PageRenderTime 54ms CodeModel.GetById 25ms RepoModel.GetById 1ms app.codeStats 0ms

/phpMyAdmin/main.php

https://bitbucket.org/izubizarreta/https-bitbucket.org-bityvip
PHP | 458 lines | 308 code | 50 blank | 100 comment | 83 complexity | d50260e9f5de0e1aadfc71ff13f59667 MD5 | raw file
Possible License(s): LGPL-3.0, LGPL-2.0, JSON, GPL-2.0, BSD-3-Clause, LGPL-2.1, MIT
  1. <?php
  2. /* vim: set expandtab sw=4 ts=4 sts=4: */
  3. /**
  4. *
  5. * @package PhpMyAdmin
  6. */
  7. /**
  8. * Gets some core libraries and displays a top message if required
  9. */
  10. require_once './libraries/common.inc.php';
  11. $GLOBALS['js_include'][] = 'jquery/jquery-ui-1.8.16.custom.js';
  12. $GLOBALS['js_include'][] = 'jquery/jquery.sprintf.js';
  13. // Handles some variables that may have been sent by the calling script
  14. $GLOBALS['db'] = '';
  15. $GLOBALS['table'] = '';
  16. $show_query = '1';
  17. require_once './libraries/header.inc.php';
  18. // Any message to display?
  19. if (! empty($message)) {
  20. PMA_showMessage($message);
  21. unset($message);
  22. }
  23. $common_url_query = PMA_generate_common_url('', '');
  24. // when $server > 0, a server has been chosen so we can display
  25. // all MySQL-related information
  26. if ($server > 0) {
  27. include './libraries/server_common.inc.php';
  28. include './libraries/StorageEngine.class.php';
  29. include './libraries/server_links.inc.php';
  30. // Use the verbose name of the server instead of the hostname
  31. // if a value is set
  32. $server_info = '';
  33. if (! empty($cfg['Server']['verbose'])) {
  34. $server_info .= htmlspecialchars($cfg['Server']['verbose']);
  35. if ($GLOBALS['cfg']['ShowServerInfo']) {
  36. $server_info .= ' (';
  37. }
  38. }
  39. if ($GLOBALS['cfg']['ShowServerInfo'] || empty($cfg['Server']['verbose'])) {
  40. $server_info .= PMA_DBI_get_host_info();
  41. }
  42. if (! empty($cfg['Server']['verbose']) && $GLOBALS['cfg']['ShowServerInfo']) {
  43. $server_info .= ')';
  44. }
  45. $mysql_cur_user_and_host = PMA_DBI_fetch_value('SELECT USER();');
  46. // should we add the port info here?
  47. $short_server_info = (!empty($GLOBALS['cfg']['Server']['verbose'])
  48. ? $GLOBALS['cfg']['Server']['verbose']
  49. : $GLOBALS['cfg']['Server']['host']);
  50. }
  51. echo '<div id="maincontainer">' . "\n";
  52. echo '<div id="main_pane_left">';
  53. if ($server > 0
  54. || (! $cfg['LeftDisplayServers'] && count($cfg['Servers']) > 1)) {
  55. echo '<div class="group">';
  56. echo '<h2>' . __('General Settings') . '</h2>';
  57. echo '<ul>';
  58. /**
  59. * Displays the MySQL servers choice form
  60. */
  61. if (! $cfg['LeftDisplayServers']
  62. && (count($cfg['Servers']) > 1 || $server == 0 && count($cfg['Servers']) == 1)) {
  63. echo '<li id="li_select_server">';
  64. include_once './libraries/select_server.lib.php';
  65. PMA_select_server(true, true);
  66. echo '</li>';
  67. }
  68. /**
  69. * Displays the mysql server related links
  70. */
  71. if ($server > 0 && !PMA_DRIZZLE) {
  72. include_once './libraries/check_user_privileges.lib.php';
  73. // Logout for advanced authentication
  74. if ($cfg['Server']['auth_type'] != 'config') {
  75. if ($cfg['ShowChgPassword']) {
  76. if ($GLOBALS['cfg']['AjaxEnable']) {
  77. $conditional_class = 'ajax';
  78. } else {
  79. $conditional_class = null;
  80. }
  81. PMA_printListItem(
  82. __('Change password'),
