PageRenderTime 47ms CodeModel.GetById 13ms RepoModel.GetById 0ms app.codeStats 0ms

/index.php

https://github.com/gauravmittal1995/phpmyadmin
PHP | 665 lines | 498 code | 56 blank | 111 comment | 103 complexity | 7a51bc27b35e36df889ac8979c23c070 MD5 | raw file
Possible License(s): GPL-2.0, LGPL-3.0 
    

  1. <?php
    2. 

  2. /* vim: set expandtab sw=4 ts=4 sts=4: */
    3. 

  3. /**
    4. 

  4.  * Main loader script
    5. 

  5.  *
    6. 

  6.  * @package PhpMyAdmin
    7. 

  7.  */
    8. 

  8. 

  9. /**
    10. 

  10.  * Gets some core libraries and displays a top message if required
    11. 

  11.  */
    12. 

  12. require_once 'libraries/common.inc.php';
    13. 

  13. 

  14. /**
    15. 

  15.  * display Git revision if requested
    16. 

  16.  */
    17. 

  17. require_once 'libraries/display_git_revision.lib.php';
    18. 

  18. 

  19. /**
    20. 

  20.  * pass variables to child pages
    21. 

  21.  */
    22. 

  22. $drops = array(
    23. 

  23.     'lang',
    24. 

  24.     'server',
    25. 

  25.     'collation_connection',
    26. 

  26.     'db',
    27. 

  27.     'table'
    28. 

  28. );
    29. 

  29. foreach ($drops as $each_drop) {
    30. 

  30.     if (array_key_exists($each_drop, $_GET)) {
    31. 

  31.         unset($_GET[$each_drop]);
    32. 

  32.     }
    33. 

  33. }
    34. 

  34. unset($drops, $each_drop);
    35. 

  35. 

  36. /*
    37. 

  37.  * Black list of all scripts to which front-end must submit data.
    38. 

  38.  * Such scripts must not be loaded on home page.
    39. 

  39.  *
    40. 

  40.  */
    41. 

  41.  $target_blacklist = array (
    42. 

  42.     'import.php', 'export.php'
    43. 

  43.     );
    44. 

  44. 

  45. // If we have a valid target, let's load that script instead
    46. 

  46. if (! empty($_REQUEST['target'])
    47. 

  47.     && is_string($_REQUEST['target'])
    48. 

  48.     && ! preg_match('/^index/', $_REQUEST['target'])
    49. 

  49.     && ! in_array($_REQUEST['target'], $target_blacklist)
    50. 

  50.     && in_array($_REQUEST['target'], $goto_whitelist)
    51. 

  51. ) {
    52. 

  52.     include $_REQUEST['target'];
    53. 

  53.     exit;
    54. 

  54. }
    55. 

  55. 

  56. /**
    57. 

  57.  * Check if it is an ajax request to reload the recent tables list.
    58. 

  58.  */
    59. 

  59. require_once 'libraries/RecentFavoriteTable.class.php';
    60. 

  60. if ($GLOBALS['is_ajax_request'] && ! empty($_REQUEST['recent_table'])) {
    61. 

  61.     $response = PMA_Response::getInstance();
    62. 

  62.     $response->addJSON(
    63. 

  63.         'list',
    64. 

  64.         PMA_RecentFavoriteTable::getInstance('recent')->getHtmlList()
    65. 

  65.     );
    66. 

  66.     exit;
    67. 

  67. }
    68. 

  68. 

  69. if ($GLOBALS['PMA_Config']->isGitRevision()) {
    70. 

  70.     if (isset($_REQUEST['git_revision']) && $GLOBALS['is_ajax_request'] == true) {
    71. 

  71.         PMA_printGitRevision();
    72. 

  72.         exit;
    73. 

  73.     }
    74. 

  74.     echo '<div id="is_git_revision"></div>';
    75. 

  75. }
    76. 

  76. 

  77. // Handles some variables that may have been sent by the calling script
    78. 

  78. $GLOBALS['db'] = '';
    79. 

  79. $GLOBALS['table'] = '';
    80. 

  80. $show_query = '1';
    81. 

  81. 

  82. // Any message to display?
    83. 

  83. if (! empty($message)) {
    84. 

  84.     echo PMA_Util::getMessage($message);
    85. 

  85.     unset($message);
    86. 

  86. }
    87. 

  87. 

