beenull/adminerevo
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: beenull:main
Branches Tags
beenull:main
beenull:gh-pages
beenull:feature/sentry
beenull:release/4.9.0-rc1
beenull:feature/php8-fixes
beenull:feature/sql-edit-position
beenull:feature/docs-phpdocumentor
beenull:v4.8.4
beenull:v4.8.3
beenull:v4.8.2
beenull:v4.8.1
beenull:v4.8.0
beenull:v4.7.9
beenull:v4.7.8
beenull:v4.7.7
beenull:v4.7.6
beenull:v4.7.5
beenull:v4.7.4
beenull:v4.7.3
beenull:v4.7.2
beenull:v4.7.1
beenull:v4.7.0
beenull:v4.6.3
beenull:v4.6.2
beenull:v4.6.1
beenull:v4.6.0
beenull:v4.5.0
beenull:v4.4.0
beenull:v4.3.1
beenull:v4.3.0
beenull:v4.2.5
beenull:v4.2.4
beenull:v4.2.3
beenull:v4.2.2
beenull:v4.2.1
beenull:v4.2.0
beenull:v4.1.0
beenull:v4.0.3
beenull:v4.0.2
beenull:v4.0.1
beenull:v4.0.0
beenull:v3.7.1
beenull:v3.7.0
beenull:v3.6.4
beenull:v3.6.3
beenull:v3.6.2
beenull:v3.6.1
beenull:v3.6.0
beenull:v3.5.1
beenull:v3.5.0
beenull:v3.4.0
beenull:v3.3.4
beenull:v3.3.3
beenull:v3.3.2
beenull:v3.3.1
beenull:v3.3.0
beenull:v3.2.2
beenull:v3.2.1
beenull:v3.2.0
beenull:v3.1.0
beenull:v3.0.1
beenull:v3.0.0
...
pull from: beenull:release/4.9.0-rc1
Branches Tags
beenull:gh-pages
beenull:main
beenull:feature/sentry
beenull:release/4.9.0-rc1
beenull:feature/php8-fixes
beenull:feature/sql-edit-position
beenull:feature/docs-phpdocumentor
beenull:v4.8.4
beenull:v4.8.3
beenull:v4.8.2
beenull:v4.8.1
beenull:v4.8.0
beenull:v4.7.9
beenull:v4.7.8
beenull:v4.7.7
beenull:v4.7.6
beenull:v4.7.5
beenull:v4.7.4
beenull:v4.7.3
beenull:v4.7.2
beenull:v4.7.1
beenull:v4.7.0
beenull:v4.6.3
beenull:v4.6.2
beenull:v4.6.1
beenull:v4.6.0
beenull:v4.5.0
beenull:v4.4.0
beenull:v4.3.1
beenull:v4.3.0
beenull:v4.2.5
beenull:v4.2.4
beenull:v4.2.3
beenull:v4.2.2
beenull:v4.2.1
beenull:v4.2.0
beenull:v4.1.0
beenull:v4.0.3
beenull:v4.0.2
beenull:v4.0.1
beenull:v4.0.0
beenull:v3.7.1
beenull:v3.7.0
beenull:v3.6.4
beenull:v3.6.3
beenull:v3.6.2
beenull:v3.6.1
beenull:v3.6.0
beenull:v3.5.1
beenull:v3.5.0
beenull:v3.4.0
beenull:v3.3.4
beenull:v3.3.3
beenull:v3.3.2
beenull:v3.3.1
beenull:v3.3.0
beenull:v3.2.2
beenull:v3.2.1
beenull:v3.2.0
beenull:v3.1.0
beenull:v3.0.1
beenull:v3.0.0

18 commits
main ... release/4.

Author SHA1 Message Date
Lionel Laffineur 00a9ae1148 Restored compatibility with PHP 5.6 2024-03-03 19:46:34 +01:00
Gerry Demaret 5020f92f18 Merge PR#102 from peterpp 2024-03-03 19:37:24 +01:00
Sneda8 6fcc2e7e51 PHP 8.3 error suppression 
PHP 8.3 has shortened the array access on null error message to "Trying to
access array offset on null". This commit changes the regular expression
used to circumvent errors.
 2024-03-03 19:25:57 +01:00
Lionel Laffineur c7111e52f4 I#104: logo white bg for dark mode 2024-03-03 19:25:57 +01:00
Gerry Demaret b0c0dd4900 compile: replace submodules by composer repositories 2024-03-03 18:58:10 +01:00
Peter Knut 6aa64a63a5 Change 'Invalid credentials.' message 2024-01-26 10:25:59 +01:00
Peter Knut 95080c48f3 Validate server connection in SimpleDB driver 2024-01-26 10:09:42 +01:00
Peter Knut eb69a942cb Validate server connection in Elasticsearch and ClickHouse drivers 2024-01-26 10:09:42 +01:00
Peter Knut 23e7cdc0a3 Disable redirections in HTTP based drivers 2024-01-25 15:00:39 +01:00
Peter Knut 18f3167bbc Validate server input 
- Allow only scheme, host and port in the server field.
- Use proper default host and port in Elasticsearch and ClickHouse driver.
 2024-01-25 14:58:57 +01:00
Lionel Laffineur a72ce720c7 Fix warnings in compile.php 2023-12-25 20:22:14 +01:00
Lionel Laffineur 574e13cc4b Fixed warnings related to Pgsql driver 2023-12-11 21:44:25 +01:00
Lionel Laffineur 4f4f2d3069 Fixed warnings of editor edit / save / clone / delete 2023-12-09 15:07:04 +01:00
Lionel Laffineur 8c361c74e9 Fixed warnings of editor login, tables list and data list pages 2023-12-06 23:00:08 +01:00
Lionel Laffineur 70b1080775 Fixed warnings of alter table 2023-12-04 22:03:59 +01:00
Lionel Laffineur 5f7daff1e0 Fixed warnings on table structure page and table data page 2023-12-03 23:04:42 +01:00
Lionel Laffineur 4deb8a4085 Fixed warnings on tables list page 2023-12-03 18:16:07 +01:00
Lionel Laffineur c4038f46ee Fixed warnings on login page 2023-12-03 17:39:39 +01:00
78 changed files with 844 additions and 488 deletions
Show stats Expand all files Collapse all files

6
.gitmodules vendored
View file

@ -1,9 +1,3 @@
[submodule "jush"]
path = externals/jush
url = https://github.com/vrana/jush
[submodule "JsShrink"]
path = externals/JsShrink
url = https://github.com/vrana/JsShrink
[submodule "designs/hydra"]
path = designs/hydra
url = https://github.com/Niyko/Hydra-Dark-Theme-for-Adminer

36
adminer/create.inc.php
View file

@ -22,17 +22,26 @@ if ($TABLE != "") {
}
$row = $_POST;
$row["fields"] = (array) $row["fields"];
if ($row["auto_increment_col"]) {
if (isset($row["fields"])) {
$row["fields"] = (array) $row["fields"];
}
if (isset($row["auto_increment_col"]) && $row["auto_increment_col"]) {
$row["fields"][$row["auto_increment_col"]]["auto_increment"] = true;
}
if ($_POST) {
set_adminer_settings(array("comments" => $_POST["comments"], "defaults" => $_POST["defaults"]));
$array = [];
if (isset($_POST["comments"])) {
$array["comments"] = $_POST["comments"];
}
if (isset($_POST["defaults"])) {
$array["defaults"] = $_POST["defaults"];
}
set_adminer_settings($array);
}
if ($_POST && !process_fields($row["fields"]) && !$error) {
if ($_POST["drop"]) {
if (isset($_POST["drop"]) && $_POST["drop"]) {
queries_redirect(substr(ME, 0, -1), lang('Table has been dropped.'), drop_tables(array($TABLE)));
} else {
$fields = array();
@ -43,13 +52,16 @@ if ($_POST && !process_fields($row["fields"]) && !$error) {
$after = " FIRST";
foreach ($row["fields"] as $key => $field) {
$foreign_key = $foreign_keys[$field["type"]];
$foreign_key = null;
if (isset($field["type"]) && isset($foreign_keys[$field["type"]])) {
$foreign_key = $foreign_keys[$field["type"]];
}
$type_field = ($foreign_key !== null ? $referencable_primary[$foreign_key] : $field); //! can collide with user defined type
if ($field["field"] != "") {
if (!$field["has_default"]) {
if (isset($field["has_default"]) === false || !$field["has_default"]) {
$field["default"] = null;
}
if ($key == $row["auto_increment_col"]) {
if (isset($row["auto_increment_col"]) && $key == $row["auto_increment_col"]) {
$field["auto_increment"] = true;
}
$process_field = process_field($field, $type_field);
@ -123,7 +135,7 @@ page_header(($TABLE != "" ? lang('Alter table') : lang('Create table')), $error,
if (!$_POST) {
$row = array(
"Engine" => $_COOKIE["adminer_engine"],
"Engine" => (isset($_COOKIE["adminer_engine"]) ? $_COOKIE["adminer_engine"] : null),
"fields" => array(array("field" => "", "type" => (isset($types["int"]) ? "int" : (isset($types["integer"]) ? "integer" : "")), "on_update" => "")),
"partition_names" => array(""),
);
@ -132,7 +144,7 @@ if (!$_POST) {
$row = $table_status;
$row["name"] = $TABLE;
$row["fields"] = array();
if (!$_GET["auto_increment"]) { // don't prefill by original Auto_increment for the sake of performance and not reusing deleted ids
if (isset($_GET["auto_increment"]) === false || !$_GET["auto_increment"]) { // don't prefill by original Auto_increment for the sake of performance and not reusing deleted ids
$row["Auto_increment"] = "";
}
foreach ($orig_fields as $field) {
@ -166,7 +178,7 @@ foreach ($engines as $engine) {
<form action="" method="post" id="form">
<p>
<?php if (support("columns") || $TABLE == "") { ?>
<?php echo lang('Table name'); ?>: <input name="name" data-maxlength="64" value="<?php echo h($row["name"]); ?>" autocapitalize="off">
<?php echo lang('Table name'); ?>: <input name="name" data-maxlength="64" value="<?php echo h(isset($row["name"]) ? $row["name"] : null); ?>" autocapitalize="off">
<?php if ($TABLE == "" && !$_POST) { echo script("focus(qs('#form')['name']);"); } ?>
<?php echo ($engines ? "<select name='Engine'>" . optionlist(array("" => "(" . lang('engine') . ")") + $engines, $row["Engine"]) . "</select>" . on_help("getTarget(event).value", 1) . script("qsl('select').onchange = helpClose;") : ""); ?>
<?php echo ($collations && !preg_match("~sqlite|mssql~", $jush) ? html_select("Collation", array("" => "(" . lang('collation') . ")") + $collations, $row["Collation"]) : ""); ?>
@ -189,9 +201,9 @@ edit_fields($row["fields"], $collations, "TABLE", $foreign_keys);
$comments = ($_POST ? $_POST["comments"] : adminer_setting("comments"));
echo (support("comment")
? checkbox("comments", 1, $comments, lang('Comment'), "editingCommentsClick(this, true);", "jsonly")
. ' ' . (preg_match('~\n~', $row["Comment"])
. ' ' . (preg_match('~\n~', isset($row["Comment"]) ? $row["Comment"] : null)
? "<textarea name='Comment' rows='2' cols='20'" . ($comments ? "" : " class='hidden'") . ">" . h($row["Comment"]) . "</textarea>"
: '<input name="Comment" value="' . h($row["Comment"]) . '" data-maxlength="' . (min_version(5.5) ? 2048 : 60) . '"' . ($comments ? "" : " class='hidden'") . '>'
: '<input name="Comment" value="' . h(isset($row["Comment"]) ? $row["Comment"] : null) . '" data-maxlength="' . (min_version(5.5) ? 2048 : 60) . '"' . ($comments ? "" : " class='hidden'") . '>'
)
: '')
;

