Rename variables to avoid conflict with Adminer 2 sessions and enabled register_globals
This commit is contained in:
parent
d69e8c4b08
commit
49565e0563
|
@ -10,11 +10,11 @@ if ($_POST && !$error && !isset($_POST["add_x"])) { // add is an image and PHP c
|
||||||
$_GET["db"] = $_POST["name"];
|
$_GET["db"] = $_POST["name"];
|
||||||
queries_redirect(preg_replace('~db=[^&]*&~', '', ME) . "db=" . urlencode($_POST["name"]), lang('Database has been renamed.'), rename_database($_POST["name"], $_POST["collation"]));
|
queries_redirect(preg_replace('~db=[^&]*&~', '', ME) . "db=" . urlencode($_POST["name"]), lang('Database has been renamed.'), rename_database($_POST["name"], $_POST["collation"]));
|
||||||
} else {
|
} else {
|
||||||
$dbs = explode("\n", str_replace("\r", "", $_POST["name"]));
|
$databases = explode("\n", str_replace("\r", "", $_POST["name"]));
|
||||||
$success = true;
|
$success = true;
|
||||||
$last = "";
|
$last = "";
|
||||||
foreach ($dbs as $db) {
|
foreach ($databases as $db) {
|
||||||
if (count($dbs) == 1 || $db != "") { // ignore empty lines but always try to create single database
|
if (count($databases) == 1 || $db != "") { // ignore empty lines but always try to create single database
|
||||||
if (!create_database($db, $_POST["collation"])) {
|
if (!create_database($db, $_POST["collation"])) {
|
||||||
$success = false;
|
$success = false;
|
||||||
}
|
}
|
||||||
|
|
|
@ -76,10 +76,10 @@ if ($_GET["ns"] !== "") {
|
||||||
echo "</table>\n";
|
echo "</table>\n";
|
||||||
if (!information_schema(DB)) {
|
if (!information_schema(DB)) {
|
||||||
echo "<p><input type='hidden' name='token' value='$token'>" . ($jush == "sql" ? "<input type='submit' value='" . lang('Analyze') . "'> <input type='submit' name='optimize' value='" . lang('Optimize') . "'> <input type='submit' name='check' value='" . lang('Check') . "'> <input type='submit' name='repair' value='" . lang('Repair') . "'> " : "") . "<input type='submit' name='truncate' value='" . lang('Truncate') . "' onclick=\"return confirm('" . lang('Are you sure?') . " (' + formChecked(this, /tables/) + ')');\"> <input type='submit' name='drop' value='" . lang('Drop') . "' onclick=\"return confirm('" . lang('Are you sure?') . " (' + formChecked(this, /tables|views/) + ')');\">\n";
|
echo "<p><input type='hidden' name='token' value='$token'>" . ($jush == "sql" ? "<input type='submit' value='" . lang('Analyze') . "'> <input type='submit' name='optimize' value='" . lang('Optimize') . "'> <input type='submit' name='check' value='" . lang('Check') . "'> <input type='submit' name='repair' value='" . lang('Repair') . "'> " : "") . "<input type='submit' name='truncate' value='" . lang('Truncate') . "' onclick=\"return confirm('" . lang('Are you sure?') . " (' + formChecked(this, /tables/) + ')');\"> <input type='submit' name='drop' value='" . lang('Drop') . "' onclick=\"return confirm('" . lang('Are you sure?') . " (' + formChecked(this, /tables|views/) + ')');\">\n";
|
||||||
$dbs = (support("scheme") ? schemas() : get_databases());
|
$databases = (support("scheme") ? schemas() : get_databases());
|
||||||
if (count($dbs) != 1 && $jush != "sqlite") {
|
if (count($databases) != 1 && $jush != "sqlite") {
|
||||||
$db = (isset($_POST["target"]) ? $_POST["target"] : (support("scheme") ? $_GET["ns"] : DB));
|