  88. $common_url_query =  PMA_URL_getCommon('', '');
    89. 

  89. 

  90. // when $server > 0, a server has been chosen so we can display
    91. 

  91. // all MySQL-related information
    92. 

  92. if ($server > 0) {
    93. 

  93.     include 'libraries/server_common.inc.php';
    94. 

  94.     include 'libraries/StorageEngine.class.php';
    95. 

  95. 

  96.     // Use the verbose name of the server instead of the hostname
    97. 

  97.     // if a value is set
    98. 

  98.     $server_info = '';
    99. 

  99.     if (! empty($cfg['Server']['verbose'])) {
    100. 

  100.         $server_info .= htmlspecialchars($cfg['Server']['verbose']);
    101. 

  101.         if ($GLOBALS['cfg']['ShowServerInfo']) {
    102. 

  102.             $server_info .= ' (';
    103. 

  103.         }
    104. 

  104.     }
    105. 

  105.     if ($GLOBALS['cfg']['ShowServerInfo'] || empty($cfg['Server']['verbose'])) {
    106. 

  106.         $server_info .= $GLOBALS['dbi']->getHostInfo();
    107. 

  107.     }
    108. 

  108.     if (! empty($cfg['Server']['verbose']) && $GLOBALS['cfg']['ShowServerInfo']) {
    109. 

  109.         $server_info .= ')';
    110. 

  110.     }
    111. 

  111.     $mysql_cur_user_and_host = $GLOBALS['dbi']->fetchValue('SELECT USER();');
    112. 

  112. 

  113.     // should we add the port info here?
    114. 

  114.     $short_server_info = (!empty($GLOBALS['cfg']['Server']['verbose'])
    115. 

  115.                 ? $GLOBALS['cfg']['Server']['verbose']
    116. 

  116.                 : $GLOBALS['cfg']['Server']['host']);
    117. 

  117. }
    118. 

  118. 

  119. echo '<div id="maincontainer">' . "\n";
    120. 

  120. // Anchor for favorite tables synchronization.
    121. 

  121. echo PMA_RecentFavoriteTable::getInstance('favorite')->getHtmlSyncFavoriteTables();
    122. 

  122. echo '<div id="main_pane_left">';
    123. 

  123. if ($server > 0 || count($cfg['Servers']) > 1
    124. 

  124. ) {
    125. 

  125.     if ($cfg['DBG']['demo']) {
    126. 

  126.         echo '<div class="group">';
    127. 

  127.         echo '<h2>' . __('phpMyAdmin Demo Server') . '</h2>';
    128. 

  128.         echo '<p style="margin: 0.5em 1em 0.5em 1em">';
    129. 

  129.         printf(
    130. 

  130.             __(
    131. 

  131.                 'You are using the demo server. You can do anything here, but '
    132. 

  132.                 . 'please do not change root, debian-sys-maint and pma users. '
    133. 

  133.                 . 'More information is available at %s.'
    134. 

  134.             ),
    135. 

  135.             '<a href="http://demo.phpmyadmin.net/">demo.phpmyadmin.net</a>'
    136. 

  136.         );
    137. 

  137.         echo '</p>';
    138. 

  138.         echo '</div>';
    139. 

  139.     }
    140. 

  140.     echo '<div class="group">';
    141. 

  141.     echo '<h2>' . __('General Settings') . '</h2>';
    142. 

  142.     echo '<ul>';
    143. 

  143. 

  144.     /**
    145. 

  145.      * Displays the MySQL servers choice form
    146. 

  146.      */
    147. 

  147.     if ($cfg['ServerDefault'] == 0
    148. 

  148.         || (! $cfg['NavigationDisplayServers']
    149. 

  149.         && (count($cfg['Servers']) > 1
    150. 

  150.         || ($server == 0 && count($cfg['Servers']) == 1)))
    151. 

  151.     ) {
    152. 

  152.         echo '<li id="li_select_server" class="no_bullets" >';
    153. 

  153.         include_once 'libraries/select_server.lib.php';
    154. 

  154.         echo PMA_Util::getImage('s_host.png') . " " . PMA_selectServer(true, true);
    155. 

  155.         echo '</li>';
    156. 

  156.     }
    157. 

  157. 

  158.     /**
    159. 

  159.      * Displays the mysql server related links
    160. 

  160.      */
    161. 