20
adminer/db.inc.php
View file

@ -1,5 +1,13 @@
<?php
$tables_views = array_merge((array) $_POST["tables"], (array) $_POST["views"]);
if (isset($_POST["tables"]) && isset($_POST["views"])) {
$tables_views = array_merge((array) $_POST["tables"], (array) $_POST["views"]);
} elseif (isset($_POST["tables"])) {
$tables_views = (array)$_POST["tables"];
} elseif (isset($_POST["views"])) {
$tables_views = (array)$_POST["views"];
} else {
$tables_views = [];
}
if ($tables_views && !$error && !$_POST["search"]) {
$result = true;
@ -44,10 +52,10 @@ if ($tables_views && !$error && !$_POST["search"]) {
queries_redirect(substr(ME, 0, -1), $message, $result);
}
page_header(($_GET["ns"] == "" ? lang('Database') . ": " . h(DB) : lang('Schema') . ": " . h($_GET["ns"])), $error, true);
page_header((isset($_GET["ns"]) === false || $_GET["ns"] == "" ? lang('Database') . ": " . h(DB) : lang('Schema') . ": " . h($_GET["ns"])), $error, true);
if ($adminer->homepage()) {
if ($_GET["ns"] !== "") {
if (isset($_GET["ns"]) === false || $_GET["ns"] !== "") {
echo "<h3 id='tables-views'>" . lang('Tables and views') . "</h3>\n";
$tables_list = tables_list();
if (!$tables_list) {
@ -56,7 +64,7 @@ if ($adminer->homepage()) {
echo "<form action='' method='post'>\n";
if (support("table")) {
echo "<fieldset><legend>" . lang('Search data in tables') . " <span id='selected2'></span></legend><div>";
echo "<input type='search' name='query' value='" . h($_POST["query"]) . "'>";
echo "<input type='search' name='query' value='" . h((isset($_POST["query"]) && $_POST["query"] ? $_POST["query"] : "")) . "'>";
echo script("qsl('input').onkeydown = partialArg(bodyKeydown, 'search');", "");
echo " <input type='submit' name='search' value='" . lang('Search') . "'>\n";
if ($adminer->operator_regexp !== null) {
@ -64,7 +72,7 @@ if ($adminer->homepage()) {
echo doc_link(array('sql' => 'regexp.html', 'pgsql' => 'functions-matching.html#FUNCTIONS-POSIX-REGEXP')) . "</p>\n";
}
echo "</div></fieldset>\n";
if ($_POST["search"] && $_POST["query"] != "") {
if (isset($_POST["search"]) && $_POST["query"] != "") {
$_GET["where"][0]["op"] = $adminer->operator_regexp === null || empty($_POST['regexp']) ? "LIKE %%" : $adminer->operator_regexp;
search_tables();
}
@ -143,7 +151,7 @@ if ($adminer->homepage()) {
echo "<p>" . lang('Move to other database') . ": ";
echo ($databases ? html_select("target", $databases, $db) : '<input name="target" value="' . h($db) . '" autocapitalize="off">');
echo " <input type='submit' name='move' value='" . lang('Move') . "'>";
echo (support("copy") ? " <input type='submit' name='copy' value='" . lang('Copy') . "'> " . checkbox("overwrite", 1, $_POST["overwrite"], lang('overwrite')) : "");
echo (support("copy") ? " <input type='submit' name='copy' value='" . lang('Copy') . "'> " . checkbox("overwrite", 1, isset($_POST["overwrite"]), lang('overwrite')) : "");
echo "\n";
}
echo "<input type='hidden' name='all' value=''>"; // used by trCheck()

90
adminer/drivers/elastic.inc.php
View file

@ -8,64 +8,77 @@ if (isset($_GET["elastic"])) {
class Min_DB {
var $extension = "JSON", $server_info, $errno, $error, $_url, $_db;
/** Performs query
* @param string
* @param array
* @param string
* @return mixed
/**
* @param string $path
* @param array|null $content
* @param string $method
* @return array|false
*/
function rootQuery($path, $content = array(), $method = 'GET') {
function rootQuery($path, array $content = null, $method = 'GET') {
@ini_set('track_errors', 1); // @ - may be disabled
$file = @file_get_contents("$this->_url/" . ltrim($path, '/'), false, stream_context_create(array('http' => array(
'method' => $method,
'content' => $content === null ? $content : json_encode($content),
'header' => 'Content-Type: application/json',
'ignore_errors' => 1, // available since PHP 5.2.10
'content' => $content !== null ? json_encode($content) : null,
'header' => $content !== null ? 'Content-Type: application/json' : [],
'ignore_errors' => 1,
'follow_location' => 0,
'max_redirects' => 0,
))));
if (!$file) {
$this->error = error_get_last()['message'];
return $file;
}
if (!preg_match('~^HTTP/[0-9.]+ 2~i', $http_response_header[0])) {
$this->error = lang('Invalid credentials.') . " $http_response_header[0]";
if ($file === false) {
$this->error = lang('Invalid server or credentials.');
return false;
}
$return = json_decode($file, true);
if ($return === null) {
$this->errno = json_last_error();
if (function_exists('json_last_error_msg')) {
$this->error = json_last_error_msg();
} else {
$constants = get_defined_constants(true);
foreach ($constants['json'] as $name => $value) {
if ($value == $this->errno && preg_match('~^JSON_ERROR_~', $name)) {
$this->error = $name;
break;
}
}
}
$this->error = lang('Invalid server or credentials.');
return false;
}
if (!preg_match('~^HTTP/[0-9.]+ 2~i', $http_response_header[0])) {
if (isset($return['error']['root_cause'][0]['type'])) {
$this->error = $return['error']['root_cause'][0]['type'] . ": " . $return['error']['root_cause'][0]['reason'];
} else {
$this->error = lang('Invalid server or credentials.');
}
return false;
}
return $return;
}
/** Performs query relative to actual selected DB
* @param string
* @param array
* @param string
* @return mixed
* @param string $path
* @param array|null $content
* @param string $method
* @return array|false
*/
function query($path, $content = array(), $method = 'GET') {
function query($path, array $content = null, $method = 'GET') {
return $this->rootQuery(($this->_db != "" ? "$this->_db/" : "/") . ltrim($path, '/'), $content, $method);
}
/**
* @param string $server
* @param string $username
* @param string $password
* @return bool
*/
function connect($server, $username, $password) {
preg_match('~^(https?://)?(.*)~', $server, $match);
$this->_url = ($match[1] ? $match[1] : "http://") . "$username:$password@$match[2]";
$this->_url = build_http_url($server, $username, $password, "localhost", 9200);
$return = $this->query('');
if ($return) {
$this->server_info = $return['version']['number'];
if (!$return) {
return false;
}
return (bool) $return;
if (!isset($return['version']['number'])) {
$this->error = lang('Invalid server or credentials.');
return false;
}
$this->server_info = $return['version']['number'];
return true;
}
function select_db($database) {
@ -227,9 +240,6 @@ if (isset($_GET["elastic"])) {
global $adminer;
$connection = new Min_DB;
list($server, $username, $password) = $adminer->credentials();
if (strpos($server, '/') !== false || strpos($server, ':') !== false) {
return lang('Only hostname or IP address');
}
if ($password != "" && $connection->connect($server, $username, "")) {
return lang('Database does not support password.');
}

15
adminer/drivers/mysql.inc.php
View file

@ -15,7 +15,11 @@ if (!defined("DRIVER")) {
function connect($server = "", $username = "", $password = "", $database = null, $port = null, $socket = null) {
global $adminer;
mysqli_report(MYSQLI_REPORT_OFF); // stays between requests, not required since PHP 5.3.4
list($host, $port) = explode(":", $server, 2); // part after : is used for port or socket
if (strpos($server, ':') !== false) {
list($host, $port) = explode(":", $server, 2); // part after : is used for port or socket
} else {
$host = $server;
}
$ssl = $adminer->connectSsl();
if ($ssl) {
$this->ssl_set($ssl['key'], $ssl['cert'], $ssl['ca'], '', '');
@ -540,6 +544,11 @@ if (!defined("DRIVER")) {
$return = array();
foreach (get_rows("SHOW FULL COLUMNS FROM " . table($table)) as $row) {
preg_match('~^([^( ]+)(?:\((.+)\))?( unsigned)?( zerofill)?$~', $row["Type"], $match);
for ($i = 0; $i < 5; $i++) {
if (isset($match[$i]) === false) {
$match[$i] = null;
}
}
$return[$row["Field"]] = array(
"field" => $row["Field"],
"full_type" => $row["Type"],
@ -1092,13 +1101,13 @@ if (!defined("DRIVER")) {
* @return string
*/
function unconvert_field($field, $return) {
if (preg_match("~binary~", $field["type"] ?? null)) {
if (preg_match("~binary~", isset($field["type"]) ? $field["type"] : null)) {
$return = "UNHEX($return)";
}
if (isset($field["type"]) && $field["type"] == "bit") {
$return = "CONV($return, 2, 10) + 0";
}
if (preg_match("~geometry|point|linestring|polygon~", $field["type"] ?? null)) {
if (preg_match("~geometry|point|linestring|polygon~", isset($field["type"]) ? $field["type"] : null)) {
$prefix = (min_version(8) ? "ST_" : "");
$return = $prefix . "GeomFromText($return, $prefix" . "SRID($field[field]))";
}

7
adminer/drivers/pgsql.inc.php
View file

@ -234,7 +234,10 @@ if (isset($_GET["pgsql"])) {
"information_schema" => "infoschema",
"pg_catalog" => "catalog",
);
$link = $links[$_GET["ns"]];
$link = null;
if (isset($_GET["ns"]) && isset($links[$_GET["ns"]])) {
$links[$_GET["ns"]];
}
if ($link) {
return "$link-" . str_replace("_", "-", $name) . ".html";
}
@ -467,7 +470,7 @@ ORDER BY connamespace, conname") as $row) {
global $connection;
$return = h($connection->error);
if (preg_match('~^(.*\n)?([^\n]*)\n( *)\^(\n.*)?$~s', $return, $match)) {
$return = $match[1] . preg_replace('~((?:[^&]|&[^;]*;){' . strlen($match[3]) . '})(.*)~', '\1<b>\2</b>', $match[2]) . $match[4];
$return = $match[1] . preg_replace('~((?:[^&]|&[^;]*;){' . strlen($match[3]) . '})(.*)~', '\1<b>\2</b>', $match[2]) . (isset($match[4]) ? $match[4] : null);
}
return nl_br($return);
}

10
adminer/edit.inc.php
View file

@ -2,7 +2,7 @@
$TABLE = $_GET["edit"];
$fields = fields($TABLE);
$where = (isset($_GET["select"]) ? ($_POST["check"] && count($_POST["check"]) == 1 ? where_check($_POST["check"][0], $fields) : "") : where($_GET, $fields));
$update = (isset($_GET["select"]) ? $_POST["edit"] : $where);
$update = (isset($_GET["select"]) ? (isset($_POST["edit"]) ? $_POST["edit"] : null) : $where);
foreach ($fields as $name => $field) {
if (!isset($field["privileges"][$update ? "update" : "insert"]) || $adminer->fieldName($field) == "" || $field["generated"]) {
unset($fields[$name]);
@ -11,14 +11,14 @@ foreach ($fields as $name => $field) {
if ($_POST && !$error && !isset($_GET["select"])) {
$location = $_POST["referer"];
if ($_POST["insert"]) { // continue edit or insert
if (isset($_POST["insert"]) && $_POST["insert"]) { // continue edit or insert
$location = ($update ? null : $_SERVER["REQUEST_URI"]);
} elseif (!preg_match('~^.+&select=.+$~', $location)) {
$location = ME . "select=" . urlencode($TABLE);
}
$indexes = indexes($TABLE);
$unique_array = unique_array($_GET["where"], $indexes);
$unique_array = unique_array((isset($_GET["where"]) ? $_GET["where"] : []), $indexes);
$query_where = "\nWHERE $where";
if (isset($_POST["delete"])) {
@ -60,14 +60,14 @@ if ($_POST && !$error && !isset($_GET["select"])) {
}
$row = null;
if ($_POST["save"]) {
if (isset($_POST["save"]) &&$_POST["save"]) {
$row = (array) $_POST["fields"];
} elseif ($where) {
$select = array();
foreach ($fields as $name => $field) {
if (isset($field["privileges"]["select"])) {
$as = convert_field($field);
if ($_POST["clone"] && $field["auto_increment"]) {
if (isset($_POST["clone"]) && $_POST["clone"] && isset($field["auto_increment"]) && $field["auto_increment"]) {
$as = "''";
}
if ($jush == "sql" && preg_match("~enum|set~", $field["type"])) {

4
adminer/file.inc.php
View file

@ -6,13 +6,13 @@ if ($_GET["file"] == "favicon.ico") {
echo lzw_decompress(compile_file('../adminer/static/favicon.ico', 'lzw_compress'));
} elseif ($_GET["file"] == "default.css") {
header("Content-Type: text/css; charset=utf-8");
echo lzw_decompress(compile_file('../adminer/static/default.css;../externals/jush/jush.css', 'minify_css'));
echo lzw_decompress(compile_file('../adminer/static/default.css;../vendor/vrana/jush/jush.css', 'minify_css'));
} elseif ($_GET["file"] == "functions.js") {
header("Content-Type: text/javascript; charset=utf-8");
echo lzw_decompress(compile_file('../adminer/static/functions.js;static/editing.js', 'minify_js'));
} elseif ($_GET["file"] == "jush.js") {
header("Content-Type: text/javascript; charset=utf-8");
echo lzw_decompress(compile_file('../externals/jush/modules/jush.js;../externals/jush/modules/jush-textarea.js;../externals/jush/modules/jush-txt.js;../externals/jush/modules/jush-js.js;../externals/jush/modules/jush-sql.js;../externals/jush/modules/jush-pgsql.js;../externals/jush/modules/jush-sqlite.js;../externals/jush/modules/jush-mssql.js;../externals/jush/modules/jush-oracle.js;../externals/jush/modules/jush-simpledb.js', 'minify_js'));
echo lzw_decompress(compile_file('../vendor/vrana/jush/modules/jush.js;../vendor/vrana/jush/modules/jush-textarea.js;../vendor/vrana/jush/modules/jush-txt.js;../vendor/vrana/jush/modules/jush-js.js;../vendor/vrana/jush/modules/jush-sql.js;../vendor/vrana/jush/modules/jush-pgsql.js;../vendor/vrana/jush/modules/jush-sqlite.js;../vendor/vrana/jush/modules/jush-mssql.js;../vendor/vrana/jush/modules/jush-oracle.js;../vendor/vrana/jush/modules/jush-simpledb.js', 'minify_js'));
} else {
header("Content-Type: image/gif");
switch ($_GET["file"]) {