$db = (isset($_POST["target"]) ? $_POST["target"] : (support("scheme") ? $_GET["ns"] : DB));
|
||||||
echo "<p>" . lang('Move to other database') . ($dbs ? ": " . html_select("target", $dbs, $db) : ': <input name="target" value="' . h($db) . '">') . " <input type='submit' name='move' value='" . lang('Move') . "'>\n";
|
echo "<p>" . lang('Move to other database') . ($databases ? ": " . html_select("target", $databases, $db) : ': <input name="target" value="' . h($db) . '">') . " <input type='submit' name='move' value='" . lang('Move') . "'>\n";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
echo "</form>\n";
|
echo "</form>\n";
|
||||||
|
|
|
@ -266,7 +266,7 @@ if (!defined("DRIVER")) {
|
||||||
*/
|
*/
|
||||||
function get_databases($flush = true) {
|
function get_databases($flush = true) {
|
||||||
// SHOW DATABASES can take a very long time so it is cached
|
// SHOW DATABASES can take a very long time so it is cached
|
||||||
$return = &get_session("databases");
|
$return = &get_session("dbs");
|
||||||
if (!isset($return)) {
|
if (!isset($return)) {
|
||||||
if ($flush) {
|
if ($flush) {
|
||||||
restart_session();
|
restart_session();
|
||||||
|
@ -523,7 +523,7 @@ if (!defined("DRIVER")) {
|
||||||
* @return string
|
* @return string
|
||||||
*/
|
*/
|
||||||
function create_database($db, $collation) {
|
function create_database($db, $collation) {
|
||||||
set_session("databases", null);
|
set_session("dbs", null);
|
||||||
return queries("CREATE DATABASE " . idf_escape($db) . ($collation ? " COLLATE " . q($collation) : ""));
|
return queries("CREATE DATABASE " . idf_escape($db) . ($collation ? " COLLATE " . q($collation) : ""));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -532,7 +532,7 @@ if (!defined("DRIVER")) {
|
||||||
* @return bool
|
* @return bool
|
||||||
*/
|
*/
|
||||||
function drop_databases($databases) {
|
function drop_databases($databases) {
|
||||||
set_session("databases", null);
|
set_session("dbs", null);
|
||||||
return apply_queries("DROP DATABASE", $databases, 'idf_escape');
|
return apply_queries("DROP DATABASE", $databases, 'idf_escape');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -14,7 +14,7 @@ class Adminer {
|
||||||
* @return array ($server, $username, $password)
|
* @return array ($server, $username, $password)
|
||||||
*/
|
*/
|
||||||
function credentials() {
|
function credentials() {
|
||||||
return array(SERVER, $_GET["username"], get_session("passwords"));
|
return array(SERVER, $_GET["username"], get_session("pwds"));
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Get key used for permanent login
|
/** Get key used for permanent login
|
||||||
|
@ -386,7 +386,7 @@ document.getElementById('username').focus();
|
||||||
global $jush;
|
global $jush;
|
||||||
restart_session();
|
restart_session();
|
||||||
$id = "sql-" . count($_SESSION["messages"]);
|
$id = "sql-" . count($_SESSION["messages"]);
|
||||||
$history = &get_session("history");
|
$history = &get_session("queries");
|
||||||
$history[$_GET["db"]][] = (strlen($query) > 1e6 // not DB - reset in drop database
|
$history[$_GET["db"]][] = (strlen($query) > 1e6 // not DB - reset in drop database
|
||||||
? ereg_replace('[\x80-\xFF]+$', '', substr($query, 0, 1e6)) . "\n..." // [\x80-\xFF] - valid UTF-8, \n - can end by one-line comment
|
