2007-07-02 05:51:26 +00:00
|
|
|
<?php
|
2009-06-08 19:02:30 +00:00
|
|
|
/** Adminer - Compact MySQL management
|
|
|
|
* @link http://www.adminer.org/
|
2009-05-31 13:03:45 +00:00
|
|
|
* @author Jakub Vrana, http://php.vrana.cz/
|
2007-08-06 09:27:41 +00:00
|
|
|
* @copyright 2007 Jakub Vrana
|
|
|
|
* @license http://www.apache.org/licenses/LICENSE-2.0 Apache License, Version 2.0
|
|
|
|
*/
|
2007-07-05 10:34:19 +00:00
|
|
|
|
2009-06-30 11:11:56 +00:00
|
|
|
error_reporting(4343); // errors and warnings
|
2009-06-26 20:43:41 +00:00
|
|
|
|
2009-06-26 20:46:26 +00:00
|
|
|
// disable filter.default
|
|
|
|
$filter = (!ereg('^(unsafe_row)?$', ini_get("filter.default")) || ini_get("filter.default_flags"));
|
|
|
|
if ($filter) {
|
|
|
|
$_GET = ($_GET ? filter_input_array(INPUT_GET, FILTER_UNSAFE_RAW) : array());
|
|
|
|
$_POST = ($_POST ? filter_input_array(INPUT_POST, FILTER_UNSAFE_RAW) : array());
|
|
|
|
$_COOKIE = ($_COOKIE ? filter_input_array(INPUT_COOKIE, FILTER_UNSAFE_RAW) : array());
|
|
|
|
$_SERVER = ($_SERVER ? filter_input_array(INPUT_SERVER, FILTER_UNSAFE_RAW) : array());
|
|
|
|
}
|
|
|
|
|
2009-06-26 20:43:41 +00:00
|
|
|
// used only in compiled file
|
|
|
|
if (isset($_GET["file"])) {
|
|
|
|
header("Expires: " . gmdate("D, d M Y H:i:s", time() + 365*24*60*60) . " GMT");
|
|
|
|
if ($_GET["file"] == "favicon.ico") {
|
|
|
|
header("Content-Type: image/x-icon");
|
|
|
|
echo base64_decode("compile_file('favicon.ico', 'base64_encode')");
|
|
|
|
} elseif ($_GET["file"] == "default.css") {
|
|
|
|
header("Content-Type: text/css");
|
|
|
|
?>compile_file('default.css', 'minify_css')<?php
|
|
|
|
} elseif ($_GET["file"] == "functions.js") {
|
|
|
|
header("Content-Type: text/javascript");
|
|
|
|
?>compile_file('functions.js', 'JSMin::minify')<?php
|
|
|
|
} else {
|
|
|
|
header("Content-Type: image/gif");
|
|
|
|
switch ($_GET["file"]) {
|
|
|
|
case "plus.gif": echo base64_decode("compile_file('plus.gif', 'base64_encode')"); break;
|
|
|
|
case "cross.gif": echo base64_decode("compile_file('cross.gif', 'base64_encode')"); break;
|
|
|
|
case "up.gif": echo base64_decode("compile_file('up.gif', 'base64_encode')"); break;
|
|
|
|
case "down.gif": echo base64_decode("compile_file('down.gif', 'base64_encode')"); break;
|
|
|
|
case "arrow.gif": echo base64_decode("compile_file('arrow.gif', 'base64_encode')"); break;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
exit;
|
|
|
|
}
|
|
|
|
|
2008-05-22 10:46:31 +00:00
|
|
|
if (!ini_get("session.auto_start")) {
|
2009-06-21 23:20:32 +00:00
|
|
|
// use specific session name to get own namespace
|
2009-06-08 19:02:30 +00:00
|
|
|
session_name("adminer_sid");
|
2009-06-22 10:49:50 +00:00
|
|
|
session_set_cookie_params(0, preg_replace('~\\?.*~', '', $_SERVER["REQUEST_URI"])); //! use HttpOnly in PHP 5
|
2008-05-22 10:46:31 +00:00
|
|
|
session_start();
|
|
|
|
}
|
2009-06-26 20:46:26 +00:00
|
|
|
|
2008-10-02 16:42:55 +00:00
|
|
|
if (isset($_SESSION["coverage"])) {
|
2009-06-21 23:20:32 +00:00
|
|
|
// coverage is used in tests and removed in compilation
|