191
adminer/include/adminer.inc.php
View file

@ -121,12 +121,12 @@ class Adminer {
echo "<table cellspacing='0' class='layout'>\n";
echo $this->loginFormField('driver', '<tr><th>' . lang('System') . '<td>', html_select("auth[driver]", $drivers, DRIVER, "loginDriver(this);") . "\n");
echo $this->loginFormField('server', '<tr><th>' . lang('Server') . '<td>', '<input name="auth[server]" value="' . h(SERVER) . '" title="hostname[:port]" placeholder="localhost" autocapitalize="off">' . "\n");
echo $this->loginFormField('username', '<tr><th>' . lang('Username') . '<td>', '<input name="auth[username]" id="username" value="' . h($_GET["username"]) . '" autocomplete="username" autocapitalize="off">' . script("focus(qs('#username')); qs('#username').form['auth[driver]'].onchange();"));
echo $this->loginFormField('username', '<tr><th>' . lang('Username') . '<td>', '<input name="auth[username]" id="username" value="' . h((isset($_GET["username"]) ? $_GET["username"] : "")) . '" autocomplete="username" autocapitalize="off">' . script("focus(qs('#username')); qs('#username').form['auth[driver]'].onchange();"));
echo $this->loginFormField('password', '<tr><th>' . lang('Password') . '<td>', '<input type="password" name="auth[password]" autocomplete="current-password">' . "\n");
echo $this->loginFormField('db', '<tr><th>' . lang('Database') . '<td>', '<input name="auth[db]" value="' . h($_GET["db"]) . '" autocapitalize="off">' . "\n");
echo $this->loginFormField('db', '<tr><th>' . lang('Database') . '<td>', '<input name="auth[db]" value="' . h((isset($_GET["db"]) ? $_GET["db"] : "")) . '" autocapitalize="off">' . "\n");
echo "</table>\n";
echo "<p><input type='submit' value='" . lang('Login') . "'>\n";
echo checkbox("auth[permanent]", 1, $_COOKIE["adminer_permanent"], lang('Permanent login')) . "\n";
echo checkbox("auth[permanent]", 1, isset($_COOKIE["adminer_permanent"]) ? $_COOKIE["adminer_permanent"] : null, lang('Permanent login')) . "\n";
}
/** Get login form field
@ -318,7 +318,7 @@ class Adminer {
echo "<thead><tr><th>" . lang('Column') . "<td>" . lang('Type') . (support("comment") ? "<td>" . lang('Comment') : "") . "</thead>\n";
foreach ($fields as $field) {
echo "<tr" . odd() . "><th>" . h($field["field"]);
echo "<td><span title='" . h($field["collation"]) . "'>" . h($field["full_type"]) . "</span>";
echo "<td><span title='" . h(isset($field["collation"]) ? $field["collation"] : null) . "'>" . h(isset($field["full_type"]) ? $field["full_type"] : null) . "</span>";
echo ($field["null"] ? " <i>NULL</i>" : "");
echo ($field["auto_increment"] ? " <i>" . lang('Auto Increment') . "</i>" : "");
echo (isset($field["default"]) ? " <span title='" . lang('Default value') . "'>[<b>" . h($field["default"]) . "</b>]</span>" : "");
@ -340,8 +340,8 @@ class Adminer {
$print = array();
foreach ($index["columns"] as $key => $val) {
$print[] = "<i>" . h($val) . "</i>"
. ($index["lengths"][$key] ? "(" . $index["lengths"][$key] . ")" : "")
. ($index["descs"][$key] ? " DESC" : "")
. (isset($index["lengths"][$key]) && $index["lengths"][$key] ? "(" . $index["lengths"][$key] . ")" : "")
. (isset($index["descs"][$key]) && $index["descs"][$key] ? " DESC" : "")
;
}
echo "<tr title='" . h($name) . "'><th>$index[type]<td>" . implode(", ", $print) . "\n";
@ -398,21 +398,23 @@ class Adminer {
}
}
$change_next = "this.parentNode.firstChild.onchange();";
foreach (array_merge((array) $_GET["where"], array(array())) as $i => $val) {
if (!$val || ("$val[col]$val[val]" != "" && in_array($val["op"], $this->operators))) {
echo "<div>" . select_input(
" name='where[$i][col]'",
$columns,
$val["col"],
($val ? "selectFieldChange" : "selectAddRow"),
"(" . lang('anywhere') . ")"
);
echo html_select("where[$i][op]", $this->operators, $val["op"], $change_next);
echo "<input type='search' name='where[$i][val]' value='" . h($val["val"]) . "'>";
echo script("mixin(qsl('input'), {oninput: function () { $change_next }, onkeydown: selectSearchKeydown, onsearch: selectSearchSearch});", "");
echo "<input type='image' src='../adminer/static/cross.gif' class='jsonly icon' title='", h(lang('Remove')), "' alt='x'>";
echo script('qsl(".icon").onclick = selectRemoveRow;', "");
echo "</div>\n";
if (isset($_GET["where"])) {
foreach (array_merge((array) $_GET["where"], array(array())) as $i => $val) {
if (!$val || ("$val[col]$val[val]" != "" && in_array($val["op"], $this->operators))) {
echo "<div>" . select_input(
" name='where[$i][col]'",
$columns,
$val["col"],
($val ? "selectFieldChange" : "selectAddRow"),
"(" . lang('anywhere') . ")"
);
echo html_select("where[$i][op]", $this->operators, $val["op"], $change_next);
echo "<input type='search' name='where[$i][val]' value='" . h($val["val"]) . "'>";
echo script("mixin(qsl('input'), {oninput: function () { $change_next }, onkeydown: selectSearchKeydown, onsearch: selectSearchSearch});", "");
echo "<input type='image' src='../adminer/static/cross.gif' class='jsonly icon' title='", h(lang('Remove')), "' alt='x'>";
echo script('qsl(".icon").onclick = selectRemoveRow;', "");
echo "</div>\n";
}
}
}
echo "</div></fieldset>\n";
@ -427,14 +429,16 @@ class Adminer {
function selectOrderPrint($order, $columns, $indexes) {
print_fieldset("sort", lang('Sort'), $order);
$i = 0;
foreach ((array) $_GET["order"] as $key => $val) {
if ($val != "") {
echo "<div>" . select_input(" name='order[$i]'", $columns, $val, "selectFieldChange");
echo checkbox("desc[$i]", 1, isset($_GET["desc"][$key]), lang('descending'));
echo " <input type='image' src='../adminer/static/cross.gif' class='jsonly icon' title='", h(lang('Remove')), "' alt='x'>";
echo script('qsl(".icon").onclick = selectRemoveRow;', "");
echo "</div>\n";
$i++;
if (isset($_GET["order"])) {
foreach ((array) $_GET["order"] as $key => $val) {
if ($val != "") {
echo "<div>" . select_input(" name='order[$i]'", $columns, $val, "selectFieldChange");
echo checkbox("desc[$i]", 1, isset($_GET["desc"][$key]), lang('descending'));
echo " <input type='image' src='../adminer/static/cross.gif' class='jsonly icon' title='", h(lang('Remove')), "' alt='x'>";
echo script('qsl(".icon").onclick = selectRemoveRow;', "");
echo "</div>\n";
$i++;
}
}
}
echo "<div>" . select_input(" name='order[$i]'", $columns, "", "selectAddRow");
@ -526,11 +530,13 @@ class Adminer {
global $functions, $grouping;
$select = array(); // select expressions, empty for *
$group = array(); // expressions without aggregation - will be used for GROUP BY if an aggregation function is used
foreach ((array) $_GET["columns"] as $key => $val) {
if ($val["fun"] == "count" || ($val["col"] != "" && (!$val["fun"] || in_array($val["fun"], $functions) || in_array($val["fun"], $grouping)))) {
$select[$key] = apply_sql_function($val["fun"], ($val["col"] != "" ? idf_escape($val["col"]) : "*"));
if (!in_array($val["fun"], $grouping)) {
$group[] = $select[$key];
if (isset($_GET["columns"])) {
foreach ((array) $_GET["columns"] as $key => $val) {
if ($val["fun"] == "count" || ($val["col"] != "" && (!$val["fun"] || in_array($val["fun"], $functions) || in_array($val["fun"], $grouping)))) {
$select[$key] = apply_sql_function($val["fun"], ($val["col"] != "" ? idf_escape($val["col"]) : "*"));
if (!in_array($val["fun"], $grouping)) {
$group[] = $select[$key];
}
}
}
}
@ -550,39 +556,41 @@ class Adminer {
$return[] = "MATCH (" . implode(", ", array_map('idf_escape', $index["columns"])) . ") AGAINST (" . q($_GET["fulltext"][$i]) . (isset($_GET["boolean"][$i]) ? " IN BOOLEAN MODE" : "") . ")";
}
}
foreach ((array) $_GET["where"] as $key => $val) {
if ("$val[col]$val[val]" != "" && in_array($val["op"], $this->operators)) {
$prefix = "";
$cond = " $val[op]";
if (preg_match('~IN$~', $val["op"])) {
$in = process_length($val["val"]);
$cond .= " " . ($in != "" ? $in : "(NULL)");
} elseif ($val["op"] == "SQL") {
$cond = " $val[val]"; // SQL injection
} elseif ($val["op"] == "LIKE %%") {
$cond = " LIKE " . $this->processInput($fields[$val["col"]], "%$val[val]%");
} elseif ($val["op"] == "ILIKE %%") {
$cond = " ILIKE " . $this->processInput($fields[$val["col"]], "%$val[val]%");
} elseif ($val["op"] == "FIND_IN_SET") {
$prefix = "$val[op](" . q($val["val"]) . ", ";
$cond = ")";
} elseif (!preg_match('~NULL$~', $val["op"])) {
$cond .= " " . $this->processInput($fields[$val["col"]], $val["val"]);
}
if ($val["col"] != "") {
$return[] = $prefix . $driver->convertSearch(idf_escape($val["col"]), $val, $fields[$val["col"]]) . $cond;
} else {
// find anywhere
$cols = array();
foreach ($fields as $name => $field) {
if ((preg_match('~^[-\d.' . (preg_match('~IN$~', $val["op"]) ? ',' : '') . ']+$~', $val["val"]) || !preg_match('~' . number_type() . '|bit~', $field["type"]))
&& (!preg_match("~[\x80-\xFF]~", $val["val"]) || preg_match('~char|text|enum|set~', $field["type"]))
&& (!preg_match('~date|timestamp~', $field["type"]) || preg_match('~^\d+-\d+-\d+~', $val["val"]))
) {
$cols[] = $prefix . $driver->convertSearch(idf_escape($name), $val, $field) . $cond;
}
if (isset($_GET["where"])) {
foreach ((array) $_GET["where"] as $key => $val) {
if ("$val[col]$val[val]" != "" && in_array($val["op"], $this->operators)) {
$prefix = "";
$cond = " $val[op]";
if (preg_match('~IN$~', $val["op"])) {
$in = process_length($val["val"]);
$cond .= " " . ($in != "" ? $in : "(NULL)");
} elseif ($val["op"] == "SQL") {
$cond = " $val[val]"; // SQL injection
} elseif ($val["op"] == "LIKE %%") {
$cond = " LIKE " . $this->processInput($fields[$val["col"]], "%$val[val]%");
} elseif ($val["op"] == "ILIKE %%") {
$cond = " ILIKE " . $this->processInput($fields[$val["col"]], "%$val[val]%");
} elseif ($val["op"] == "FIND_IN_SET") {
$prefix = "$val[op](" . q($val["val"]) . ", ";
$cond = ")";
} elseif (!preg_match('~NULL$~', $val["op"])) {
$cond .= " " . $this->processInput($fields[$val["col"]], $val["val"]);
}
if ($val["col"] != "") {
$return[] = $prefix . $driver->convertSearch(idf_escape($val["col"]), $val, $fields[$val["col"]]) . $cond;
} else {
// find anywhere
$cols = array();
foreach ($fields as $name => $field) {
if ((preg_match('~^[-\d.' . (preg_match('~IN$~', $val["op"]) ? ',' : '') . ']+$~', $val["val"]) || !preg_match('~' . number_type() . '|bit~', $field["type"]))
&& (!preg_match("~[\x80-\xFF]~", $val["val"]) || preg_match('~char|text|enum|set~', $field["type"]))
&& (!preg_match('~date|timestamp~', $field["type"]) || preg_match('~^\d+-\d+-\d+~', $val["val"]))
) {
$cols[] = $prefix . $driver->convertSearch(idf_escape($name), $val, $field) . $cond;
}
}
$return[] = ($cols ? "(" . implode(" OR ", $cols) . ")" : "1 = 0");
}
$return[] = ($cols ? "(" . implode(" OR ", $cols) . ")" : "1 = 0");
}
}
}
@ -596,11 +604,13 @@ class Adminer {
*/
function selectOrderProcess($fields, $indexes) {
$return = array();
foreach ((array) $_GET["order"] as $key => $val) {
if ($val != "") {
$return[] = (preg_match('~^((COUNT\(DISTINCT |[A-Z0-9_]+\()(`(?:[^`]|``)+`|"(?:[^"]|"")+")\)|COUNT\(\*\))$~', $val) ? $val : idf_escape($val)) //! MS SQL uses []
. (isset($_GET["desc"][$key]) ? " DESC" : "")
;
if (isset($_GET["order"])) {
foreach ((array) $_GET["order"] as $key => $val) {
if ($val != "") {
$return[] = (preg_match('~^((COUNT\(DISTINCT |[A-Z0-9_]+\()(`(?:[^`]|``)+`|"(?:[^"]|"")+")\)|COUNT\(\*\))$~', $val) ? $val : idf_escape($val)) //! MS SQL uses []
. (isset($_GET["desc"][$key]) ? " DESC" : "")
;
}
}
}
return $return;
@ -939,13 +949,13 @@ class Adminer {
*/
function homepage() {
$links = [];
if ($_GET["ns"] == "" && support("database")) {
if (isset($_GET["ns"]) && $_GET["ns"] == "" && support("database")) {
$links[] = '<a href="' . h(ME) . 'database=">' . lang('Alter database') . '</a>';
}
if (support("scheme")) {
$links[] = "<a href='" . h(ME) . "scheme='>" . ($_GET["ns"] != "" ? lang('Alter schema') : lang('Create schema')) . "</a>";
}
if ($_GET["ns"] !== "") {
if (isset($_GET["ns"]) && $_GET["ns"] !== "") {
$links[] = '<a href="' . h(ME) . 'schema=">' . lang('Database schema') . '</a>';
}
if (support("privileges")) {
@ -968,13 +978,15 @@ class Adminer {
<?php
if ($missing == "auth") {
$output = "";
foreach ((array) $_SESSION["pwds"] as $vendor => $servers) {
foreach ($servers as $server => $usernames) {
foreach ($usernames as $username => $password) {
if ($password !== null) {
$dbs = $_SESSION["db"][$vendor][$server][$username];
foreach (($dbs ? array_keys($dbs) : array("")) as $db) {
$output .= "<li><a href='" . h(auth_url($vendor, $server, $username, $db)) . "'>($drivers[$vendor]) " . h($username . ($server != "" ? "@" . $this->serverName($server) : "") . ($db != "" ? " - $db" : "")) . "</a>\n";
if (isset( $_SESSION["pwds"])) {
foreach ((array) $_SESSION["pwds"] as $vendor => $servers) {
foreach ($servers as $server => $usernames) {
foreach ($usernames as $username => $password) {
if ($password !== null) {
$dbs = $_SESSION["db"][$vendor][$server][$username];
foreach (($dbs ? array_keys($dbs) : array("")) as $db) {
$output .= "<li><a href='" . h(auth_url($vendor, $server, $username, $db)) . "'>($drivers[$vendor]) " . h($username . ($server != "" ? "@" . $this->serverName($server) : "") . ($db != "" ? " - $db" : "")) . "</a>\n";
}
}
}
}
@ -985,7 +997,7 @@ class Adminer {
}
} else {
$tables = array();
if ($_GET["ns"] !== "" && !$missing && DB != "") {
if (isset($_GET["ns"]) === false || $_GET["ns"] !== "" && !$missing && DB != "") {
$connection->select_db(DB);
$tables = table_status('', true);
}
@ -1022,13 +1034,13 @@ bodyLoad('<?php echo (is_object($connection) ? preg_replace('~^(\d\.?\d).*~s', '
$links[] = "<a href='" . h(ME) . "import='" . bold(isset($_GET["import"])) . ">" . lang('Import') . "</a>";
}
if (support("dump")) {
$links[] = "<a href='" . h(ME) . "dump=" . urlencode(isset($_GET["table"]) ? $_GET["table"] : $_GET["select"]) . "' id='dump'" . bold(isset($_GET["dump"])) . ">" . lang('Export') . "</a>";
$links[] = "<a href='" . h(ME) . "dump=" . urlencode(isset($_GET["table"]) ? $_GET["table"] : (isset($_GET["select"]) && $_GET["select"] ? $_GET["select"] : "" )) . "' id='dump'" . bold(isset($_GET["dump"])) . ">" . lang('Export') . "</a>";
}
}
echo generate_linksbar($links);
if ($_GET["ns"] !== "" && !$missing && DB != "") {
echo generate_linksbar(['<a href="' . h(ME) . 'create="' . bold($_GET["create"] === "") . ">" . lang('Create table') . "</a>"]);
if (isset($_GET["ns"]) === false || $_GET["ns"] !== "" && !$missing && DB != "") {
echo generate_linksbar(['<a href="' . h(ME) . 'create="' . bold(isset($_GET["create"]) && $_GET["create"] === "") . ">" . lang('Create table') . "</a>"]);
if (!$tables) {
echo "<p class='message'>" . lang('No tables.') . "\n";
} else {
@ -1088,13 +1100,20 @@ bodyLoad('<?php echo (is_object($connection) ? preg_replace('~^(\d\.?\d).*~s', '
foreach ($tables as $table => $status) {
$name = $this->tableName($status);
if ($name != "") {
$array = [];
if (isset($_GET["table"])) $array[] = $_GET["table"];
if (isset($_GET["create"])) $array[] = $_GET["create"];
if (isset($_GET["indexes"])) $array[] = $_GET["indexes"];
if (isset($_GET["foreign"])) $array[] = $_GET["foreign"];
if (isset($_GET["trigger"])) $array[] = $_GET["trigger"];
if (isset($_GET["select"])) $array[] = $_GET["select"];
echo '<li><a href="' . h(ME) . 'select=' . urlencode($table) . '"'
. bold($_GET["select"] == $table || $_GET["edit"] == $table, "select")
. bold(isset($_GET["select"]) && $_GET["select"] == $table || isset($_GET["edit"]) && $_GET["edit"] == $table, "select")
. " title='" . lang('Select data') . "'>" . lang('select') . "</a> "
;
echo (support("table") || support("indexes")
? '<a href="' . h(ME) . 'table=' . urlencode($table) . '"'
. bold(in_array($table, array($_GET["table"], $_GET["create"], $_GET["indexes"], $_GET["foreign"], $_GET["trigger"], $_GET["select"])), (is_view($status) ? "view" : "structure"))
. bold(in_array($table, $array), (is_view($status) ? "view" : "structure"))
. " title='" . lang('Show structure') . "'>$name</a>"
: "<span>$name</span>"
) . "\n";