  83. 'li_change_password',
  84. './user_password.php?' . $common_url_query,
  85. null,
  86. null,
  87. 'change_password_anchor',
  88. null,
  89. $conditional_class
  90. );
  91. }
  92. } // end if
  93. echo ' <li id="li_select_mysql_collation">';
  94. echo ' <form method="post" action="index.php" target="_parent">' . "\n"
  95. . PMA_generate_common_hidden_inputs(null, null, 4, 'collation_connection')
  96. . ' <label for="select_collation_connection">' . "\n"
  97. . ' ' . __('Server connection collation') . "\n"
  98. // put the doc link in the form so that it appears on the same line
  99. . PMA_showMySQLDocu('MySQL_Database_Administration', 'Charset-connection') . ': ' . "\n"
  100. . ' </label>' . "\n"
  101. . PMA_generateCharsetDropdownBox(PMA_CSDROPDOWN_COLLATION, 'collation_connection', 'select_collation_connection', $collation_connection, true, 4, true)
  102. . ' <noscript><input type="submit" value="' . __('Go') . '" /></noscript>' . "\n"
  103. . ' </form>' . "\n"
  104. . ' </li>' . "\n";
  105. } // end of if ($server > 0 && !PMA_DRIZZLE)
  106. echo '</ul>';
  107. echo '</div>';
  108. }
  109. echo '<div class="group">';
  110. echo '<h2>' . __('Appearance Settings') . '</h2>';
  111. echo ' <ul>';
  112. // Displays language selection combo
  113. if (empty($cfg['Lang'])) {
  114. echo '<li id="li_select_lang">';
  115. include_once './libraries/display_select_lang.lib.php';
  116. PMA_select_language();
  117. echo '</li>';
  118. }
  119. // ThemeManager if available
  120. if ($GLOBALS['cfg']['ThemeManager']) {
  121. echo '<li id="li_select_theme">';
  122. echo $_SESSION['PMA_Theme_Manager']->getHtmlSelectBox();
  123. echo '</li>';
  124. }
  125. echo '<li id="li_select_fontsize">';
  126. echo PMA_Config::getFontsizeForm();
  127. echo '</li>';
  128. echo '</ul>';
  129. // User preferences
  130. if ($server > 0) {
  131. echo '<ul>';
  132. echo PMA_printListItem(
  133. __('More settings'),
  134. 'li_user_preferences',
  135. './prefs_manage.php?' . $common_url_query
  136. );
  137. echo '</ul>';
  138. }
  139. echo '</div>';
  140. echo '</div>';
  141. echo '<div id="main_pane_right">';
  142. if ($server > 0 && $GLOBALS['cfg']['ShowServerInfo']) {
  143. echo '<div class="group">';
  144. echo '<h2>' . __('Database server') . '</h2>';
  145. echo '<ul>' . "\n";
  146. PMA_printListItem(__('Server') . ': ' . $server_info, 'li_server_info');
  147. PMA_printListItem(__('Software') . ': ' . PMA_getServerType(), 'li_server_type');
  148. PMA_printListItem(__('Software version') . ': ' . PMA_MYSQL_STR_VERSION . ' - ' . PMA_MYSQL_VERSION_COMMENT, 'li_server_version');
  149. PMA_printListItem(
  150. __('Protocol version') . ': ' . PMA_DBI_get_proto_info(),
  151. 'li_mysql_proto'
  152. );
  153. PMA_printListItem(
  154. __('User') . ': ' . htmlspecialchars($mysql_cur_user_and_host),
  155. 'li_user_info'
  156. );
  157. echo ' <li id="li_select_mysql_charset">';
  158. echo ' ' . __('Server charset') . ': '
  159. . ' <span xml:lang="en" dir="ltr">'
  160. . ' ' . $mysql_charsets_descriptions[$mysql_charset_map['utf-8']] . "\n"
  161. . ' (' . $mysql_charset_map['utf-8'] . ')' . "\n"
  162. . ' </span>' . "\n"
  163. . ' </li>' . "\n";
  164. echo ' </ul>';
  165. echo ' </div>';
  166. }
  167. if ($GLOBALS['cfg']['ShowServerInfo'] || $GLOBALS['cfg']['ShowPhpInfo']) {
  168. echo '<div class="group">';
