraries/select_server.lib.php';
77 PMA_select_server(true, true);
78 echo '</li>';
79 }
80
81 /**
82 * Displays the mysql server related links
83 */
84 if ($server > 0) {
85 require_once './libraries/check_user_privileges.lib.php';
86
87 // Logout for advanced authentication
88 if ($cfg['Server']['auth_type'] != 'config') {
89 if ($cfg['ShowChgPassword']) {
90 PMA_printListItem(__('Change password'), 'li_change_password',
91 './user_password.php?' . $common_url_query, null, null, 'change_password_anchor');
92 }
93 } // end if
94 echo ' <li id="li_select_mysql_collation">';
95 echo ' <form method="post" action="index.php" target="_parent">' . "\n"
96 . PMA_generate_common_hidden_inputs(null, null, 4, 'collation_connection')
97 . ' <label for="select_collation_connection">' . "\n"
98 . ' ' . __('MySQL connection collation') . "\n"
99 // put the doc link in the form so that it appears on the same line
100 . PMA_showMySQLDocu('MySQL_Database_Administration', 'Charset-connection') . ': ' . "\n"
101 . ' </label>' . "\n"
102
103 . PMA_generateCharsetDropdownBox(PMA_CSDROPDOWN_COLLATION, 'collation_connection', 'select_collation_connection', $collation_connection, true, 4, true)
104 . ' <noscript><input type="submit" value="' . __('Go') . '" /></noscript>' . "\n"
105 . ' </form>' . "\n"
106 . ' </li>' . "\n";
107 } // end of if ($server > 0)
108 echo '</ul>';
109 echo '</div>';
110 }
111
112 echo '<div class="group">';
113 echo '<h2>' . __('Appearance Settings') . '</h2>';
114 echo ' <ul>';
115
116 // Displays language selection combo
117 if (empty($cfg['Lang'])) {
118 echo '<li id="li_select_lang">';
119 require_once './libraries/display_select_lang.lib.php';
120 PMA_select_language();
121 echo '</li>';
122 }
123
124 // ThemeManager if available
125
126 if ($GLOBALS['cfg']['ThemeManager']) {
127 echo '<li id="li_select_theme">';
128 echo $_SESSION['PMA_Theme_Manager']->getHtmlSelectBox();
129 echo '</li>';
130
131 // see js/main_custom_color.js
132 echo '<li id="li_custom_color" class="hide">';
133 echo PMA_escapeJsString(__('Background color')) . ': ';
134 echo '<input type="submit" name="custom_color_choose" value="' . __('Choose...') . '" />';
135 echo '<form name="colorform" id="colorform" method="post" action="index.php" target="_parent">';
136 echo PMA_generate_common_hidden_inputs();
137 echo '<input type="hidden" id="custom_color" name="custom_color" value="" />';
138 echo '<input type="submit" name="custom_color_reset" value="' . __('Reset') . '" />';
139 echo '</form>';
140 echo '</li>';
141 }
142 echo '<li id="li_select_fontsize">';
143 echo PMA_Config::getFontsizeForm();
144 echo '</li>';
145
146 echo '</ul>';
147
148 // User preferences
149
150 echo '<ul>';
151 echo PMA_printListItem(__('More settings'), 'li_user_preferences',
152 './prefs_manage.php?' . $common_url_query);
153 echo '<ul>';
154
155 echo '</div>';
156
157
158 echo '</div>';
159 echo '<div id="main_pane_right">';
160
161
162 if ($server > 0 && $GLOBALS['cfg']['ShowServerInfo']) {
163 echo '<div class="group">';
164 echo '<h2>MySQL</h2>';
165 echo '<ul>' . "\n";
166 PMA_printListItem(__('Server') . ': ' . $server_info, 'li_server_info');
167 PMA_printListItem(__('Server version') . ': ' . PMA_MYSQL_STR_VERSION, 'li_server_version');
168 PMA_printListItem(__('Protocol version') . ': ' . PMA_DBI_get_proto_info(),
169 'li_mysql_proto');
170 PMA_printListItem(__('User') . ': ' . htmlspecialchars($mysql_cur_user_and_host),
171 'li_user_info');
172
173 echo ' <li id="li_select_mysql_charset">';
174 echo ' ' . __('MySQL charset') . ': '
175 . ' <span xml:lang="en" dir="ltr">'
176 . ' ' . $mysql_charsets_descriptions[$mysql_charset_map[strtolower($charset)]] . "\n"
177 . ' (' . $mysql_charset_map[strtolower($charset)] . ')' . "\n"
178 . ' </span>' . "\n"
179 . ' </li>' . "\n";
180 echo ' </ul>';
181 echo ' </div>';
182 }
183
184 if ($GLOBALS['cfg']['ShowServerInfo'] || $GLOBALS['cfg']['ShowPhpInfo']) {
185 echo '<div class="group">';
186 echo '<h2>' . __('Web server') . '</h2>';
187 echo '<ul>';
188 if ($GLOBALS['cfg']['ShowServerInfo']) {
189 PMA_printListItem($_SERVER['SERVER_SOFTWARE'], 'li_web_server_software');