? ereg_replace('[\x80-\xFF]+$', '', substr($query, 0, 1e6)) . "\n..." // [\x80-\xFF] - valid UTF-8, \n - can end by one-line comment
|
||||||
: $query
|
: $query
|
||||||
|
@ -498,7 +498,7 @@ document.getElementById('username').focus();
|
||||||
<?php
|
<?php
|
||||||
if ($missing == "auth") {
|
if ($missing == "auth") {
|
||||||
$first = true;
|
$first = true;
|
||||||
foreach ((array) $_SESSION["passwords"] as $driver => $servers) {
|
foreach ((array) $_SESSION["pwds"] as $driver => $servers) {
|
||||||
foreach ($servers as $server => $usernames) {
|
foreach ($servers as $server => $usernames) {
|
||||||
foreach ($usernames as $username => $password) {
|
foreach ($usernames as $username => $password) {
|
||||||
if (isset($password)) {
|
if (isset($password)) {
|
||||||
|
|
|
@ -22,7 +22,7 @@ if ($_COOKIE["adminer_permanent"]) {
|
||||||
|
|
||||||
if (isset($_POST["server"])) {
|
if (isset($_POST["server"])) {
|
||||||
session_regenerate_id(); // defense against session fixation
|
session_regenerate_id(); // defense against session fixation
|
||||||
$_SESSION["passwords"][$_POST["driver"]][$_POST["server"]][$_POST["username"]] = $_POST["password"];
|
$_SESSION["pwds"][$_POST["driver"]][$_POST["server"]][$_POST["username"]] = $_POST["password"];
|
||||||
if ($_POST["permanent"]) {
|
if ($_POST["permanent"]) {
|
||||||
$key = base64_encode($_POST["driver"]) . "-" . base64_encode($_POST["server"]) . "-" . base64_encode($_POST["username"]);
|
$key = base64_encode($_POST["driver"]) . "-" . base64_encode($_POST["server"]) . "-" . base64_encode($_POST["username"]);
|
||||||
$private = $adminer->permanentLogin();
|
$private = $adminer->permanentLogin();
|
||||||
|
@ -42,7 +42,7 @@ if (isset($_POST["server"])) {
|
||||||
page_footer("db");
|
page_footer("db");
|
||||||
exit;
|
exit;
|
||||||
} else {
|
} else {
|
||||||
foreach (array("passwords", "databases", "history") as $key) {
|
foreach (array("pwds", "dbs", "queries") as $key) {
|
||||||
set_session($key, null);
|
set_session($key, null);
|
||||||
}
|
}
|
||||||
$key = base64_encode(DRIVER) . "-" . base64_encode(SERVER) . "-" . base64_encode($_GET["username"]);
|
$key = base64_encode(DRIVER) . "-" . base64_encode(SERVER) . "-" . base64_encode($_GET["username"]);
|
||||||
|
@ -52,13 +52,13 @@ if (isset($_POST["server"])) {
|
||||||
}
|
}
|
||||||
redirect(substr(preg_replace('~(username|db|ns)=[^&]*&~', '', ME), 0, -1), lang('Logout successful.'));
|
redirect(substr(preg_replace('~(username|db|ns)=[^&]*&~', '', ME), 0, -1), lang('Logout successful.'));
|
||||||
}
|
}
|
||||||
} elseif ($permanent && !$_SESSION["passwords"]) {
|
} elseif ($permanent && !$_SESSION["pwds"]) {
|
||||||
session_regenerate_id();
|
session_regenerate_id();
|
||||||
$private = $adminer->permanentLogin(); // try to decode even if not set
|
$private = $adminer->permanentLogin(); // try to decode even if not set
|
||||||
foreach ($permanent as $key => $val) {
|
foreach ($permanent as $key => $val) {
|
||||||
list(, $cipher) = explode(":", $val);
|
list(, $cipher) = explode(":", $val);
|
||||||
list($driver, $server, $username) = array_map('base64_decode', explode("-", $key));
|
list($driver, $server, $username) = array_map('base64_decode', explode("-", $key));
|
||||||
$_SESSION["passwords"][$driver][$server][$username] = decrypt_string(base64_decode($cipher), $private);