95
adminer/include/auth.inc.php
View file

@ -1,20 +1,72 @@
<?php
$connection = '';
$has_token = $_SESSION["token"];
$has_token = isset($_SESSION["token"]) && $_SESSION["token"];
if (!$has_token) {
$_SESSION["token"] = rand(1, 1e6); // defense against cross-site request forgery
}
$token = get_token(); ///< @var string CSRF protection
$permanent = array();
if ($_COOKIE["adminer_permanent"]) {
if (isset($_COOKIE["adminer_permanent"]) && $_COOKIE["adminer_permanent"]) {
foreach (explode(" ", $_COOKIE["adminer_permanent"]) as $val) {
list($key) = explode(":", $val);
$permanent[$key] = $val;
}
}
function validate_server_input() {
if (SERVER == "") {
return;
}
$parts = parse_url(SERVER);
if (!$parts) {
auth_error(lang('Invalid server or credentials.'));
}
// Check proper URL parts.
if (isset($parts['user']) || isset($parts['pass']) || isset($parts['query']) || isset($parts['fragment'])) {
auth_error(lang('Invalid server or credentials.'));
}
// Allow only HTTP/S scheme.
if (isset($parts['scheme']) && !preg_match('~^(https?)$~i', $parts['scheme'])) {
auth_error(lang('Invalid server or credentials.'));
}
// Allow only host without a path. Note that "localhost" is parsed as path.
$host = (isset($parts['host']) ? $parts['host'] : '') . (isset($parts['path']) ? $parts['path'] : '');
if (strpos(rtrim($host, '/'), '/') !== false) {
auth_error(lang('Invalid server or credentials.'));
}
// Check privileged ports.
if (isset($parts['port']) && ($parts['port'] < 1024 || $parts['port'] > 65535)) {
auth_error(lang('Connecting to privileged ports is not allowed.'));
}
}
/**
* @param string $server
* @param string $username
* @param string $password
* @param string $defaultServer
* @param int|null $defaultPort
* @return string
*/
function build_http_url($server, $username, $password, $defaultServer, $defaultPort = null) {
if (!preg_match('~^(https?://)?([^:]*)(:\d+)?$~', rtrim($server, '/'), $matches)) {
$this->error = lang('Invalid server or credentials.');
return false;
}
return ($matches[1] ?: "http://") .
($username !== "" || $password !== "" ? "$username:$password@" : "") .
($matches[2] !== "" ? $matches[2] : $defaultServer) .
(isset($matches[3]) ? $matches[3] : ($defaultPort ? ":$defaultPort" : ""));
}
function add_invalid_login() {
global $adminer;
$fp = file_open_lock(get_temp_dir() . "/adminer.invalid");
@ -40,25 +92,30 @@ function add_invalid_login() {
function check_invalid_login() {
global $adminer;
$invalids = unserialize(@file_get_contents(get_temp_dir() . "/adminer.invalid")); // @ - may not exist
$filename = get_temp_dir() . "/adminer.invalid";
if (file_exists($filename)) {
$invalids = unserialize(file_get_contents(get_temp_dir() . "/adminer.invalid"));
} else {
$invalids = [];
}
$invalid = ($invalids ? $invalids[$adminer->bruteForceKey()] : array());
if ($invalid === null) {
return;
}
$next_attempt = ($invalid[1] > 29 ? $invalid[0] - time() : 0); // allow 30 invalid attempts
$next_attempt = (isset($invalid[1]) && $invalid[1] > 29 ? $invalid[0] - time() : 0); // allow 30 invalid attempts
if ($next_attempt > 0) { //! do the same with permanent login
auth_error(lang('Too many unsuccessful logins, try again in %d minute(s).', ceil($next_attempt / 60)));
}
}
$auth = $_POST["auth"];
$auth = (isset($_POST["auth"]) ? $_POST["auth"] : null);
if ($auth) {
session_regenerate_id(); // defense against session fixation
$vendor = $auth["driver"];
$server = $auth["server"];
$username = $auth["username"];
$password = (string) $auth["password"];
$db = $auth["db"];
$vendor = isset($auth["driver"]) ? $auth["driver"] : null;
$server = isset($auth["server"]) ? trim($auth["server"]) : null;
$username = isset($auth["username"]) ? $auth["username"] : null;
$password = isset($auth["password"]) ? (string) $auth["password"] : null;
$db = isset($auth["db"]) ? $auth["db"] : null;
set_password($vendor, $server, $username, $password);
$_SESSION["db"][$vendor][$server][$username][$db] = true;
if ($auth["permanent"]) {
@ -76,12 +133,12 @@ if ($auth) {
redirect(auth_url($vendor, $server, $username, $db));
}
} elseif ($_POST["logout"] && (!$has_token || verify_token())) {
} elseif (isset($_POST["logout"]) && $_POST["logout"] && (!$has_token || verify_token())) {
foreach (array("pwds", "db", "dbs", "queries") as $key) {
set_session($key, null);
}
unset_permanent();
redirect(substr(preg_replace('~\b(username|db|ns)=[^&]*&~', '', ME), 0, -1), lang('Logout successful.') . '.');
redirect(substr(preg_replace('~\b(username|db|ns)=[^&]*&~', '', ME), 0, -1), lang('Logout successful.'));
} elseif ($permanent && !$_SESSION["pwds"]) {
session_regenerate_id();
@ -114,7 +171,7 @@ function auth_error($error) {
$session_name = session_name();
if (isset($_GET["username"])) {
header("HTTP/1.1 403 Forbidden"); // 401 requires sending WWW-Authenticate header
if (($_COOKIE[$session_name] || $_GET[$session_name]) && !$has_token) {
if (((isset($_COOKIE[$session_name]) && $_COOKIE[$session_name]) || (isset($_GET[$session_name]) && $_GET[$session_name])) && !$has_token) {
$error = lang('Session expired, please login again.');
} else {
restart_session();
@ -129,7 +186,7 @@ function auth_error($error) {
unset_permanent();
}
}
if (!$_COOKIE[$session_name] && $_GET[$session_name] && ini_bool("session.use_only_cookies")) {
if ((isset($_COOKIE[$session_name]) === false || !$_COOKIE[$session_name]) && (isset($_GET[$session_name]) && $_GET[$session_name]) && ini_bool("session.use_only_cookies")) {
$error = lang('Session support must be enabled.');
}
$params = session_get_cookie_params();
@ -158,22 +215,20 @@ if (isset($_GET["username"]) && !class_exists("Min_DB")) {
stop_session(true);
if (isset($_GET["username"]) && is_string(get_password())) {
list($host, $port) = explode(":", SERVER, 2);
if (preg_match('~^\s*([-+]?\d+)~', $port, $match) && ($match[1] < 1024 || $match[1] > 65535)) { // is_numeric('80#') would still connect to port 80
auth_error(lang('Connecting to privileged ports is not allowed.'));
}
validate_server_input();
check_invalid_login();
$connection = connect();
$driver = new Min_Driver($connection);
}
$login = null;
if (!is_object($connection) || ($login = $adminer->login($_GET["username"], get_password())) !== true) {
$error = (is_string($connection) ? h($connection) : (is_string($login) ? $login : lang('Invalid credentials.')));
$error = (is_string($connection) ? h($connection) : (is_string($login) ? $login : lang('Invalid server or credentials.')));
auth_error($error . (preg_match('~^ | $~', get_password()) ? '<br>' . lang('There is a space in the input password which might be the cause.') : ''));
}
if ($_POST["logout"] && $has_token && !verify_token()) {
if (isset($_POST["logout"]) && $_POST["logout"] && $has_token && !verify_token()) {
page_header(lang('Logout'), lang('Invalid CSRF token. Send the form again.'));
page_footer("db");
exit;