  161.     if ($server > 0 && ! PMA_DRIZZLE) {
    162. 

  162.         include_once 'libraries/check_user_privileges.lib.php';
    163. 

  163. 

  164.         // Logout for advanced authentication
    165. 

  165.         if ($cfg['Server']['auth_type'] != 'config') {
    166. 

  166.             if ($cfg['ShowChgPassword']) {
    167. 

  167.                 $conditional_class = 'ajax';
    168. 

  168.                 PMA_printListItem(
    169. 

  169.                     PMA_Util::getImage('s_passwd.png') . " " . __('Change password'),
    170. 

  170.                     'li_change_password',
    171. 

  171.                     'user_password.php?' . $common_url_query,
    172. 

  172.                     null,
    173. 

  173.                     null,
    174. 

  174.                     'change_password_anchor',
    175. 

  175.                     "no_bullets",
    176. 

  176.                     $conditional_class
    177. 

  177.                 );
    178. 

  178.             }
    179. 

  179.         } // end if
    180. 

  180.         echo '    <li id="li_select_mysql_collation" class="no_bullets" >';
    181. 

  181.         echo '        <form method="post" action="index.php">' . "\n"
    182. 

  182.            . PMA_URL_getHiddenInputs(null, null, 4, 'collation_connection')
    183. 

  183.            . '            <label for="select_collation_connection">' . "\n"
    184. 

  184.            . '                ' . PMA_Util::getImage('s_asci.png') . " "
    185. 

  185.                                . __('Server connection collation') . "\n"
    186. 

  186.            // put the doc link in the form so that it appears on the same line
    187. 

  187.            . PMA_Util::showMySQLDocu('Charset-connection')
    188. 

  188.            . ': ' .  "\n"
    189. 

  189.            . '            </label>' . "\n"
    190. 

  190. 

  191.            . PMA_generateCharsetDropdownBox(
    192. 

  192.                PMA_CSDROPDOWN_COLLATION,
    193. 

  193.                'collation_connection',
    194. 

  194.                'select_collation_connection',
    195. 

  195.                $collation_connection,
    196. 

  196.                true,
    197. 

  197.                4,
    198. 

  198.                true
    199. 

  199.            )
    200. 

  200.            . '        </form>' . "\n"
    201. 

  201.            . '    </li>' . "\n";
    202. 

  202.     } // end of if ($server > 0 && !PMA_DRIZZLE)
    203. 

  203.     echo '</ul>';
    204. 

  204.     echo '</div>';
    205. 

  205. }
    206. 

  206. 

  207. echo '<div class="group">';
    208. 

  208. echo '<h2>' . __('Appearance Settings') . '</h2>';
    209. 

  209. echo '  <ul>';
    210. 

  210. 

  211. // Displays language selection combo
    212. 

  212. if (empty($cfg['Lang']) && count($GLOBALS['available_languages']) > 1) {
    213. 

  213.     echo '<li id="li_select_lang" class="no_bullets">';
    214. 

  214.     include_once 'libraries/display_select_lang.lib.php';
    215. 

  215.     echo PMA_Util::getImage('s_lang.png') . " " . PMA_getLanguageSelectorHtml();
    216. 

  216.     echo '</li>';
    217. 

  217. }
    218. 

  218. 

  219. // ThemeManager if available
    220. 

  220. 

  221. if ($GLOBALS['cfg']['ThemeManager']) {
    222. 

  222.     echo '<li id="li_select_theme" class="no_bullets">';
    223. 

  223.     echo PMA_Util::getImage('s_theme.png') . " "
    224. 

  224.             .  $_SESSION['PMA_Theme_Manager']->getHtmlSelectBox();
    225. 

  225.     echo '</li>';
    226. 

  226. }
    227. 

  227. echo '<li id="li_select_fontsize">';
    228. 

  228. echo PMA_Config::getFontsizeForm();
    229. 

  229. echo '</li>';
    230. 

  230. 

  231. echo '</ul>';
    232. 

  232. 

  233. // User preferences
    234. 

  234. 

  235. if ($server > 0) {
    236. 

  236.     echo '<ul>';
    237. 

  237.     PMA_printListItem(
    238. 

  238.         PMA_Util::getImage('b_tblops.png') . " " . __('More settings'),
    239. 

  239.         'li_user_preferences',
    240. 

  240.         'prefs_manage.php?' . $common_url_query,
    241. 