2008-10-02 16:42:55 +00:00
|
|
|
function save_coverage() {
|
|
|
|
foreach (xdebug_get_code_coverage() as $filename => $lines) {
|
|
|
|
foreach ($lines as $l => $val) {
|
|
|
|
if (!$_SESSION["coverage"][$filename][$l] || $val > 0) {
|
|
|
|
$_SESSION["coverage"][$filename][$l] = $val;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
xdebug_start_code_coverage(XDEBUG_CC_UNUSED | XDEBUG_CC_DEAD_CODE);
|
|
|
|
register_shutdown_function('save_coverage');
|
|
|
|
}
|
2009-06-26 20:46:26 +00:00
|
|
|
|
2009-06-21 23:20:32 +00:00
|
|
|
// disable magic quotes to be able to use database escaping function
|
2008-08-16 09:27:51 +00:00
|
|
|
if (get_magic_quotes_gpc()) {
|
2009-06-18 04:27:13 +00:00
|
|
|
$process = array(&$_GET, &$_POST, &$_COOKIE);
|
2008-08-16 09:27:51 +00:00
|
|
|
while (list($key, $val) = each($process)) {
|
|
|
|
foreach ($val as $k => $v) {
|
|
|
|
unset($process[$key][$k]);
|
|
|
|
if (is_array($v)) {
|
|
|
|
$process[$key][stripslashes($k)] = $v;
|
|
|
|
$process[] = &$process[$key][stripslashes($k)];
|
|
|
|
} else {
|
2009-06-26 20:46:26 +00:00
|
|
|
$process[$key][stripslashes($k)] = ($filter ? $v : stripslashes($v));
|
2008-08-16 09:27:51 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
unset($process);
|
|
|
|
}
|
2009-03-31 15:01:40 +00:00
|
|
|
set_magic_quotes_runtime(false);
|
2007-07-02 20:21:30 +00:00
|
|
|
$SELF = preg_replace('~^[^?]*/([^?]*).*~', '\\1?', $_SERVER["REQUEST_URI"]) . (strlen($_GET["server"]) ? 'server=' . urlencode($_GET["server"]) . '&' : '') . (strlen($_GET["db"]) ? 'db=' . urlencode($_GET["db"]) . '&' : '');
|
2008-08-16 09:27:51 +00:00
|
|
|
|
2009-05-29 20:19:13 +00:00
|
|
|
include "./include/version.inc.php";
|
|
|
|
include "./include/functions.inc.php";
|
|
|
|
include "./include/lang.inc.php";
|
2007-07-26 16:47:28 +00:00
|
|
|
include "./lang/$LANG.inc.php";
|
2009-06-03 09:17:20 +00:00
|
|
|
include "./include/design.inc.php";
|
2009-06-24 10:02:12 +00:00
|
|
|
if (isset($_GET["coverage"])) {
|
|
|
|
include "./coverage.inc.php";
|
|
|
|
}
|
2009-05-29 20:19:13 +00:00
|
|
|
include "./include/pdo.inc.php";
|
|
|
|
include "./include/mysql.inc.php";
|
|
|
|
include "./include/auth.inc.php";
|
|
|
|
include "./include/connect.inc.php";
|
|
|
|
include "./include/editing.inc.php";
|
|
|
|
include "./include/export.inc.php";
|
2007-07-02 05:51:26 +00:00
|
|
|
|
2009-06-18 04:27:02 +00:00
|
|
|
$on_actions = array("RESTRICT", "CASCADE", "SET NULL", "NO ACTION");
|
|
|
|
$enum_length = '\'(?:\'\'|[^\'\\\\]+|\\\\.)*\'|"(?:""|[^"\\\\]+|\\\\.)*"';
|
|
|
|
$inout = array("IN", "OUT", "INOUT");
|
|
|
|
$confirm = " onclick=\"return confirm('" . lang('Are you sure?') . "');\"";
|
|
|
|
$error = "";
|
|
|
|
|
2008-06-20 14:13:37 +00:00
|
|
|
if (isset($_GET["download"])) {
|
2007-07-09 06:12:22 +00:00
|
|
|
include "./download.inc.php";
|
2009-06-18 04:27:02 +00:00
|
|
|
} elseif (isset($_GET["table"])) {
|
|
|
|
include "./table.inc.php";
|
|
|
|
} elseif (isset($_GET["view"])) {
|
|
|
|
include "./view.inc.php";
|
|
|
|
} elseif (isset($_GET["schema"])) {
|
|
|
|
include "./schema.inc.php";