25
adminer/include/bootstrap.inc.php
View file

@ -1,6 +1,7 @@
<?php
function adminer_errors($errno, $errstr) {
return !!preg_match('~^(Trying to access array offset on value of type null|Undefined array key)~', $errstr);
function adminer_errors($errNo, $errStr, $errFile, $errLine) {
file_put_contents("php://stderr", sprintf("%d - %s - %s:%d\n", $errNo, $errStr, $errFile, $errLine));
printf("%d - %s - %s:%d\n", $errNo, $errStr, $errFile, $errLine);
}
error_reporting(6135); // errors and warnings
@ -30,7 +31,7 @@ if (isset($_GET["file"])) {
include "../adminer/file.inc.php";
}
if ($_GET["script"] == "version") {
if (isset($_GET["script"]) && $_GET["script"] == "version") {
$fp = file_open_lock(get_temp_dir() . "/adminer.version");
if ($fp) {
file_write_unlock($fp, serialize(array("signature" => $_POST["signature"], "version" => $_POST["version"])));
@ -43,13 +44,13 @@ global $adminer, $connection, $driver, $drivers, $edit_functions, $enum_length,
if (!$_SERVER["REQUEST_URI"]) { // IIS 5 compatibility
$_SERVER["REQUEST_URI"] = $_SERVER["ORIG_PATH_INFO"];
}
if (!strpos($_SERVER["REQUEST_URI"], '?') && $_SERVER["QUERY_STRING"] != "") { // IIS 7 compatibility
if (isset($_SERVER["QUERY_STRING"]) && !strpos($_SERVER["REQUEST_URI"], '?') && $_SERVER["QUERY_STRING"] != "") { // IIS 7 compatibility
$_SERVER["REQUEST_URI"] .= "?$_SERVER[QUERY_STRING]";
}
if ($_SERVER["HTTP_X_FORWARDED_PREFIX"]) {
if (isset($_SERVER["HTTP_X_FORWARDED_PREFIX"]) && $_SERVER["HTTP_X_FORWARDED_PREFIX"]) {
$_SERVER["REQUEST_URI"] = $_SERVER["HTTP_X_FORWARDED_PREFIX"] . $_SERVER["REQUEST_URI"];
}
$HTTPS = ($_SERVER["HTTPS"] && strcasecmp($_SERVER["HTTPS"], "off")) || ini_bool("session.cookie_secure"); // session.cookie_secure could be set on HTTP if we are behind a reverse proxy
$HTTPS = (isset($_SERVER["HTTPS"]) && $_SERVER["HTTPS"] && strcasecmp($_SERVER["HTTPS"], "off")) || ini_bool("session.cookie_secure"); // session.cookie_secure could be set on HTTP if we are behind a reverse proxy
@ini_set("session.use_trans_sid", false); // protect links in export, @ - may be disabled
if (!defined("SID")) {
@ -102,8 +103,16 @@ if ($adminer->operators === null) {
$adminer->operator_regexp = $operator_regexp;
}
define("SERVER", $_GET[DRIVER]); // read from pgsql=localhost
define("DB", $_GET["db"]); // for the sake of speed and size
if (isset($_GET[DRIVER])) {
define("SERVER", $_GET[DRIVER]); // read from pgsql=localhost
} else {
define("SERVER", "");
}
if (isset($_GET["db"])) {
define("DB", $_GET["db"]); // for the sake of speed and size
} else {
define("DB", "");
}
define("ME", preg_replace('~\?.*~', '', relative_uri()) . '?'
. (sid() ? SID . '&' : '')
. (SERVER !== null ? DRIVER . "=" . urlencode(SERVER) . '&' : '')

14
adminer/include/connect.inc.php
View file

@ -5,7 +5,7 @@ function connect_error() {
header("HTTP/1.1 404 Not Found");
page_header(lang('Database') . ": " . h(DB), lang('Invalid database.'), true);
} else {
if ($_POST["db"] && !$error) {
if (isset($_POST["db"]) && $_POST["db"] && !$error) {
queries_redirect(substr(ME, 0, -1), lang('Databases have been dropped.'), drop_databases($_POST["db"]));
}
@ -42,17 +42,17 @@ function connect_error() {
. "</thead>\n"
;
$databases = ($_GET["dbsize"] ? count_tables($databases) : array_flip($databases));
$databases = (isset($_GET["dbsize"]) && $_GET["dbsize"] ? count_tables($databases) : array_flip($databases));
foreach ($databases as $db => $tables) {
$root = h(ME) . "db=" . urlencode($db);
$id = h("Db-" . $db);
echo "<tr" . odd() . ">" . (support("database") ? "<td>" . checkbox("db[]", $db, in_array($db, (array) $_POST["db"]), "", "", "", $id) : "");
echo "<tr" . odd() . ">" . (support("database") ? "<td>" . checkbox("db[]", $db, in_array($db, (array) (isset($_POST["db"]) ? $_POST["db"] : [])), "", "", "", $id) : "");
echo "<th><a href='$root' id='$id'>" . h($db) . "</a>";
$collation = h(db_collation($db, $collations));
echo "<td>" . (support("database") ? "<a href='$root" . ($scheme ? "&amp;ns=" : "") . "&amp;database=' title='" . lang('Alter database') . "'>$collation</a>" : $collation);
echo "<td align='right'><a href='$root&amp;schema=' id='tables-" . h($db) . "' title='" . lang('Database schema') . "'>" . ($_GET["dbsize"] ? $tables : "?") . "</a>";
echo "<td align='right' id='size-" . h($db) . "'>" . ($_GET["dbsize"] ? db_size($db) : "?");
echo "<td align='right'><a href='$root&amp;schema=' id='tables-" . h($db) . "' title='" . lang('Database schema') . "'>" . (isset($_GET["dbsize"]) && $_GET["dbsize"] ? $tables : "?") . "</a>";
echo "<td align='right' id='size-" . h($db) . "'>" . (isset($_GET["dbsize"]) && $_GET["dbsize"] ? db_size($db) : "?");
echo "\n";
}
@ -82,8 +82,8 @@ if (isset($_GET["import"])) {
$_GET["sql"] = $_GET["import"];
}
if (!(DB != "" ? $connection->select_db(DB) : isset($_GET["sql"]) || isset($_GET["dump"]) || isset($_GET["database"]) || isset($_GET["processlist"]) || isset($_GET["privileges"]) || isset($_GET["user"]) || isset($_GET["variables"]) || $_GET["script"] == "connect" || $_GET["script"] == "kill")) {
if (DB != "" || $_GET["refresh"]) {
if (!(DB != "" ? $connection->select_db(DB) : isset($_GET["sql"]) || isset($_GET["dump"]) || isset($_GET["database"]) || isset($_GET["processlist"]) || isset($_GET["privileges"]) || isset($_GET["user"]) || isset($_GET["variables"]) || (isset($_GET["script"]) && $_GET["script"] == "connect") || (isset($_GET["script"]) && $_GET["script"] == "kill"))) {
if (DB != "" || (isset($_GET["refresh"]) && $_GET["refresh"])) {
restart_session();
set_session("dbs", null);
}

6
adminer/include/design.inc.php
View file

@ -35,7 +35,7 @@ function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") {
<body class="<?php echo lang('ltr'); ?> nojs <?php echo $GLOBALS['project']; ?>">
<?php
$filename = get_temp_dir() . "/adminer.version";
if (!$_COOKIE["adminer_version"] && function_exists('openssl_verify') && file_exists($filename) && filemtime($filename) + 86400 > time()) { // 86400 - 1 day in seconds
if ((isset($_COOKIE["adminer_version"]) === false || !$_COOKIE["adminer_version"]) && function_exists('openssl_verify') && file_exists($filename) && filemtime($filename) + 86400 > time()) { // 86400 - 1 day in seconds
$version = unserialize(file_get_contents($filename));
$public = "-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwqWOVuF5uw7/+Z70djoK
@ -76,11 +76,11 @@ var thousandsSeparator = '<?php echo js_escape(lang(',')); ?>';
echo "$server\n";
} else {
echo "<a href='" . h($link) . "' accesskey='1' title='Alt+Shift+1'>$server</a> &raquo; ";
if ($_GET["ns"] != "" || (DB != "" && is_array($breadcrumb))) {
if ((isset($_GET["ns"]) && $_GET["ns"] != "") || (DB != "" && is_array($breadcrumb))) {
echo '<a href="' . h($link . "&db=" . urlencode(DB) . (support("scheme") ? "&ns=" : "")) . '">' . h(DB) . '</a> &raquo; ';
}
if (is_array($breadcrumb)) {
if ($_GET["ns"] != "") {
if (isset($_GET["ns"]) && $_GET["ns"] != "") {
echo '<a href="' . h(substr(ME, 0, -1)) . '">' . h($_GET["ns"]) . '</a> &raquo; ';
}
foreach ($breadcrumb as $key => $val) {

2
adminer/include/driver.inc.php
View file

@ -47,7 +47,7 @@ function get_driver($id) {
$query = $adminer->selectQueryBuild($select, $where, $group, $order, $limit, $page);
if (!$query) {
$query = "SELECT" . limit(
($_GET["page"] != "last" && $limit != "" && $group && $is_group && $jush == "sql" ? "SQL_CALC_FOUND_ROWS " : "") . implode(", ", $select) . "\nFROM " . table($table),
(isset($_GET["page"]) && $_GET["page"] != "last" && $limit != "" && $group && $is_group && $jush == "sql" ? "SQL_CALC_FOUND_ROWS " : "") . implode(", ", $select) . "\nFROM " . table($table),
($where ? "\nWHERE " . implode(" AND ", $where) : "") . ($group && $is_group ? "\nGROUP BY " . implode(", ", $group) : "") . ($order ? "\nORDER BY " . implode(", ", $order) : ""),
($limit != "" ? +$limit : null),
($page ? $limit * $page : 0),