  241.         null,
    242. 

  242.         null,
    243. 

  243.         null,
    244. 

  244.         "no_bullets"
    245. 

  245.     );
    246. 

  246.     echo '</ul>';
    247. 

  247. }
    248. 

  248. 

  249. echo '</div>';
    250. 

  250. 

  251. 

  252. echo '</div>';
    253. 

  253. echo '<div id="main_pane_right">';
    254. 

  254. 

  255. 

  256. if ($server > 0 && $GLOBALS['cfg']['ShowServerInfo']) {
    257. 

  257. 

  258.     echo '<div class="group">';
    259. 

  259.     echo '<h2>' . __('Database server') . '</h2>';
    260. 

  260.     echo '<ul>' . "\n";
    261. 

  261.     PMA_printListItem(
    262. 

  262.         __('Server:') . ' ' . $server_info,
    263. 

  263.         'li_server_info'
    264. 

  264.     );
    265. 

  265.     PMA_printListItem(
    266. 

  266.         __('Server type:') . ' ' . PMA_Util::getServerType(),
    267. 

  267.         'li_server_type'
    268. 

  268.     );
    269. 

  269.     PMA_printListItem(
    270. 

  270.         __('Server version:')
    271. 

  271.         . ' '
    272. 

  272.         . PMA_MYSQL_STR_VERSION . ' - ' . PMA_MYSQL_VERSION_COMMENT,
    273. 

  273.         'li_server_version'
    274. 

  274.     );
    275. 

  275.     PMA_printListItem(
    276. 

  276.         __('Protocol version:') . ' ' . $GLOBALS['dbi']->getProtoInfo(),
    277. 

  277.         'li_mysql_proto'
    278. 

  278.     );
    279. 

  279.     PMA_printListItem(
    280. 

  280.         __('User:') . ' ' . htmlspecialchars($mysql_cur_user_and_host),
    281. 

  281.         'li_user_info'
    282. 

  282.     );
    283. 

  283. 

  284.     echo '    <li id="li_select_mysql_charset">';
    285. 

  285.     echo '        ' . __('Server charset:') . ' '
    286. 

  286.        . '        <span lang="en" dir="ltr">';
    287. 

  287.     if (! PMA_DRIZZLE) {
    288. 

  288.         echo '           '
    289. 

  289.             . $mysql_charsets_descriptions[$mysql_charset_map['utf-8']];
    290. 

  290.     }
    291. 

  291.     echo '           (' . $mysql_charset_map['utf-8'] . ')'
    292. 

  292.        . '        </span>'
    293. 

  293.        . '    </li>'
    294. 

  294.        . '  </ul>'
    295. 

  295.        . ' </div>';
    296. 

  296. }
    297. 

  297. 

  298. if ($GLOBALS['cfg']['ShowServerInfo'] || $GLOBALS['cfg']['ShowPhpInfo']) {
    299. 

  299.     echo '<div class="group">';
    300. 

  300.     echo '<h2>' . __('Web server') . '</h2>';
    301. 

  301.     echo '<ul>';
    302. 

  302.     if ($GLOBALS['cfg']['ShowServerInfo']) {
    303. 

  303.         PMA_printListItem($_SERVER['SERVER_SOFTWARE'], 'li_web_server_software');
    304. 

  304. 

  305.         if ($server > 0) {
    306. 

  306.             $client_version_str = $GLOBALS['dbi']->getClientInfo();
    307. 

  307.             if (preg_match('#\d+\.\d+\.\d+#', $client_version_str)) {
    308. 

  308.                 $client_version_str = 'libmysql - ' . $client_version_str;
    309. 

  309.             }
    310. 

  310.             PMA_printListItem(
    311. 

  311.                 __('Database client version:') . ' ' . $client_version_str,
    312. 

  312.                 'li_mysql_client_version'
    313. 

  313.             );
    314. 

  314. 

  315.             $php_ext_string = __('PHP extension:') . ' ';
    316. 

  316.             if (PMA_DatabaseInterface::checkDbExtension('mysqli')) {
    317. 

  317.                 $extension = 'mysqli';
    318. 

  318.             } else {
    319. 

  319.                 $extension = 'mysql';
    320. 

  320.             }
    321. 

  321.             $php_ext_string  .= $extension . ' '
    322. 

  322.                 . PMA_Util::showPHPDocu('book.' . $extension . '.php');
    323. 