  169. echo '<h2>' . __('Web server') . '</h2>';
  170. echo '<ul>';
  171. if ($GLOBALS['cfg']['ShowServerInfo']) {
  172. PMA_printListItem($_SERVER['SERVER_SOFTWARE'], 'li_web_server_software');
  173. if ($server > 0) {
  174. $client_version_str = PMA_DBI_get_client_info();
  175. if (preg_match('#\d+\.\d+\.\d+#', $client_version_str)
  176. && in_array($GLOBALS['cfg']['Server']['extension'], array('mysql', 'mysqli'))
  177. ) {
  178. $client_version_str = 'libmysql - ' . $client_version_str;
  179. }
  180. PMA_printListItem(
  181. __('Database client version') . ': ' . $client_version_str,
  182. 'li_mysql_client_version'
  183. );
  184. PMA_printListItem(
  185. __('PHP extension') . ': ' . $GLOBALS['cfg']['Server']['extension']. ' '
  186. . PMA_showPHPDocu('book.' . $GLOBALS['cfg']['Server']['extension'] . '.php'),
  187. 'li_used_php_extension'
  188. );
  189. }
  190. }
  191. if ($cfg['ShowPhpInfo']) {
  192. PMA_printListItem(__('Show PHP information'), 'li_phpinfo', './phpinfo.php?' . $common_url_query);
  193. }
  194. echo ' </ul>';
  195. echo ' </div>';
  196. }
  197. echo '<div class="group pmagroup">';
  198. echo '<h2>phpMyAdmin</h2>';
  199. echo '<ul>';
  200. $class = null;
  201. // We rely on CSP to allow access to http://www.phpmyadmin.net, but IE lacks
  202. // support here and does not allow request to http once using https.
  203. if ($GLOBALS['cfg']['VersionCheck'] && (! $GLOBALS['PMA_Config']->get('is_https') || PMA_USR_BROWSER_AGENT != 'IE')) {
  204. $class = 'jsversioncheck';
  205. }
  206. PMA_printListItem(__('Version information') . ': ' . PMA_VERSION, 'li_pma_version', null, null, null, null, $class);
  207. PMA_printListItem(__('Documentation'), 'li_pma_docs', 'Documentation.html', null, '_blank');
  208. PMA_printListItem(__('Wiki'), 'li_pma_wiki', PMA_linkURL('http://wiki.phpmyadmin.net/'), null, '_blank');
  209. // does not work if no target specified, don't know why
  210. PMA_printListItem(__('Official Homepage'), 'li_pma_homepage', PMA_linkURL('http://www.phpMyAdmin.net/'), null, '_blank');
  211. PMA_printListItem(__('Contribute'), 'li_pma_contribute', PMA_linkURL('http://www.phpmyadmin.net/home_page/improve.php'), null, '_blank');
  212. PMA_printListItem(__('Get support'), 'li_pma_support', PMA_linkURL('http://www.phpmyadmin.net/home_page/support.php'), null, '_blank');
  213. PMA_printListItem(__('List of changes'), 'li_pma_changes', PMA_linkURL('changelog.php'), null, '_blank');
  214. ?>
  215. </ul>
  216. </div>
  217. </div>
  218. <?php
  219. /**
  220. * BUG: MSIE needs two <br /> here, otherwise it will not extend the outer div to the
  221. * full height of the inner divs
  222. */
  223. ?>
  224. <br class="clearfloat" />
  225. <br class="clearfloat" />
  226. </div>
  227. <?php
  228. /**
  229. * Warning if using the default MySQL privileged account
  230. */
  231. if ($server != 0
  232. && $cfg['Server']['user'] == 'root'
  233. && $cfg['Server']['password'] == '') {
  234. trigger_error(__('Your configuration file contains settings (root with no password) that correspond to the default MySQL privileged account. Your MySQL server is running with this default, is open to intrusion, and you really should fix this security hole by setting a password for user \'root\'.'), E_USER_WARNING);
  235. }
  236. /**
  237. * Nijel: As we try to handle charsets by ourself, mbstring overloads just
  238. * break it, see bug 1063821.