|
|
|
|
} elseif (isset($_GET["dump"])) {
|
|
|
|
include "./dump.inc.php";
|
|
|
|
} elseif (isset($_GET["privileges"])) {
|
|
|
|
include "./privileges.inc.php";
|
|
|
|
} else { // uses CSRF token
|
|
|
|
$token = $_SESSION["tokens"][$_GET["server"]];
|
|
|
|
if ($_POST) {
|
|
|
|
if ($_POST["token"] != $token) {
|
|
|
|
$error = lang('Invalid CSRF token. Send the form again.');
|
2007-07-02 05:51:26 +00:00
|
|
|
}
|
2009-06-18 04:27:02 +00:00
|
|
|
} elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
|
2009-06-21 23:20:32 +00:00
|
|
|
// posted form with no data means exceeded post_max_size because Adminer always sends token at least
|
2009-06-18 04:27:02 +00:00
|
|
|
$error = lang('Too big POST data. Reduce the data or increase the "post_max_size" configuration directive.');
|
|
|
|
}
|
|
|
|
if (isset($_GET["default"])) {
|
2009-06-21 23:20:32 +00:00
|
|
|
// edit form is used for default values and distinguished by checking isset($_GET["default"]) in edit.inc.php
|
2009-06-18 04:27:02 +00:00
|
|
|
$_GET["edit"] = $_GET["default"];
|
|
|
|
}
|
|
|
|
if (isset($_GET["select"]) && $_POST && (!$_POST["delete"] && !$_POST["export"] && !$_POST["import"] && !$_POST["save"])) {
|
2009-06-21 23:20:32 +00:00
|
|
|
// POST form on select page is used to edit or clone data
|
2009-06-18 04:27:02 +00:00
|
|
|
$_GET["edit"] = $_GET["select"];
|
|
|
|
}
|
|
|
|
if (isset($_GET["callf"])) {
|
|
|
|
$_GET["call"] = $_GET["callf"];
|
|
|
|
}
|
|
|
|
if (isset($_GET["function"])) {
|
|
|
|
$_GET["procedure"] = $_GET["function"];
|
|
|
|
}
|
|
|
|
if (isset($_GET["sql"])) {
|
|
|
|
include "./sql.inc.php";
|
|
|
|
} elseif (isset($_GET["edit"])) {
|
|
|
|
include "./edit.inc.php";
|
|
|
|
} elseif (isset($_GET["create"])) {
|
|
|
|
include "./create.inc.php";
|
|
|
|
} elseif (isset($_GET["indexes"])) {
|
|
|
|
include "./indexes.inc.php";
|
|
|
|
} elseif (isset($_GET["database"])) {
|
|
|
|
include "./database.inc.php";
|
|
|
|
} elseif (isset($_GET["call"])) {
|
|
|
|
include "./call.inc.php";
|
|
|
|
} elseif (isset($_GET["foreign"])) {
|
|
|
|
include "./foreign.inc.php";
|
|
|
|
} elseif (isset($_GET["createv"])) {
|
|
|
|
include "./createv.inc.php";
|
|
|
|
} elseif (isset($_GET["event"])) {
|
|
|
|
include "./event.inc.php";
|
|
|
|
} elseif (isset($_GET["procedure"])) {
|
|
|
|
include "./procedure.inc.php";
|
|
|
|
} elseif (isset($_GET["trigger"])) {
|
|
|
|
include "./trigger.inc.php";
|
|
|
|
} elseif (isset($_GET["user"])) {
|
|
|
|
include "./user.inc.php";
|
|
|
|
} elseif (isset($_GET["processlist"])) {
|
|
|
|
include "./processlist.inc.php";
|
|
|
|
} elseif (isset($_GET["select"])) {
|
|
|
|
include "./select.inc.php";
|
|
|
|
} elseif (isset($_GET["variables"])) {
|
|
|
|
include "./variables.inc.php";
|
|
|
|
} else {
|
|
|
|
include "./db.inc.php";
|
2007-07-02 05:51:26 +00:00
|
|
|
}
|
|
|
|
}
|
2009-06-26 20:46:26 +00:00
|
|
|
|
2009-06-21 23:20:32 +00:00
|
|
|
// each page calls its own page_header(), if the footer should not be called then the page exits
|
2009-06-18 04:27:02 +00:00
|
|
|
page_footer();
|