  323. 

  324.             PMA_printListItem(
    325. 

  325.                 $php_ext_string,
    326. 

  326.                 'li_used_php_extension'
    327. 

  327.             );
    328. 

  328.         }
    329. 

  329.     }
    330. 

  330. 

  331.     if ($cfg['ShowPhpInfo']) {
    332. 

  332.         PMA_printListItem(
    333. 

  333.             __('Show PHP information'),
    334. 

  334.             'li_phpinfo',
    335. 

  335.             'phpinfo.php?' . $common_url_query,
    336. 

  336.             null,
    337. 

  337.             '_blank'
    338. 

  338.         );
    339. 

  339.     }
    340. 

  340.     echo '  </ul>';
    341. 

  341.     echo ' </div>';
    342. 

  342. }
    343. 

  343. 

  344. echo '<div class="group pmagroup">';
    345. 

  345. echo '<h2>phpMyAdmin</h2>';
    346. 

  346. echo '<ul>';
    347. 

  347. $class = null;
    348. 

  348. // We rely on CSP to allow access to http://www.phpmyadmin.net, but IE lacks
    349. 

  349. // support here and does not allow request to http once using https.
    350. 

  350. if ($GLOBALS['cfg']['VersionCheck']
    351. 

  351.     && (! $GLOBALS['PMA_Config']->get('is_https') || PMA_USR_BROWSER_AGENT != 'IE')
    352. 

  352. ) {
    353. 

  353.     $class = 'jsversioncheck';
    354. 

  354. }
    355. 

  355. PMA_printListItem(
    356. 

  356.     __('Version information:') . ' ' . PMA_VERSION,
    357. 

  357.     'li_pma_version',
    358. 

  358.     null,
    359. 

  359.     null,
    360. 

  360.     null,
    361. 

  361.     null,
    362. 

  362.     $class
    363. 

  363. );
    364. 

  364. PMA_printListItem(
    365. 

  365.     __('Documentation'),
    366. 

  366.     'li_pma_docs',
    367. 

  367.     PMA_Util::getDocuLink('index'),
    368. 

  368.     null,
    369. 

  369.     '_blank'
    370. 

  370. );
    371. 

  371. PMA_printListItem(
    372. 

  372.     __('Wiki'),
    373. 

  373.     'li_pma_wiki',
    374. 

  374.     PMA_linkURL('http://wiki.phpmyadmin.net/'),
    375. 

  375.     null,
    376. 

  376.     '_blank'
    377. 

  377. );
    378. 

  378. 

  379. // does not work if no target specified, don't know why
    380. 

  380. PMA_printListItem(
    381. 

  381.     __('Official Homepage'),
    382. 

  382.     'li_pma_homepage',
    383. 

  383.     PMA_linkURL('http://www.phpMyAdmin.net/'),
    384. 

  384.     null,
    385. 

  385.     '_blank'
    386. 

  386. );
    387. 

  387. PMA_printListItem(
    388. 

  388.     __('Contribute'),
    389. 

  389.     'li_pma_contribute',
    390. 

  390.     PMA_linkURL('http://www.phpmyadmin.net/home_page/improve.php'),
    391. 

  391.     null,
    392. 

  392.     '_blank'
    393. 

  393. );
    394. 

  394. PMA_printListItem(
    395. 

  395.     __('Get support'),
    396. 

  396.     'li_pma_support',
    397. 

  397.     PMA_linkURL('http://www.phpmyadmin.net/home_page/support.php'),
    398. 

  398.     null,
    399. 

  399.     '_blank'
    400. 

  400. );
    401. 

  401. PMA_printListItem(
    402. 

  402.     __('List of changes'),
    403. 

  403.     'li_pma_changes',
    404. 

  404.     PMA_linkURL('changelog.php'),
    405. 

  405.     null,
    406. 

  406.     '_blank'
    407. 

  407. );
    408. 

  408. echo '    </ul>';
    409. 

  409. echo ' </div>';
    410. 

  410. 

  411. echo '</div>';
    412. 

  412. 

  413. echo '</div>';
    414. 

  414. 

  415. /**
    416. 

  416.  * Warning if using the default MySQL privileged account
    417. 

  417.  */
    418. 

  418. if ($server != 0
    419. 

  419.     && $cfg['Server']['user'] == 'root'
    420. 