|
$_SESSION["pwds"][$driver][$server][$username] = decrypt_string(base64_decode($cipher), $private);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -72,7 +72,7 @@ function auth_error($exception = null) {
|
||||||
if (($_COOKIE[$session_name] || $_GET[$session_name]) && !$token) {
|
if (($_COOKIE[$session_name] || $_GET[$session_name]) && !$token) {
|
||||||
$error = lang('Session expired, please login again.');
|
$error = lang('Session expired, please login again.');
|
||||||
} else {
|
} else {
|
||||||
$password = &get_session("passwords");
|
$password = &get_session("pwds");
|
||||||
if (isset($password)) {
|
if (isset($password)) {
|
||||||
$error = h($exception ? $exception->getMessage() : (is_string($connection) ? $connection : lang('Invalid credentials.')));
|
$error = h($exception ? $exception->getMessage() : (is_string($connection) ? $connection : lang('Invalid credentials.')));
|
||||||
$password = null;
|
$password = null;
|
||||||
|
@ -92,7 +92,7 @@ function auth_error($exception = null) {
|
||||||
if (isset($_GET["username"]) && class_exists("Min_DB")) { // doesn't exists with passing wrong driver
|
if (isset($_GET["username"]) && class_exists("Min_DB")) { // doesn't exists with passing wrong driver
|
||||||
$connection = connect();
|
$connection = connect();
|
||||||
}
|
}
|
||||||
if (is_string($connection) || !$adminer->login($_GET["username"], get_session("passwords"))) {
|
if (is_string($connection) || !$adminer->login($_GET["username"], get_session("pwds"))) {
|
||||||
auth_error();
|
auth_error();
|
||||||
exit;
|
exit;
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,7 +6,7 @@ function connect_error() {
|
||||||
page_header(lang('Database') . ": " . h(DB), lang('Invalid database.'), true);
|
page_header(lang('Database') . ": " . h(DB), lang('Invalid database.'), true);
|
||||||
} else {
|
} else {
|
||||||
if ($_POST["db"] && !$error) {
|
if ($_POST["db"] && !$error) {
|
||||||
set_session("databases", null);
|
set_session("dbs", null);
|
||||||
queries_redirect(substr(ME, 0, -1), lang('Databases have been dropped.'), drop_databases($_POST["db"]));
|
queries_redirect(substr(ME, 0, -1), lang('Databases have been dropped.'), drop_databases($_POST["db"]));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -56,7 +56,7 @@ if (isset($_GET["status"])) {
|
||||||
}
|
}
|
||||||
if (!(DB != "" ? $connection->select_db(DB) : isset($_GET["sql"]) || isset($_GET["dump"]) || isset($_GET["database"]) || isset($_GET["processlist"]) || isset($_GET["privileges"]) || isset($_GET["user"]) || isset($_GET["variables"]))) {
|
if (!(DB != "" ? $connection->select_db(DB) : isset($_GET["sql"]) || isset($_GET["dump"]) || isset($_GET["database"]) || isset($_GET["processlist"]) || isset($_GET["privileges"]) || isset($_GET["user"]) || isset($_GET["variables"]))) {
|
||||||
if (DB != "") {
|
if (DB != "") {
|
||||||
set_session("databases", null);
|
set_session("dbs", null);
|
||||||
}
|
}
|
||||||
connect_error(); // separate function to catch SQLite error
|
connect_error(); // separate function to catch SQLite error
|
||||||
exit;
|
exit;
|
||||||
|
|
|
@ -63,7 +63,7 @@ function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") {
|
||||||
echo "<div class='message'>" . implode("</div>\n<div class='message'>", $_SESSION["messages"]) . "</div>\n";
|