190
191 if ($server > 0) {
192 PMA_printListItem(__('MySQL client version') . ': ' . PMA_DBI_get_client_info(),
193 'li_mysql_client_version');
194 PMA_printListItem(__('PHP extension') . ': ' . $GLOBALS['cfg']['Server']['extension'],
195 'li_used_php_extension');
196 }
197 }
198
199 if ($cfg['ShowPhpInfo']) {
200 PMA_printListItem(__('Show PHP information'), 'li_phpinfo', './phpinfo.php?' . $common_url_query);
201 }
202 echo ' </ul>';
203 echo ' </div>';
204 }
205
206 echo '<div class="group">';
207 echo '<h2>phpMyAdmin</h2>';
208 echo '<ul>';
209 PMA_printListItem(__('Version information') . ': ' . PMA_VERSION, 'li_pma_version');
210 PMA_printListItem(__('Documentation'), 'li_pma_docs', 'Documentation.html', null, '_blank');
211 PMA_printListItem(__('Wiki'), 'li_pma_wiki', 'http://wiki.phpmyadmin.net', null, '_blank');
212
213 // does not work if no target specified, don't know why
214 PMA_printListItem(__('Official Homepage'), 'li_pma_homepage', 'http://www.phpMyAdmin.net/', null, '_blank');
215 ?>
216 <li><bdo xml:lang="en" dir="ltr">
217 [<a href="changelog.php" target="_blank">ChangeLog</a>]
218 [<a href="http://phpmyadmin.git.sourceforge.net/git/gitweb-index.cgi"
219 target="_blank">Git</a>]
220 [<a href="http://sourceforge.net/mail/?group_id=23067"
221 target="_blank"><?php echo __('Mailing lists'); ?></a>]
222 </bdo>
223 </li>
224 </ul>
225 </div>
226
227 </div>
228
229 <?php
230 /**
231 * BUG: MSIE needs two <br /> here, otherwise it will not extend the outer div to the
232 * full height of the inner divs
233 */
234 ?>
235 <br class="clearfloat" />
236 <br class="clearfloat" />
237 </div>
238
239 <?php
240 /**
241 * Warning if using the default MySQL privileged account
242 */
243 if ($server != 0
244 && $cfg['Server']['user'] == 'root'
245 && $cfg['Server']['password'] == '') {
246 trigger_error(__('Your configuration file contains settings (root with no password) that correspond to the default MySQL privileged account. Your MySQL server is running with this default, is open to intrusion, and you really should fix this security hole by setting a password for user \'root\'.'), E_USER_WARNING);
247 }
248
249 /**
250 * Nijel: As we try to handle charsets by ourself, mbstring overloads just
251 * break it, see bug 1063821.
252 */
253 if (@extension_loaded('mbstring') && @ini_get('mbstring.func_overload') > 1) {
254 trigger_error(__('You have enabled mbstring.func_overload in your PHP configuration. This option is incompatible with phpMyAdmin and might cause some data to be corrupted!'), E_USER_WARNING);
255 }
256
257 /**
258 * Nijel: mbstring is used for handling multibyte inside parser, so it is good
259 * to tell user something might be broken without it, see bug #1063149.
260 */
261 if (! @extension_loaded('mbstring')) {
262 trigger_error(__('The mbstring PHP extension was not found and you seem to be using a multibyte charset. Without the mbstring extension phpMyAdmin is unable to split strings correctly and it may result in unexpected results.'), E_USER_WARNING);
263 }
264
265 /**
266 * Check whether session.gc_maxlifetime limits session validity.
267 */
268 $gc_time = (int)@ini_get('session.gc_maxlifetime');
269 if ($gc_time < $GLOBALS['cfg']['LoginCookieValidity'] ) {
270 trigger_error(PMA_Message::decodeBB(__('Your PHP parameter [a@http://php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime@]session.gc_maxlifetime[/a] is lower that cookie validity configured in phpMyAdmin, because of this, your login will expire sooner than configured in phpMyAdmin.')), E_USER_WARNING);
271 }
272
273 /**
274 * Check whether LoginCookieValidity is limited by LoginCookieStore.
275 */
276 if ($GLOBALS['cfg']['LoginCookieStore'] != 0 && $GLOBALS['cfg']['LoginCookieStore'] < $GLOBALS['cfg']['LoginCookieValidity']) {
277 trigger_error(PMA_Message::decodeBB(__('Login cookie store is lower that cookie validity configured in phpMyAdmin, because of this, your login will expire sooner than configured in phpMyAdmin.')), E_USER_WARNING);
278 }
279
280 /**
281 * Check if user does not have defined blowfish secret and it is being used.