37
adminer/include/editing.inc.php
View file

@ -104,8 +104,8 @@ function referencable_primary($self) {
foreach (table_status('', true) as $table_name => $table) {
if ($table_name != $self && fk_support($table)) {
foreach (fields($table_name) as $field) {
if ($field["primary"]) {
if ($return[$table_name]) { // multi column primary key
if (isset($field["primary"]) && $field["primary"]) {
if (isset($return[$table_name]) && $return[$table_name]) { // multi column primary key
unset($return[$table_name]);
break;
}
@ -121,7 +121,10 @@ function referencable_primary($self) {
* @return array
*/
function adminer_settings() {
parse_str($_COOKIE["adminer_settings"], $settings);
$settings = [];
if (isset($_COOKIE["adminer_settings"])) {
parse_str($_COOKIE["adminer_settings"], $settings);
}
return $settings;
}
@ -131,7 +134,7 @@ function adminer_settings() {
*/
function adminer_setting($key) {
$settings = adminer_settings();
return $settings[$key];
return (isset($settings[$key]) ? $settings[$key] : null);
}
/** Store settings to a cookie
@ -182,11 +185,11 @@ if ($foreign_keys) {
$structured_types[lang('Foreign keys')] = $foreign_keys;
}
echo optionlist(array_merge($extra_types, $structured_types), $type);
?></select><td><input name="<?php echo h($key); ?>[length]" value="<?php echo h($field["length"]); ?>" size="3"<?php echo (!$field["length"] && preg_match('~var(char|binary)$~', $type) ? " class='required'" : ""); //! type="number" with enabled JavaScript ?> aria-labelledby="label-length"><td class="options"><?php
echo "<select name='" . h($key) . "[collation]'" . (preg_match('~(char|text|enum|set)$~', $type) ? "" : " class='hidden'") . '><option value="">(' . lang('collation') . ')' . optionlist($collations, $field["collation"]) . '</select>';
echo ($unsigned ? "<select name='" . h($key) . "[unsigned]'" . (!$type || preg_match(number_type(), $type) ? "" : " class='hidden'") . '><option>' . optionlist($unsigned, $field["unsigned"]) . '</select>' : '');
echo (isset($field['on_update']) ? "<select name='" . h($key) . "[on_update]'" . (preg_match('~timestamp|datetime~', $type) ? "" : " class='hidden'") . '>' . optionlist(array("" => "(" . lang('ON UPDATE') . ")", "CURRENT_TIMESTAMP"), (preg_match('~^CURRENT_TIMESTAMP~i', $field["on_update"]) ? "CURRENT_TIMESTAMP" : $field["on_update"])) . '</select>' : '');
echo ($foreign_keys ? "<select name='" . h($key) . "[on_delete]'" . (preg_match("~`~", $type) ? "" : " class='hidden'") . "><option value=''>(" . lang('ON DELETE') . ")" . optionlist(explode("|", $on_actions), $field["on_delete"]) . "</select> " : " "); // space for IE
?></select><td><input name="<?php echo h($key); ?>[length]" value="<?php echo h(isset($field["length"]) ? $field["length"] : null); ?>" size="3"<?php echo ((isset($field["length"]) === false || !$field["length"]) && preg_match('~var(char|binary)$~', $type) ? " class='required'" : ""); //! type="number" with enabled JavaScript ?> aria-labelledby="label-length"><td class="options"><?php
echo "<select name='" . h($key) . "[collation]'" . (preg_match('~(char|text|enum|set)$~', $type) ? "" : " class='hidden'") . '><option value="">(' . lang('collation') . ')' . optionlist($collations, (isset($field["collation"]) ? $field["collation"] : null)) . '</select>';
echo ($unsigned ? "<select name='" . h($key) . "[unsigned]'" . (!$type || preg_match(number_type(), $type) ? "" : " class='hidden'") . '><option>' . optionlist($unsigned, (isset($field["unsigned"]) ? $field["unsigned"] : null)) . '</select>' : '');
echo (isset($field['on_update']) ? "<select name='" . h($key) . "[on_update]'" . (preg_match('~timestamp|datetime~', $type) ? "" : " class='hidden'") . '>' . optionlist(array("" => "(" . lang('ON UPDATE') . ")", "CURRENT_TIMESTAMP"), (preg_match('~^CURRENT_TIMESTAMP~i', (isset($field["on_update"]) ? $field["on_update"] : null)) ? "CURRENT_TIMESTAMP" : $field["on_update"])) . '</select>' : '');
echo ($foreign_keys ? "<select name='" . h($key) . "[on_delete]'" . (preg_match("~`~", $type) ? "" : " class='hidden'") . "><option value=''>(" . lang('ON DELETE') . ")" . optionlist(explode("|", $on_actions), (isset($field["on_delete"]) ? $field["on_delete"] : null)) . "</select> " : " "); // space for IE
}
/** Filter length value including enums
@ -227,11 +230,11 @@ function process_field($field, $type_field) {
return array(
idf_escape(trim($field["field"])),
process_type($type_field),
($field["null"] ? " NULL" : " NOT NULL"), // NULL for timestamp
(isset($field["null"]) && $field["null"] ? " NULL" : " NOT NULL"), // NULL for timestamp
default_value($field),
(preg_match('~timestamp|datetime~', $field["type"]) && $field["on_update"] ? " ON UPDATE $field[on_update]" : ""),
(support("comment") && $field["comment"] != "" ? " COMMENT " . q($field["comment"]) : ""),
($field["auto_increment"] ? auto_increment() : null),
(isset($field["auto_increment"]) && $field["auto_increment"] ? auto_increment() : null),
);
}
@ -307,7 +310,7 @@ function edit_fields($fields, $collations, $type = "TABLE", $foreign_keys = arra
<th><?php if ($display) { ?><input name="fields[<?php echo $i; ?>][field]" value="<?php echo h($field["field"]); ?>" data-maxlength="64" autocapitalize="off" aria-labelledby="label-name"><?php } ?>
<input type="hidden" name="fields[<?php echo $i; ?>][orig]" value="<?php echo h($orig); ?>"><?php edit_type("fields[$i]", $field, $collations, $foreign_keys); ?>
<?php if ($type == "TABLE") { ?>
<td><?php echo checkbox("fields[$i][null]", 1, $field["null"], "", "", "block", "label-null"); ?>
<td><?php echo checkbox("fields[$i][null]", 1, isset($field["null"]) ? $field["null"] : null, "", "", "block", "label-null"); ?>
<td><label class="block"><input type="radio" name="auto_increment_col" value="<?php echo $i; ?>"<?php if ($field["auto_increment"]) { ?> checked<?php } ?> aria-labelledby="label-ai"></label><td<?php echo $default_class; ?>><?php
echo checkbox("fields[$i][has_default]", 1, $field["has_default"], "", "", "", "label-default"); ?><input name="fields[<?php echo $i; ?>][default]" value="<?php echo h($field["default"]); ?>" aria-labelledby="label-default"><?php
echo (support("comment") ? "<td$comment_class><input name='fields[$i][comment]' value='" . h($field["comment"]) . "' data-maxlength='" . (min_version(5.5) ? 1024 : 255) . "' aria-labelledby='label-comment'>" : "");
@ -328,7 +331,7 @@ function edit_fields($fields, $collations, $type = "TABLE", $foreign_keys = arra
*/
function process_fields(&$fields) {
$offset = 0;
if ($_POST["up"]) {
if (isset($_POST["up"]) && $_POST["up"]) {
$last = 0;
foreach ($fields as $key => $field) {
if (key($_POST["up"]) == $key) {
@ -341,7 +344,7 @@ function process_fields(&$fields) {
}
$offset++;
}
} elseif ($_POST["down"]) {
} elseif (isset($_POST["down"]) && $_POST["down"]) {
$found = false;
foreach ($fields as $key => $field) {
if (isset($field["field"]) && $found) {
@ -354,10 +357,10 @@ function process_fields(&$fields) {
}
$offset++;
}
} elseif ($_POST["add"]) {
} elseif (isset($_POST["add"]) && $_POST["add"]) {
$fields = array_values($fields);
array_splice($fields, key($_POST["add"]), 0, array(array()));
} elseif (!$_POST["drop_col"]) {
} elseif (isset($_POST["drop_col"]) === false || !$_POST["drop_col"]) {
return false;
}
return true;
@ -545,7 +548,7 @@ function doc_link($paths, $text = "<sup>?</sup>") {
$urls['sql'] = "https://mariadb.com/kb/en/library/";
$paths['sql'] = (isset($paths['mariadb']) ? $paths['mariadb'] : str_replace(".html", "/", $paths['sql']));
}
return ($paths[$jush] ? "<a href='" . h($urls[$jush] . $paths[$jush]) . "'" . target_blank() . ">$text</a>" : "");
return (isset($paths[$jush]) && $paths[$jush] ? "<a href='" . h($urls[$jush] . $paths[$jush]) . "'" . target_blank() . ">$text</a>" : "");
}
/** Wrap gzencode() for usage in ob_start()

63
adminer/include/functions.inc.php
View file

@ -490,21 +490,25 @@ function escape_key($key) {
function where($where, $fields = array()) {
global $connection, $jush;
$return = array();
foreach ((array) $where["where"] as $key => $val) {
$key = bracket_escape($key, 1); // 1 - back
$column = escape_key($key);
$return[] = $column
. ($jush == "sql" && is_numeric($val) && preg_match('~\.~', $val) ? " LIKE " . q($val) // LIKE because of floats but slow with ints
: ($jush == "mssql" ? " LIKE " . q(preg_replace('~[_%[]~', '[\0]', $val)) // LIKE because of text
: " = " . unconvert_field($fields[$key], q($val))
))
; //! enum and set
if ($jush == "sql" && preg_match('~char|text~', $fields[$key]["type"] ?? null) && preg_match("~[^ -@]~", $val)) { // not just [a-z] to catch non-ASCII characters
$return[] = "$column = " . q($val) . " COLLATE " . charset($connection) . "_bin";
if (isset($where["where"])) {
foreach ((array) $where["where"] as $key => $val) {
$key = bracket_escape($key, 1); // 1 - back
$column = escape_key($key);
$return[] = $column
. ($jush == "sql" && is_numeric($val) && preg_match('~\.~', $val) ? " LIKE " . q($val) // LIKE because of floats but slow with ints
: ($jush == "mssql" ? " LIKE " . q(preg_replace('~[_%[]~', '[\0]', $val)) // LIKE because of text
: " = " . unconvert_field($fields[$key], q($val))
))
; //! enum and set
if ($jush == "sql" && preg_match('~char|text~', $fields[$key]["type"] ?? null) && preg_match("~[^ -@]~", $val)) { // not just [a-z] to catch non-ASCII characters
$return[] = "$column = " . q($val) . " COLLATE " . charset($connection) . "_bin";
}
}
}
foreach ((array) $where["null"] as $key) {
$return[] = escape_key($key) . " IS NULL";
if (isset($where["null"])) {
foreach ((array) $where["null"] as $key) {
$return[] = escape_key($key) . " IS NULL";
}
}
return implode(" AND ", $return);
}
@ -595,7 +599,10 @@ function stop_session($force = false) {
* @return mixed
*/
function &get_session($key) {
return $_SESSION[$key][DRIVER][SERVER][$_GET["username"]];
if (isset($_GET["username"]) && isset($_SESSION[$key][DRIVER][SERVER][$_GET["username"]])) {
return $_SESSION[$key][DRIVER][SERVER][$_GET["username"]];
}
return null;
}
/** Set session variable for current server
@ -630,7 +637,10 @@ function auth_url($vendor, $server, $username, $db = null) {
* @return bool
*/
function is_ajax() {
return ($_SERVER["HTTP_X_REQUESTED_WITH"] == "XMLHttpRequest");
if (isset($_SERVER["HTTP_X_REQUESTED_WITH"])) {
return ($_SERVER["HTTP_X_REQUESTED_WITH"] == "XMLHttpRequest");
}
return false;
}
/** Send Location header and exit
@ -997,7 +1007,7 @@ function input($field, $value, $function) {
echo "<textarea$attrs cols='50' rows='12' class='jush-js'>" . h($value) . '</textarea>';
} else {
// int(3) is only a display hint
$maxlength = (!preg_match('~int~', $field["type"]) && preg_match('~^(\d+)(,(\d+))?$~', $field["length"], $match) ? ((preg_match("~binary~", $field["type"]) ? 2 : 1) * $match[1] + ($match[3] ? 1 : 0) + ($match[2] && !$field["unsigned"] ? 1 : 0)) : ($types[$field["type"]] ? $types[$field["type"]] + ($field["unsigned"] ? 0 : 1) : 0));
$maxlength = (!preg_match('~int~', $field["type"]) && preg_match('~^(\d+)(,(\d+))?$~', $field["length"], $match) ? ((preg_match("~binary~", $field["type"]) ? 2 : 1) * $match[1] + (isset($match[3]) && $match[3] ? 1 : 0) + (isset($match[2]) && $match[2] && !$field["unsigned"] ? 1 : 0)) : ($types[$field["type"]] ? $types[$field["type"]] + ($field["unsigned"] ? 0 : 1) : 0));
if ($jush == 'sql' && min_version(5.6) && preg_match('~time~', $field["type"])) {
$maxlength += 7; // microtime
}
@ -1505,20 +1515,23 @@ function edit_form($table, $fields, $row, $update) {
: (isset($_GET["select"]) ? false : $default)
)
);
if (!$_POST["save"] && is_string($value)) {
if ((isset($_POST["save"]) === false || !$_POST["save"]) && is_string($value)) {
$value = $adminer->editVal($value, $field);
}
$fname = null;
if (isset($_POST["function"][$name])) {
$fname = (string)$_POST["function"][$name];
}
$function = ($_POST["save"]
? $fname
: ($update && preg_match('~^CURRENT_TIMESTAMP~i', $field["on_update"])
? "now"
: ($value === false ? null : ($value !== null ? '' : 'NULL'))
)
);
$function = null;
if (isset($_POST["save"])) {
$function = ($_POST["save"]
? $fname
: ($update && preg_match('~^CURRENT_TIMESTAMP~i', $field["on_update"])
? "now"
: ($value === false ? null : ($value !== null ? '' : 'NULL'))
)
);
}
if (!$_POST && !$update && $value == $field["default"] && preg_match('~^[\w.]+\(~', $value)) {
$function = "SQL";
}
@ -1555,7 +1568,7 @@ function edit_form($table, $fields, $row, $update) {
: ($_POST || !$fields ? "" : script("focus(qsa('td', qs('#form'))[1].firstChild);"))
);
if (isset($_GET["select"])) {
hidden_fields(array("check" => (array) $_POST["check"], "clone" => $_POST["clone"], "all" => $_POST["all"]));
hidden_fields(array("check" => (array) isset($_POST["check"]) ? $_POST["check"] : null, "clone" => isset($_POST["clone"]) ? $_POST["clone"] : null, "all" => isset($_POST["all"]) ? $_POST["all"] : null));
}
?>
<input type="hidden" name="referer" value="<?php echo h(isset($_POST["referer"]) ? $_POST["referer"] : $_SERVER["HTTP_REFERER"]); ?>">