echo "<div class='message'>" . implode("</div>\n<div class='message'>", $_SESSION["messages"]) . "</div>\n";
|
||||||
$_SESSION["messages"] = array();
|
$_SESSION["messages"] = array();
|
||||||
}
|
}
|
||||||
$databases = &get_session("databases");
|
$databases = &get_session("dbs");
|
||||||
if (DB != "" && $databases && !in_array(DB, $databases, true)) {
|
if (DB != "" && $databases && !in_array(DB, $databases, true)) {
|
||||||
$databases = null;
|
$databases = null;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
<?php
|
<?php
|
||||||
restart_session();
|
restart_session();
|
||||||
$history_all = &get_session("history");
|
$history_all = &get_session("queries");
|
||||||
$history = &$history_all[DB];
|
$history = &$history_all[DB];
|
||||||
if (!$error && $_POST["clear"]) {
|
if (!$error && $_POST["clear"]) {
|
||||||
$history = array();
|
$history = array();
|
||||||
|
@ -39,7 +39,7 @@ if (!$error && $_POST) {
|
||||||
if (is_object($connection2) && DB != "") {
|
if (is_object($connection2) && DB != "") {
|
||||||
$connection2->select_db(DB);
|
$connection2->select_db(DB);
|
||||||
}
|
}
|
||||||
$queries = 0;
|
$commands = 0;
|
||||||
$errors = "";
|
$errors = "";
|
||||||
while ($query != "") {
|
while ($query != "") {
|
||||||
if (!$offset && preg_match('~^\\s*DELIMITER\\s+(.+)~i', $query, $match)) {
|
if (!$offset && preg_match('~^\\s*DELIMITER\\s+(.+)~i', $query, $match)) {
|
||||||
|
@ -58,15 +58,15 @@ if (!$error && $_POST) {
|
||||||
if (!$found || $found == $delimiter) { // end of a query
|
if (!$found || $found == $delimiter) { // end of a query
|
||||||
$empty = false;
|
$empty = false;
|
||||||
$q = substr($query, 0, $match[0][1]);
|
$q = substr($query, 0, $match[0][1]);
|
||||||
$queries++;
|
$commands++;
|
||||||
echo "<pre class='jush-$jush' id='sql-$queries'>" . shorten_utf8(trim($q), 1000) . "</pre>\n";
|
echo "<pre class='jush-$jush' id='sql-$commands'>" . shorten_utf8(trim($q), 1000) . "</pre>\n";
|
||||||
ob_flush();
|
ob_flush();
|
||||||
flush(); // can take a long time - show the running query
|
flush(); // can take a long time - show the running query
|
||||||
$start = explode(" ", microtime()); // microtime(true) is available since PHP 5
|
$start = explode(" ", microtime()); // microtime(true) is available since PHP 5
|
||||||
//! don't allow changing of character_set_results, convert encoding of displayed query
|
//! don't allow changing of character_set_results, convert encoding of displayed query
|
||||||
if (!$connection->multi_query($q)) {
|
if (!$connection->multi_query($q)) {
|
||||||
echo "<p class='error'>" . lang('Error in query') . ": " . error() . "\n";
|
echo "<p class='error'>" . lang('Error in query') . ": " . error() . "\n";
|
||||||
$errors .= " <a href='#sql-$queries'>$queries</a>";
|
$errors .= " <a href='#sql-$commands'>$commands</a>";
|
||||||
if ($_POST["error_stops"]) {
|
if ($_POST["error_stops"]) {
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
@ -82,7 +82,7 @@ if (!$error && $_POST) {
|
||||||
select($result, $connection2);
|
select($result, $connection2);
|
||||||
echo "<p>" . ($result->num_rows ? lang('%d row(s)', $result->num_rows) : "") . $time;
|
echo "<p>" . ($result->num_rows ? lang('%d row(s)', $result->num_rows) : "") . $time;
|
||||||
if ($connection2 && preg_match("~^($space|\\()*SELECT\\b~isU", $q)) {