  239. */
  240. if (@extension_loaded('mbstring') && @ini_get('mbstring.func_overload') > 1) {
  241. trigger_error(__('You have enabled mbstring.func_overload in your PHP configuration. This option is incompatible with phpMyAdmin and might cause some data to be corrupted!'), E_USER_WARNING);
  242. }
  243. /**
  244. * Nijel: mbstring is used for handling multibyte inside parser, so it is good
  245. * to tell user something might be broken without it, see bug #1063149.
  246. */
  247. if (! @extension_loaded('mbstring')) {
  248. trigger_error(__('The mbstring PHP extension was not found and you seem to be using a multibyte charset. Without the mbstring extension phpMyAdmin is unable to split strings correctly and it may result in unexpected results.'), E_USER_WARNING);
  249. }
  250. /**
  251. * Check whether session.gc_maxlifetime limits session validity.
  252. */
  253. $gc_time = (int)@ini_get('session.gc_maxlifetime');
  254. if ($gc_time < $GLOBALS['cfg']['LoginCookieValidity'] ) {
  255. trigger_error(__('Your PHP parameter [a@http://php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime@_blank]session.gc_maxlifetime[/a] is lower than cookie validity configured in phpMyAdmin, because of this, your login will expire sooner than configured in phpMyAdmin.'), E_USER_WARNING);
  256. }
  257. /**
  258. * Check whether LoginCookieValidity is limited by LoginCookieStore.
  259. */
  260. if ($GLOBALS['cfg']['LoginCookieStore'] != 0 && $GLOBALS['cfg']['LoginCookieStore'] < $GLOBALS['cfg']['LoginCookieValidity']) {
  261. trigger_error(__('Login cookie store is lower than cookie validity configured in phpMyAdmin, because of this, your login will expire sooner than configured in phpMyAdmin.'), E_USER_WARNING);
  262. }
  263. /**
  264. * Check if user does not have defined blowfish secret and it is being used.
  265. */
  266. if (!empty($_SESSION['auto_blowfish_secret']) &&
  267. empty($GLOBALS['cfg']['blowfish_secret'])) {
  268. trigger_error(__('The configuration file now needs a secret passphrase (blowfish_secret).'), E_USER_WARNING);
  269. }
  270. /**
  271. * Check for existence of config directory which should not exist in
  272. * production environment.
  273. */
  274. if (file_exists('./config')) {
  275. trigger_error(__('Directory [code]config[/code], which is used by the setup script, still exists in your phpMyAdmin directory. You should remove it once phpMyAdmin has been configured.'), E_USER_WARNING);
  276. }
  277. if ($server > 0) {
  278. $cfgRelation = PMA_getRelationsParam();
  279. if (! $cfgRelation['allworks'] && $cfg['PmaNoRelation_DisableWarning'] == false) {
  280. $message = PMA_Message::notice(__('The phpMyAdmin configuration storage is not completely configured, some extended features have been deactivated. To find out why click %shere%s.'));
  281. $message->addParam('<a href="' . $cfg['PmaAbsoluteUri'] . 'chk_rel.php?' . $common_url_query . '">', false);
  282. $message->addParam('</a>', false);
  283. /* Show error if user has configured something, notice elsewhere */
  284. if (!empty($cfg['Servers'][$server]['pmadb'])) {
  285. $message->isError(true);
  286. }
  287. $message->display();
  288. } // end if
  289. }
  290. /**
  291. * Show notice when javascript support is missing.
  292. */
  293. echo '<noscript>';
  294. $message = PMA_Message::notice(__('Javascript support is missing or disabled in your browser, some phpMyAdmin functionality will be missing. For example navigation frame will not refresh automatically.'));
  295. $message->isError(true);
  296. $message->display();
  297. echo '</noscript>';
  298. /**
  299. * Warning about different MySQL library and server version
  300. * (a difference on the third digit does not count).
  301. * If someday there is a constant that we can check about mysqlnd, we can use it instead
  302. * of strpos().
  303. * If no default server is set, PMA_DBI_get_client_info() is not defined yet.
  304. * Drizzle can speak MySQL protocol, so don't warn about version mismatch for Drizzle servers.