6
adminer/include/lang.inc.php
View file

@ -63,7 +63,7 @@ function get_lang() {
*/
function lang($idf, $number = null) {
global $LANG, $translations;
$translation = ($translations[$idf] ? $translations[$idf] : $idf);
$translation = (isset($translations[$idf]) ? $translations[$idf] : $idf);
if (is_array($translation)) {
$pos = ($number == 1 ? 0
: ($LANG == 'cs' || $LANG == 'sk' ? ($number && $number < 5 ? 1 : 2) // different forms for 1, 2-4, other
@ -102,10 +102,10 @@ if (isset($_POST["lang"]) && verify_token()) { // $error not yet available
}
$LANG = "en";
if (isset($langs[$_COOKIE["adminer_lang"]])) {
if (isset($_COOKIE["adminer_lang"]) && isset($langs[$_COOKIE["adminer_lang"]])) {
cookie("adminer_lang", $_COOKIE["adminer_lang"]);
$LANG = $_COOKIE["adminer_lang"];
} elseif (isset($langs[$_SESSION["lang"]])) {
} elseif (isset($_SESSION["lang"]) && isset($langs[$_SESSION["lang"]])) {
$LANG = $_SESSION["lang"];
} else {
$accept_language = array();

2
adminer/index.php
View file

@ -14,7 +14,7 @@ include "./include/tmpfile.inc.php";
$enum_length = "'(?:''|[^'\\\\]|\\\\.)*'";
$inout = "IN|OUT|INOUT";
if (isset($_GET["select"]) && ($_POST["edit"] || $_POST["clone"]) && !$_POST["save"]) {
if (isset($_GET["select"]) && ((isset($_POST["edit"]) && $_POST["edit"]) || (isset($_POST["clone"]) && $_POST["clone"])) && (isset($_POST["save"]) || !$_POST["save"])) {
$_GET["edit"] = $_GET["select"];
}
if (isset($_GET["callf"])) {

10
adminer/indexes.inc.php
View file

@ -72,7 +72,7 @@ if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"]) {
page_header(lang('Indexes'), $error, array("table" => $TABLE), h($TABLE));
$fields = array_keys(fields($TABLE));
if ($_POST["add"]) {
if (isset($_POST["add"]) && $_POST["add"]) {
foreach ($row["indexes"] as $key => $index) {
if ($index["columns"][count($index["columns"])] != "") {
$row["indexes"][$key]["columns"][] = "";
@ -113,8 +113,8 @@ if ($primary) {
}
$j = 1;
foreach ($row["indexes"] as $index) {
if (!$_POST["drop_col"] || $j != key($_POST["drop_col"])) {
echo "<tr><td>" . html_select("indexes[$j][type]", array(-1 => "") + $index_types, $index["type"], ($j == count($row["indexes"]) ? "indexesAddRow.call(this);" : 1), "label-type");
if (isset($_POST["drop_col"]) === false || !$_POST["drop_col"] || $j != key($_POST["drop_col"])) {
echo "<tr><td>" . html_select("indexes[$j][type]", array(-1 => "") + $index_types, isset($index["type"]) ? $index["type"] : null, ($j == count($row["indexes"]) ? "indexesAddRow.call(this);" : 1), "label-type");
echo "<td>";
ksort($index["columns"]);
@ -127,12 +127,12 @@ foreach ($row["indexes"] as $index) {
"partial(" . ($i == count($index["columns"]) ? "indexesAddColumn" : "indexesChangeColumn") . ", '" . js_escape($jush == "sql" ? "" : $_GET["indexes"] . "_") . "')"
);
echo ($jush == "sql" || $jush == "mssql" ? "<input type='number' name='indexes[$j][lengths][$i]' class='size' value='" . h($index["lengths"][$key]) . "' title='" . lang('Length') . "'>" : "");
echo (support("descidx") ? checkbox("indexes[$j][descs][$i]", 1, $index["descs"][$key], lang('descending')) : "");
echo (support("descidx") ? checkbox("indexes[$j][descs][$i]", 1, isset($index["descs"][$key]) ? $index["descs"][$key] : null, lang('descending')) : "");
echo " </span>";
$i++;
}
echo "<td><input name='indexes[$j][name]' value='" . h($index["name"]) . "' autocapitalize='off' aria-labelledby='label-name'>\n";
echo "<td><input name='indexes[$j][name]' value='" . h(isset($index["name"]) ? $index["name"] : null) . "' autocapitalize='off' aria-labelledby='label-name'>\n";
echo "<td><input type='image' class='icon' name='drop_col[$j]' src='../adminer/static/cross.gif' alt='x' title='" . lang('Remove') . "'>" . script("qsl('input').onclick = partial(editingRemoveRow, 'indexes\$1[type]');");
}
$j++;

2
adminer/lang/ar.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'تسجيل الدخول',
'Logout successful.' => 'تم تسجيل الخروج بنجاح.',
'Invalid credentials.' => 'بيانات الدخول غير صالحة.',
'Invalid server or credentials.' => null,
'Server' => 'الخادم',
'Username' => 'اسم المستخدم',
'Password' => 'كلمة المرور',

2
adminer/lang/bg.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => 'Изход',
'Logged as: %s' => 'Текущ потребител: %s',
'Logout successful.' => 'Излизането е успешно.',
'Invalid credentials.' => 'Невалидни потребителски данни.',
'Invalid server or credentials.' => null,
'Too many unsuccessful logins, try again in %d minute(s).' => array('Прекалено много неуспешни опити за вход, опитайте пак след %d минута.', 'Прекалено много неуспешни опити за вход, опитайте пак след %d минути.'),
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => 'Главната парола вече е невалидна. <a href="https://www.adminer.org/en/extension/"%s>Изберете</a> %s метод, за да я направите постоянна.',
'Language' => 'Език',

2
adminer/lang/bn.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'লগইন',
'Logout successful.' => 'সফলভাবে লগআউট হয়েছে।',
'Invalid credentials.' => 'ভুল পাসওয়ার্ড।',
'Invalid server or credentials.' => null,
'Server' => 'সার্ভার',
'Username' => 'ইউজারের নাম',
'Password' => 'পাসওয়ার্ড',

2
adminer/lang/bs.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => 'Odjava',
'Logged as: %s' => 'Prijavi se kao: %s',
'Logout successful.' => 'Uspešna odjava.',
'Invalid credentials.' => 'Nevažeće dozvole.',
'Invalid server or credentials.' => null,
'Language' => 'Jezik',
'Invalid CSRF token. Send the form again.' => 'Nevažeći CSRF kod. Proslijedite ponovo formu.',
'No extension' => 'Bez dodataka',

2
adminer/lang/ca.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'Inicia la sessió',
'Logout successful.' => 'Desconnexió correcta.',
'Invalid credentials.' => 'Credencials invàlides.',
'Invalid server or credentials.' => null,
'Server' => 'Servidor',
'Username' => 'Nom d\'usuari',
'Password' => 'Contrasenya',

2
adminer/lang/cs.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => 'Odhlásit',
'Logged as: %s' => 'Přihlášen jako: %s',
'Logout successful.' => 'Odhlášení proběhlo v pořádku.',
'Invalid credentials.' => 'Neplatné přihlašovací údaje.',
'Invalid server or credentials.' => 'Neplatný server nebo přihlašovací údaje.',
'There is a space in the input password which might be the cause.' => 'Problém může být, že je v zadaném hesle mezera.',
'Adminer does not support accessing a database without a password, <a href="https://www.adminer.org/en/password/"%s>more information</a>.' => 'Adminer nepodporuje přístup k databázi bez hesla, <a href="https://www.adminer.org/cs/password/"%s>více informací</a>.',
'Database does not support password.' => 'Databáze nepodporuje heslo.',

2
adminer/lang/da.inc.php
View file

@ -9,7 +9,7 @@ $translations = array(
'Logout' => 'Log ud',
'Logged as: %s' => 'Logget ind som: %s',
'Logout successful.' => 'Log af vellykket.',
'Invalid credentials.' => 'Ugyldige log ind oplysninger.',
'Invalid server or credentials.' => null,
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => 'Master-kodeordet er udløbet. <a href="https://www.adminer.org/en/extension/"%s>Implementer</a> en metode for %s for at gøre det permanent.',
'Language' => 'Sprog',
'Invalid CSRF token. Send the form again.' => 'Ugyldigt CSRF-token - Genindsend formen.',

2
adminer/lang/de.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'Login',
'Logout successful.' => 'Abmeldung erfolgreich.',
'Invalid credentials.' => 'Ungültige Anmelde-Informationen.',
'Invalid server or credentials.' => 'Ungültige Server oder Anmelde-Informationen.',
'Server' => 'Server',
'Username' => 'Benutzer',
'Password' => 'Passwort',

2
adminer/lang/el.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => 'Αποσύνδεση',
'Logged as: %s' => 'Συνδεθήκατε ως %s',
'Logout successful.' => 'Αποσυνδεθήκατε με επιτυχία.',
'Invalid credentials.' => 'Εσφαλμένα Διαπιστευτήρια.',
'Invalid server or credentials.' => null,
'Too many unsuccessful logins, try again in %d minute(s).' => array('Επανειλημμένες ανεπιτυχείς προσπάθειες σύνδεσης, δοκιμάστε ξανά σε %s λεπτό.', 'Επανειλημμένες ανεπιτυχείς προσπάθειες σύνδεσης, δοκιμάστε ξανά σε %s λεπτά.'),
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => 'Έληξε ο Κύριος Κωδικός. <a href="https://www.adminer.org/en/extension/"%s>Ενεργοποιήστε</a> τη μέθοδο %s για να τον κάνετε μόνιμο.',
'Language' => 'Γλώσσα',

2
adminer/lang/es.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'Login',
'Logout successful.' => 'Sesión finalizada con éxito.',
'Invalid credentials.' => 'Usuario y/o clave de acceso incorrecta.',
'Invalid server or credentials.' => null,
'Server' => 'Servidor',
'Username' => 'Usuario',
'Password' => 'Contraseña',

2
adminer/lang/et.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'Logi sisse',
'Logout successful.' => 'Väljalogimine õnnestus.',
'Invalid credentials.' => 'Ebakorrektsed andmed.',
'Invalid server or credentials.' => null,
'Server' => 'Server',
'Username' => 'Kasutajanimi',
'Password' => 'Parool',

2
adminer/lang/fa.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => 'خروج',
'Logged as: %s' => 'ورود به عنوان: %s',
'Logout successful.' => 'با موفقیت خارج شدید.',
'Invalid credentials.' => 'اعتبار سنجی نامعتبر.',
'Invalid server or credentials.' => null,
'Too many unsuccessful logins, try again in %d minute(s).' => array('ورودهای ناموفق بیش از حد، %d دقیقه دیگر تلاش نمایید.', 'ورودهای ناموفق بیش از حد، %d دقیقه دیگر تلاش نمایید.'),
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => 'رمز اصلی باطل شده است. روش %s را <a href="https://www.adminer.org/en/extension/"%s>پیاده سازی</a> کرده تا آن را دائمی سازید.',
'Language' => 'زبان',

2
adminer/lang/fi.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => 'Kirjaudu ulos',
'Logged as: %s' => 'Olet kirjautunut käyttäjänä: %s',
'Logout successful.' => 'Uloskirjautuminen onnistui.',
'Invalid credentials.' => 'Virheelliset kirjautumistiedot.',
'Invalid server or credentials.' => null,
'Too many unsuccessful logins, try again in %d minute(s).' => array('Liian monta epäonnistunutta sisäänkirjautumisyritystä, kokeile uudestaan %d minuutin kuluttua.', 'Liian monta epäonnistunutta sisäänkirjautumisyritystä, kokeile uudestaan %d minuutin kuluttua.'),
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => 'Master-salasana ei ole enää voimassa. <a href="https://www.adminer.org/en/extension/"%s>Toteuta</a> %s-metodi sen tekemiseksi pysyväksi.',
'Language' => 'Kieli',

2
adminer/lang/fr.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'Authentification',
'Logout successful.' => 'Au revoir !',
'Invalid credentials.' => 'Authentification échouée.',
'Invalid server or credentials.' => null,
'Server' => 'Serveur',
'Username' => 'Utilisateur',
'Password' => 'Mot de passe',