|
if ($connection2 && preg_match("~^($space|\\()*SELECT\\b~isU", $q)) {
|
||||||
$id = "explain-$queries";
|
$id = "explain-$commands";
|
||||||
echo ", <a href='#$id' onclick=\"return !toggle('$id');\">EXPLAIN</a>\n";
|
echo ", <a href='#$id' onclick=\"return !toggle('$id');\">EXPLAIN</a>\n";
|
||||||
echo "<div id='$id' class='hidden'>\n";
|
echo "<div id='$id' class='hidden'>\n";
|
||||||
select(explain($connection2, $q));
|
select(explain($connection2, $q));
|
||||||
|
@ -91,7 +91,7 @@ if (!$error && $_POST) {
|
||||||
} else {
|
} else {
|
||||||
if (preg_match("~^$space*(CREATE|DROP|ALTER)$space+(DATABASE|SCHEMA)\\b~isU", $q)) {
|
if (preg_match("~^$space*(CREATE|DROP|ALTER)$space+(DATABASE|SCHEMA)\\b~isU", $q)) {
|
||||||
restart_session();
|
restart_session();
|
||||||
set_session("databases", null); // clear cache
|
set_session("dbs", null); // clear cache
|
||||||
session_write_close();
|
session_write_close();
|
||||||
}
|
}
|
||||||
echo "<p class='message' title='" . h($connection->info) . "'>" . lang('Query executed OK, %d row(s) affected.', $connection->affected_rows) . "$time\n";
|
echo "<p class='message' title='" . h($connection->info) . "'>" . lang('Query executed OK, %d row(s) affected.', $connection->affected_rows) . "$time\n";
|
||||||
|
@ -115,7 +115,7 @@ if (!$error && $_POST) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ($errors && $queries > 1) {
|
if ($errors && $commands > 1) {
|
||||||
echo "<p class='error'>" . lang('Error in query') . ": $errors\n";
|
echo "<p class='error'>" . lang('Error in query') . ": $errors\n";
|
||||||
}
|
}
|
||||||
if ($empty) {
|
if ($empty) {
|
||||||
|
|
|
@ -10,7 +10,7 @@ class Adminer {
|
||||||
//! driver, ns
|
//! driver, ns
|
||||||
|
|
||||||
function credentials() {
|
function credentials() {
|
||||||
return array(SERVER, $_GET["username"], get_session("passwords"));
|
return array(SERVER, $_GET["username"], get_session("pwds"));
|
||||||
}
|
}
|
||||||
|
|
||||||
function permanentLogin() {
|
function permanentLogin() {
|
||||||
|
@ -19,10 +19,10 @@ class Adminer {
|
||||||
|
|
||||||
function database() {
|
function database() {
|
||||||
global $connection;
|
global $connection;
|
||||||
$dbs = get_databases(false);
|
$databases = get_databases(false);
|
||||||
return (!$dbs
|
return (!$databases
|
||||||
? $connection->result("SELECT SUBSTRING_INDEX(CURRENT_USER, '@', 1)") // username without the database list
|
? $connection->result("SELECT SUBSTRING_INDEX(CURRENT_USER, '@', 1)") // username without the database list
|
||||||
: $dbs[(information_schema($dbs[0]) ? 1 : 0)] // first available database
|
: $databases[(information_schema($databases[0]) ? 1 : 0)] // first available database
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -441,7 +441,7 @@ ORDER BY ORDINAL_POSITION", null, "") as $row) { //! requires MySQL 5
|
||||||
<?php
|
<?php
|
||||||
if ($missing == "auth") {
|
if ($missing == "auth") {
|
||||||
$first = true;
|
$first = true;
|
||||||
foreach ((array) $_SESSION["passwords"]["server"][""] as $username => $password) {
|
foreach ((array) $_SESSION["pwds"]["server"][""] as $username => $password) {
|
||||||
if (isset($password)) {
|
if (isset($password)) {
|
||||||
if ($first) {
|
if ($first) {
|
||||||
echo "<p>\n";
|
echo "<p>\n";
|
||||||
|
|
Loading…
Reference in a new issue