  420.     && $cfg['Server']['password'] == ''
    421. 

  421. ) {
    422. 

  422.     trigger_error(
    423. 

  423.         __(
    424. 

  424.             'Your configuration file contains settings (root with no password)'
    425. 

  425.             . ' that correspond to the default MySQL privileged account.'
    426. 

  426.             . ' Your MySQL server is running with this default, is open to'
    427. 

  427.             . ' intrusion, and you really should fix this security hole by'
    428. 

  428.             . ' setting a password for user \'root\'.'
    429. 

  429.         ),
    430. 

  430.         E_USER_WARNING
    431. 

  431.     );
    432. 

  432. }
    433. 

  433. 

  434. /**
    435. 

  435.  * As we try to handle charsets by ourself, mbstring overloads just
    436. 

  436.  * break it, see bug 1063821.
    437. 

  437.  */
    438. 

  438. if (@extension_loaded('mbstring') && @ini_get('mbstring.func_overload') > 1) {
    439. 

  439.     trigger_error(
    440. 

  440.         __(
    441. 

  441.             'You have enabled mbstring.func_overload in your PHP '
    442. 

  442.             . 'configuration. This option is incompatible with phpMyAdmin '
    443. 

  443.             . 'and might cause some data to be corrupted!'
    444. 

  444.         ),
    445. 

  445.         E_USER_WARNING
    446. 

  446.     );
    447. 

  447. }
    448. 

  448. 

  449. /**
    450. 

  450.  * mbstring is used for handling multibyte inside parser, so it is good
    451. 

  451.  * to tell user something might be broken without it, see bug #1063149.
    452. 

  452.  */
    453. 

  453. if (! @extension_loaded('mbstring')) {
    454. 

  454.     trigger_error(
    455. 

  455.         __(
    456. 

  456.             'The mbstring PHP extension was not found and you seem to be using'
    457. 

  457.             . ' a multibyte charset. Without the mbstring extension phpMyAdmin'
    458. 

  458.             . ' is unable to split strings correctly and it may result in'
    459. 

  459.             . ' unexpected results.'
    460. 

  460.         ),
    461. 

  461.         E_USER_WARNING
    462. 

  462.     );
    463. 

  463. }
    464. 

  464. 

  465. /**
    466. 

  466.  * Check whether session.gc_maxlifetime limits session validity.
    467. 

  467.  */
    468. 

  468. $gc_time = (int)@ini_get('session.gc_maxlifetime');
    469. 

  469. if ($gc_time < $GLOBALS['cfg']['LoginCookieValidity'] ) {
    470. 

  470.     trigger_error(
    471. 

  471.         __('Your PHP parameter [a@http://php.net/manual/en/session.configuration.php#ini.session.gc-maxlifetime@_blank]session.gc_maxlifetime[/a] is lower than cookie validity configured in phpMyAdmin, because of this, your login will expire sooner than configured in phpMyAdmin.'),
    472. 

  472.         E_USER_WARNING
    473. 

  473.     );
    474. 

  474. }
    475. 

  475. 

  476. /**
    477. 

  477.  * Check whether LoginCookieValidity is limited by LoginCookieStore.
    478. 

  478.  */
    479. 

  479. if ($GLOBALS['cfg']['LoginCookieStore'] != 0
    480. 

  480.     && $GLOBALS['cfg']['LoginCookieStore'] < $GLOBALS['cfg']['LoginCookieValidity']
    481. 

  481. ) {
    482. 

  482.     trigger_error(
    483. 

  483.         __('Login cookie store is lower than cookie validity configured in phpMyAdmin, because of this, your login will expire sooner than configured in phpMyAdmin.'),
    484. 

  484.         E_USER_WARNING
    485. 

  485.     );
    486. 

  486. }
    487. 

  487. 

  488. /**
    489. 

  489.  * Check if user does not have defined blowfish secret and it is being used.
    490. 

  490.  */
    491. 

  491. if (! empty($_SESSION['auto_blowfish_secret'])
    492. 

  492.     && empty($GLOBALS['cfg']['blowfish_secret'])
    493. 

  493. ) {
    494. 

  494.     trigger_error(
    495. 

  495.         __('The configuration file now needs a secret passphrase (blowfish_secret).'),
    496. 

  496.         E_USER_WARNING
    497. 

  497.     );
    498. 

  498. }
    499. 