  305. */
  306. if (function_exists('PMA_DBI_get_client_info') && !PMA_DRIZZLE) {
  307. $_client_info = PMA_DBI_get_client_info();
  308. if ($server > 0 && strpos($_client_info, 'mysqlnd') === false && substr(PMA_MYSQL_CLIENT_API, 0, 3) != substr(PMA_MYSQL_INT_VERSION, 0, 3)) {
  309. trigger_error(
  310. PMA_sanitize(
  311. sprintf(
  312. __('Your PHP MySQL library version %s differs from your MySQL server version %s. This may cause unpredictable behavior.'),
  313. $_client_info,
  314. substr(
  315. PMA_MYSQL_STR_VERSION,
  316. 0,
  317. strpos(PMA_MYSQL_STR_VERSION . '-', '-')
  318. )
  319. )
  320. ),
  321. E_USER_NOTICE
  322. );
  323. }
  324. unset($_client_info);
  325. }
  326. /**
  327. * Warning about Suhosin
  328. */
  329. if ($cfg['SuhosinDisableWarning'] == false
  330. && @ini_get('suhosin.request.max_value_length')
  331. ) {
  332. trigger_error(
  333. sprintf(
  334. __('Server running with Suhosin. Please refer to %sdocumentation%s for possible issues.'),
  335. '[a@./Documentation.html#faq1_38@_blank]',
  336. '[/a]'
  337. ),
  338. E_USER_WARNING
  339. );
  340. }
  341. /**
  342. * Warning about mcrypt.
  343. */
  344. if (!function_exists('mcrypt_encrypt') && !$GLOBALS['cfg']['McryptDisableWarning']) {
  345. PMA_warnMissingExtension('mcrypt');
  346. }
  347. /**
  348. * Warning about incomplete translations.
  349. *
  350. * The data file is created while creating release by ./scripts/remove-incomplete-mo
  351. */
  352. if (file_exists('./libraries/language_stats.inc.php')) {
  353. include './libraries/language_stats.inc.php';
  354. /*
  355. * This message is intentionally not translated, because we're
  356. * handling incomplete translations here and focus on english
  357. * speaking users.
  358. */
  359. if (isset($GLOBALS['language_stats'][$lang]) && $GLOBALS['language_stats'][$lang] < $cfg['TranslationWarningThreshold']) {
  360. trigger_error('You are using an incomplete translation, please help to make it better by <a href="http://www.phpmyadmin.net/home_page/improve.php#translate" target="_blank">contributing</a>.', E_USER_NOTICE);
  361. }
  362. }
  363. /**
  364. * prints list item for main page
  365. *
  366. * @param string $name displayed text
  367. * @param string $id id, used for css styles
  368. * @param string $url make item as link with $url as target
  369. * @param string $mysql_help_page display a link to MySQL's manual
  370. * @param string $target special target for $url
  371. * @param string $a_id id for the anchor, used for jQuery to hook in functions
  372. * @param string $class class for the li element
  373. * @param string $a_class class for the anchor element
  374. */
  375. function PMA_printListItem($name, $id = null, $url = null, $mysql_help_page = null, $target = null, $a_id = null, $class = null, $a_class = null)
  376. {
  377. echo '<li id="' . $id . '"';
  378. if (null !== $class) {
  379. echo ' class="' . $class . '"';
  380. }
  381. echo '>';
  382. if (null !== $url) {
  383. echo '<a href="' . $url . '"';
  384. if (null !== $target) {
  385. echo ' target="' . $target . '"';
  386. }
  387. if (null != $a_id) {
  388. echo ' id="' . $a_id .'"';
  389. }
  390. if (null != $a_class) {
  391. echo ' class="' . $a_class .'"';
  392. }
  393. echo '>';
  394. }
  395. echo $name;
  396. if (null !== $url) {
  397. echo '</a>' . "\n";
  398. }
  399. if (null !== $mysql_help_page) {
  400. echo PMA_showMySQLDocu('', $mysql_help_page);
  401. }
  402. echo '</li>';
  403. }
  404. /**
  405. * Displays the footer
  406. */
  407. require './libraries/footer.inc.php';
  408. ?>