282 */
283 if (!empty($_SESSION['auto_blowfish_secret']) &&
284 empty($GLOBALS['cfg']['blowfish_secret'])) {
285 trigger_error(__('The configuration file now needs a secret passphrase (blowfish_secret).'), E_USER_WARNING);
286 }
287
288 /**
289 * Check for existence of config directory which should not exist in
290 * production environment.
291 */
292 if (file_exists('./config')) {
293 trigger_error(__('Directory [code]config[/code], which is used by the setup script, still exists in your phpMyAdmin directory. You should remove it once phpMyAdmin has been configured.'), E_USER_WARNING);
294 }
295
296 /**
297 * Check whether relations are supported.
298 */
299 if ($server > 0) {
300 $cfgRelation = PMA_getRelationsParam();
301 if(!$cfgRelation['allworks'] && $cfg['PmaNoRelation_DisableWarning'] == false) {
302 $message = PMA_Message::notice(__('The additional features for working with linked tables have been deactivated. To find out why click %shere%s.'));
303 $message->addParam('<a href="' . $cfg['PmaAbsoluteUri'] . 'chk_rel.php?' . $common_url_query . '">', false);
304 $message->addParam('</a>', false);
305 /* Show error if user has configured something, notice elsewhere */
306 if (!empty($cfg['Servers'][$server]['pmadb'])) {
307 $message->isError(true);
308 }
309 $message->display();
310 } // end if
311 }
312
313 /**
314 * Show warning when javascript support is missing.
315 */
316 echo '<noscript>';
317 $message = PMA_Message::notice(__('Javascript support is missing or disabled in your browser, some phpMyAdmin functionality will be missing. For example navigation frame will not refresh automatically.'));
318 $message->isError(true);
319 $message->display();
320 echo '</noscript>';
321
322 /**
323 * Warning about different MySQL library and server version
324 * (a difference on the third digit does not count).
325 * If someday there is a constant that we can check about mysqlnd, we can use it instead
326 * of strpos().
327 * If no default server is set, PMA_DBI_get_client_info() is not defined yet.
328 */
329 if (function_exists('PMA_DBI_get_client_info')) {
330 $_client_info = PMA_DBI_get_client_info();
331 if ($server > 0 && strpos($_client_info, 'mysqlnd') === false && substr(PMA_MYSQL_CLIENT_API, 0, 3) != substr(PMA_MYSQL_INT_VERSION, 0, 3)) {
332 trigger_error(PMA_sanitize(sprintf(__('Your PHP MySQL library version %s differs from your MySQL server version %s. This may cause unpredictable behavior.'),
333 $_client_info,
334 substr(PMA_MYSQL_STR_VERSION, 0, strpos(PMA_MYSQL_STR_VERSION . '-', '-')))),
335 E_USER_NOTICE);
336 }
337 unset($_client_info);
338 }
339
340 /**
341 * Warning about Suhosin
342 */
343 if ($cfg['SuhosinDisableWarning'] == false && @ini_get('suhosin.request.max_value_length')) {
344 trigger_error(PMA_sanitize(sprintf(__('Server running with Suhosin. Please refer to %sdocumentation%s for possible issues.'), '[a@./Documentation.html#faq1_38@_blank]', '[/a]')), E_USER_WARNING);
345 }
346
347 /**
348 * prints list item for main page
349 *
350 * @param string $name displayed text
351 * @param string $id id, used for css styles
352 * @param string $url make item as link with $url as target
353 * @param string $mysql_help_page display a link to MySQL's manual
354 * @param string $target special target for $url
355 * @param string $a_id id for the anchor, used for jQuery to hook in functions
356 */
357 function PMA_printListItem($name, $id = null, $url = null, $mysql_help_page = null, $target = null, $a_id = null)
358 {
359 echo '<li id="' . $id . '">';
360 if (null !== $url) {
361 echo '<a href="' . $url . '"';
362 if (null !== $target) {
363 echo ' target="' . $target . '"';
364 }
365 if (null != $a_id) {
366 echo ' id="' . $a_id .'"';
367 }
368 echo '>';
369 }
370
371 echo $name;
372
373 if (null !== $url) {
374 echo '</a>' . "\n";
375 }
376 if (null !== $mysql_help_page) {
377 echo PMA_showMySQLDocu('', $mysql_help_page);
378 }
379 echo '</li>';
380 }
381
382 /**
383 * Displays the footer
384 */
385 require './libraries/footer.inc.php';
386 ?>
Drizzle / GSOC 2011