  499. 

  500. /**
    501. 

  501.  * Check for existence of config directory which should not exist in
    502. 

  502.  * production environment.
    503. 

  503.  */
    504. 

  504. if (file_exists('config')) {
    505. 

  505.     trigger_error(
    506. 

  506.         __('Directory [code]config[/code], which is used by the setup script, still exists in your phpMyAdmin directory. It is strongly recommended to remove it once phpMyAdmin has been configured. Otherwise the security of your server may be compromised by unauthorized people downloading your configuration.'),
    507. 

  507.         E_USER_WARNING
    508. 

  508.     );
    509. 

  509. }
    510. 

  510. 

  511. if ($server > 0) {
    512. 

  512.     $cfgRelation = PMA_getRelationsParam();
    513. 

  513.     if (! $cfgRelation['allworks']
    514. 

  514.         && $cfg['PmaNoRelation_DisableWarning'] == false
    515. 

  515.     ) {
    516. 

  516.         $msg = PMA_Message::notice(__('The phpMyAdmin configuration storage is not completely configured, some extended features have been deactivated. To find out why click %shere%s.'));
    517. 

  517.         $msg->addParam(
    518. 

  518.             '<a href="' . $cfg['PmaAbsoluteUri'] . 'chk_rel.php?'
    519. 

  519.             . $common_url_query . '">',
    520. 

  520.             false
    521. 

  521.         );
    522. 

  522.         $msg->addParam('</a>', false);
    523. 

  523.         /* Show error if user has configured something, notice elsewhere */
    524. 

  524.         if (!empty($cfg['Servers'][$server]['pmadb'])) {
    525. 

  525.             $msg->isError(true);
    526. 

  526.         }
    527. 

  527.         $msg->display();
    528. 

  528.     } // end if
    529. 

  529. }
    530. 

  530. 

  531. /**
    532. 

  532.  * Warning about different MySQL library and server version
    533. 

  533.  * (a difference on the third digit does not count).
    534. 

  534.  * If someday there is a constant that we can check about mysqlnd,
    535. 

  535.  * we can use it instead of strpos().
    536. 

  536.  * If no default server is set, $GLOBALS['dbi'] is not defined yet.
    537. 

  537.  * Drizzle can speak MySQL protocol, so don't warn about version mismatch for
    538. 

  538.  * Drizzle servers.
    539. 

  539.  */
    540. 

  540. if (isset($GLOBALS['dbi'])
    541. 

  541.     && !PMA_DRIZZLE
    542. 

  542.     && $cfg['ServerLibraryDifference_DisableWarning'] == false
    543. 

  543. ) {
    544. 

  544.     $_client_info = $GLOBALS['dbi']->getClientInfo();
    545. 

  545.     if ($server > 0
    546. 

  546.         && strpos($_client_info, 'mysqlnd') === false
    547. 

  547.         && substr(PMA_MYSQL_CLIENT_API, 0, 3) != substr(PMA_MYSQL_INT_VERSION, 0, 3)
    548. 

  548.     ) {
    549. 

  549.         trigger_error(
    550. 

  550.             PMA_sanitize(
    551. 

  551.                 sprintf(
    552. 

  552.                     __('Your PHP MySQL library version %s differs from your MySQL server version %s. This may cause unpredictable behavior.'),
    553. 

  553.                     $_client_info,
    554. 

  554.                     substr(
    555. 

  555.                         PMA_MYSQL_STR_VERSION,
    556. 

  556.                         0,
    557. 

  557.                         strpos(PMA_MYSQL_STR_VERSION . '-', '-')
    558. 

  558.                     )
    559. 

  559.                 )
    560. 

  560.             ),
    561. 

  561.             E_USER_NOTICE
    562. 

  562.         );
    563. 

  563.     }
    564. 

  564.     unset($_client_info);
    565. 

  565. }
    566. 

  566. 

  567. /**
    568. 

  568.  * Warning about Suhosin only if its simulation mode is not enabled
    569. 

  569.  */
    570. 

  570. if ($cfg['SuhosinDisableWarning'] == false
    571. 

  571.     && @ini_get('suhosin.request.max_value_length')
    572. 

  572.     && @ini_get('suhosin.simulation') == '0'
    573. 

  573. ) {
    574. 

  574.     trigger_error(
    575. 

  575.         sprintf(
    576. 

  576.             __('Server running with Suhosin. Please refer to %sdocumentation%s for possible issues.'),
    577. 

  577.             '[doc@faq1-38]',
    578. 

  578.             '[/doc]'
    579. 

  579.         ),
    580. 

  580.         E_USER_WARNING
    581. 

  581.     );
    582. 

  582. }
    583. 

  583. 

  584. /**
    585. 

  585.  * Warning about mcrypt.
    586. 

  586.  */
    587. 

  587. if (! function_exists('mcrypt_encrypt')
    588. 

  588.     && ! $GLOBALS['cfg']['McryptDisableWarning']
    589. 

  589. ) {
    590. 

  590.     PMA_warnMissingExtension('mcrypt');
    591. 

  591. }
    592. 

  592. 

  593. /**
    594. 

  594.  * Warning about incomplete translations.
    595. 

  595.  *
    596. 

  596.  * The data file is created while creating release by ./scripts/remove-incomplete-mo
    597. 

  597.  */
    598. 

  598. if (file_exists('libraries/language_stats.inc.php')) {
    599. 

  599.     include 'libraries/language_stats.inc.php';
    600. 

  600.     /*
    601. 

  601.      * This message is intentionally not translated, because we're
    602. 

  602.      * handling incomplete translations here and focus on english
    603. 

  603.      * speaking users.
    604. 

  604.      */
    605. 

  605.     if (isset($GLOBALS['language_stats'][$lang])
    606. 

  606.         && $GLOBALS['language_stats'][$lang] < $cfg['TranslationWarningThreshold']
    607. 

  607.     ) {
    608. 

  608.         trigger_error(
    609. 

  609.             'You are using an incomplete translation, please help to make it '
    610. 

  610.             . 'better by [a@http://www.phpmyadmin.net/home_page/improve.php'
    611. 

  611.             . '#translate@_blank]contributing[/a].',
    612. 

  612.             E_USER_NOTICE
    613. 

  613.         );
    614. 

  614.     }
    615. 

  615. }
    616. 

  616. 

  617. /**
    618. 

  618.  * prints list item for main page
    619. 

  619.  *
    620. 

  620.  * @param string $name            displayed text
    621. 

  621.  * @param string $listId          id, used for css styles
    622. 

  622.  * @param string $url             make item as link with $url as target
    623. 

  623.  * @param string $mysql_help_page display a link to MySQL's manual
    624. 

  624.  * @param string $target          special target for $url
    625. 

  625.  * @param string $a_id            id for the anchor,
    626. 

  626.  *                                used for jQuery to hook in functions
    627. 

  627.  * @param string $class           class for the li element
    628. 

  628.  * @param string $a_class         class for the anchor element
    629. 

  629.  *
    630. 

  630.  * @return void
    631. 

  631.  */
    632. 

  632. function PMA_printListItem($name, $listId = null, $url = null,
    633. 

  633.     $mysql_help_page = null, $target = null, $a_id = null, $class = null,
    634. 

  634.     $a_class = null
    635. 

  635. ) {
    636. 

  636.     echo '<li id="' . $listId . '"';
    637. 

  637.     if (null !== $class) {
    638. 

  638.         echo ' class="' . $class . '"';
    639. 

  639.     }
    640. 

  640.     echo '>';
    641. 

  641.     if (null !== $url) {
    642. 

  642.         echo '<a href="' . $url . '"';
    643. 

  643.         if (null !== $target) {
    644. 

  644.             echo ' target="' . $target . '"';
    645. 

  645.         }
    646. 

  646.         if (null != $a_id) {
    647. 

  647.             echo ' id="' . $a_id . '"';
    648. 

  648.         }
    649. 

  649.         if (null != $a_class) {
    650. 

  650.             echo ' class="' . $a_class . '"';
    651. 

  651.         }
    652. 

  652.         echo '>';
    653. 

  653.     }
    654. 

  654. 

  655.     echo $name;
    656. 

  656. 

  657.     if (null !== $url) {
    658. 

  658.         echo '</a>' . "\n";
    659. 

  659.     }
    660. 

  660.     if (null !== $mysql_help_page) {
    661. 

  661.         echo PMA_Util::showMySQLDocu($mysql_help_page);
    662. 

  662.     }
    663. 

  663.     echo '</li>';
    664. 

  664. }
    665. 

  665. ?>
    666. 

  666.