2
adminer/lang/gl.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'Conectar',
'Logout successful.' => 'Pechouse a sesión con éxito.',
'Invalid credentials.' => 'Credenciais (usuario e/ou contrasinal) inválidos.',
'Invalid server or credentials.' => null,
'Server' => 'Servidor',
'Username' => 'Usuario',
'Password' => 'Contrasinal',

2
adminer/lang/he.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'התחברות',
'Logout successful.' => 'ההתחברות הצליחה',
'Invalid credentials.' => 'פרטי התחברות שגויים',
'Invalid server or credentials.' => null,
'Server' => 'שרת',
'Username' => 'שם משתמש',
'Password' => 'סיסמה',

2
adminer/lang/hu.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'Belépés',
'Logout successful.' => 'Sikeres kilépés.',
'Invalid credentials.' => 'Érvénytelen adatok.',
'Invalid server or credentials.' => null,
'Server' => 'Szerver',
'Username' => 'Felhasználó',
'Password' => 'Jelszó',

2
adminer/lang/id.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => 'Keluar',
'Logged as: %s' => 'Masuk sebagai: %s',
'Logout successful.' => 'Berhasil keluar.',
'Invalid credentials.' => 'Akses tidak sah.',
'Invalid server or credentials.' => null,
'Language' => 'Bahasa',
'Invalid CSRF token. Send the form again.' => 'Token CSRF tidak sah. Kirim ulang formulir.',
'No extension' => 'Ekstensi tidak ada',

2
adminer/lang/it.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'Autenticazione',
'Logout successful.' => 'Uscita effettuata con successo.',
'Invalid credentials.' => 'Credenziali non valide.',
'Invalid server or credentials.' => 'Server o credenziali non valide.',
'Server' => 'Server',
'Username' => 'Utente',
'Password' => 'Password',

2
adminer/lang/ja.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'ログイン',
'Logout successful.' => 'ログアウト',
'Invalid credentials.' => '不正なログイン',
'Invalid server or credentials.' => null,
'Server' => 'サーバ',
'Username' => 'ユーザ名',
'Password' => 'パスワード',

2
adminer/lang/ka.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'შესვლა',
'Logout successful.' => 'გამოხვედით სისტემიდან.',
'Invalid credentials.' => 'არასწორი მომხმარებელი ან პაროლი.',
'Invalid server or credentials.' => null,
'Server' => 'სერვერი',
'Username' => 'მომხმარებელი',
'Password' => 'პაროლი',

2
adminer/lang/ko.inc.php
View file

@ -121,7 +121,7 @@ $translations = array(
'Indexes have been altered.' => '색인을 변경했습니다.',
'Indexes' => '색인',
'Insert' => '삽입',
'Invalid credentials.' => '잘못된 로그인',
'Invalid server or credentials.' => null,
'Invalid CSRF token. Send the form again.' => '잘못된 CSRF 토큰입니다. 다시 보내주십시오.',
'Invalid database.' => '잘못된 데이터베이스입니다.',
'Invalid schema.' => '잘못된 스키마입니다.',

2
adminer/lang/lt.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => 'Atsijungti',
'Logged as: %s' => 'Prisijungęs kaip: %s',
'Logout successful.' => 'Jūs atsijungėte nuo sistemos.',
'Invalid credentials.' => 'Neteisingi prisijungimo duomenys.',
'Invalid server or credentials.' => null,
'Language' => 'Kalba',
'Invalid CSRF token. Send the form again.' => 'Neteisingas CSRF tokenas. Bandykite siųsti formos duomenis dar kartą.',
'No extension' => 'Nėra plėtiio',

2
adminer/lang/lv.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'Ieiet',
'Logout successful.' => 'Jūs veiksmīgi izgājāt no sistēmas.',
'Invalid credentials.' => 'Nepareizs lietotāja vārds vai parole.',
'Invalid server or credentials.' => null,
'Server' => 'Serveris',
'Username' => 'Lietotājs',
'Password' => 'Parole',

2
adminer/lang/ms.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => 'Log keluar',
'Logged as: %s' => 'Log masuk sebagai: %s',
'Logout successful.' => 'Log keluar berjaya.',
'Invalid credentials.' => 'Akses tidak sah.',
'Invalid server or credentials.' => null,
'Too many unsuccessful logins, try again in %d minute(s).' => 'Terlalu banyak percubaan log masuk yang gagal, sila cuba lagi dalam masa %d minit.',
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => 'Kata laluan utama telah luput. <a href="https://www.adminer.org/en/extension/"%s>Gunakan</a> cara %s untuk mengekalkannya.',
'Language' => 'Bahasa',

2
adminer/lang/nl.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'Aanmelden',
'Logout successful.' => 'Successvol afgemeld.',
'Invalid credentials.' => 'Ongeldige gebruikersgegevens.',
'Invalid server or credentials.' => null,
'Server' => 'Server',
'Username' => 'Gebruikersnaam',
'Password' => 'Wachtwoord',

2
adminer/lang/no.inc.php
View file

@ -9,7 +9,7 @@ $translations = array(
'Logout' => 'Logg ut',
'Logged as: %s' => 'Logget inn som: %s',
'Logout successful.' => 'Utlogging vellykket.',
'Invalid credentials.' => 'Ugylding innloggingsinformasjon.',
'Invalid server or credentials.' => null,
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => 'Master-passord er utløpt. <a href="https://www.adminer.org/en/extension/"%s>Implementer</a> en metode for %s for å gjøre det permanent.',
'Language' => 'Språk',
'Invalid CSRF token. Send the form again.' => 'Ugylding CSRF-token - Send inn skjemaet igjen.',

2
adminer/lang/pl.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => 'Wyloguj',
'Logged as: %s' => 'Zalogowany jako: %s',
'Logout successful.' => 'Wylogowano pomyślnie.',
'Invalid credentials.' => 'Nieprawidłowe dane logowania.',
'Invalid credentials.' => 'Nieprawidłowy serwer lub dane logowania.',
'Too many unsuccessful logins, try again in %d minute(s).' => array('Za dużo nieudanych prób logowania, spróbuj ponownie za %d minutę.', 'Za dużo nieudanych prób logowania, spróbuj ponownie za %d minuty.', 'Za dużo nieudanych prób logowania, spróbuj ponownie za %d minut.'),
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => 'Ważność hasła głównego wygasła. <a href="https://www.adminer.org/pl/extension/"%s>Zaimplementuj</a> własną metodę %s, aby ustawić je na stałe.',
'Language' => 'Język',

2
adminer/lang/pt-br.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'Entrar',
'Logout successful.' => 'Saída bem sucedida.',
'Invalid credentials.' => 'Identificação inválida.',
'Invalid server or credentials.' => null,
'Server' => 'Servidor',
'Username' => 'Usuário',
'Password' => 'Senha',

2
adminer/lang/pt.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'Entrar',
'Logout successful.' => 'Sessão terminada com sucesso.',
'Invalid credentials.' => 'Identificação inválida.',
'Invalid server or credentials.' => null,
'Server' => 'Servidor',
'Username' => 'Nome de utilizador',
'Password' => 'Senha',

2
adminer/lang/ro.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'Intră',
'Logout successful.' => 'Ați ieșit cu succes.',
'Invalid credentials.' => 'Numele de utilizator sau parola este greșită.',
'Invalid server or credentials.' => null,
'Server' => 'Server',
'Username' => 'Nume de utilizator',
'Password' => 'Parola',

2
adminer/lang/ru.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'Войти',
'Logout successful.' => 'Вы успешно покинули систему.',
'Invalid credentials.' => 'Неправильное имя пользователя или пароль.',
'Invalid server or credentials.' => null,
'Server' => 'Сервер',
'Username' => 'Имя пользователя',
'Password' => 'Пароль',

2
adminer/lang/sk.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'Prihlásiť sa',
'Logout successful.' => 'Odhlásenie prebehlo v poriadku.',
'Invalid credentials.' => 'Neplatné prihlasovacie údaje.',
'Invalid server or credentials.' => 'Neplatný server alebo prihlasovacie údaje.',
'Server' => 'Server',
'Username' => 'Používateľ',
'Password' => 'Heslo',

2
adminer/lang/sl.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => 'Odjavi se',
'Logged as: %s' => 'Prijavljen kot: %s',
'Logout successful.' => 'Prijava uspešna.',
'Invalid credentials.' => 'Neveljavne pravice.',
'Invalid server or credentials.' => 'Neveljaven strežnik ali pravice.',
'Language' => 'Jezik',
'Invalid CSRF token. Send the form again.' => 'Neveljaven token CSRF. Pošljite formular še enkrat.',
'No extension' => 'Brez dodatkov',

2
adminer/lang/sr.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => 'Одјава',
'Logged as: %s' => 'Пријави се као: %s',
'Logout successful.' => 'Успешна одјава.',
'Invalid credentials.' => 'Неважеће дозволе.',
'Invalid server or credentials.' => null,
'Language' => 'Језик',
'Invalid CSRF token. Send the form again.' => 'Неважећи CSRF код. Проследите поново форму.',
'No extension' => 'Без додатака',

2
adminer/lang/sv.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => 'Logga ut',
'Logged as: %s' => 'Inloggad som: %s',
'Logout successful.' => 'Du är nu utloggad.',
'Invalid credentials.' => 'Ogiltiga inloggningsuppgifter.',
'Invalid server or credentials.' => null,
'There is a space in the input password which might be the cause.' => 'Det finns ett mellanslag i lösenordet, vilket kan vara anledningen.',
'Adminer does not support accessing a database without a password, <a href="https://www.adminer.org/en/password/"%s>more information</a>.' => 'Adminer tillåter inte att ansluta till en databas utan lösenord. <a href="https://www.adminer.org/en/password/"%s>Mer information</a>.',
'Database does not support password.' => 'Databasen stödjer inte lösenord.',

2
adminer/lang/ta.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'நுழை',
'Logout successful.' => 'வெற்றிக‌ர‌மாய் வெளியேறியாயிற்று.',
'Invalid credentials.' => 'ச‌ரியான‌ விப‌ர‌ங்க‌ள் இல்லை.',
'Invalid server or credentials.' => null,
'Server' => 'வ‌ழ‌ங்கி (Server)',
'Username' => 'ப‌ய‌னாள‌ர் (User)',
'Password' => 'க‌ட‌வுச்சொல்',

2
adminer/lang/th.inc.php
View file

@ -2,7 +2,7 @@
$translations = array(
'Login' => 'เข้าสู่ระบบ',
'Logout successful.' => 'ออกจากระบบเรียบร้อยแล้ว.',
'Invalid credentials.' => 'ข้อมูลไม่ถูกต้อง.',
'Invalid server or credentials.' => null,
'Server' => 'เซอเวอร์',
'Username' => 'ชื่อผู้ใช้งาน',
'Password' => 'รหัสผ่าน',

2
adminer/lang/tr.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => ıkış',
'Logged as: %s' => '%s olarak giriş yapıldı.',
'Logout successful.' => 'Oturum başarıyla sonlandı.',
'Invalid credentials.' => 'Geçersiz kimlik bilgileri.',
'Invalid server or credentials.' => null,
'Too many unsuccessful logins, try again in %d minute(s).' => array('Çok fazla oturum açma denemesi yapıldı.', '%d Dakika sonra tekrar deneyiniz.'),
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => 'Ana şifrenin süresi doldu. Kalıcı olması için <a href="https://www.adminer.org/en/extension/"%s>%s medodunu</a> kullanın.',
'Language' => 'Dil',

2
adminer/lang/uk.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => 'Вийти',
'Logged as: %s' => 'Ви увійшли як: %s',
'Logout successful.' => 'Ви вдало вийшли з системи.',
'Invalid credentials.' => 'Неправильні дані входу.',
'Invalid server or credentials.' => null,
'Language' => 'Мова',
'Invalid CSRF token. Send the form again.' => 'Недійсний CSRF токен. Надішліть форму ще раз.',
'No extension' => 'Нема розширень',

2
adminer/lang/vi.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => 'Thoát',
'Logged as: %s' => 'Vào dưới tên: %s',
'Logout successful.' => 'Đã thoát xong.',
'Invalid credentials.' => 'Tài khoản sai.',
'Invalid server or credentials.' => null,
'Too many unsuccessful logins, try again in %d minute(s).' => 'Bạn gõ sai tài khoản quá nhiều lần, hãy thử lại sau %d phút nữa.',
'Master password expired. <a href="https://www.adminer.org/en/extension/"%s>Implement</a> %s method to make it permanent.' => 'Mật khẩu đã hết hạn. <a href="https://www.adminer.org/en/extension/"%s>Thử cách làm</a> để giữ cố định.',
'Language' => 'Ngôn ngữ',

2
adminer/lang/xx.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => 'Xx',
'Logged as: %s' => 'Xx: %s',
'Logout successful.' => 'Xx.',
'Invalid credentials.' => 'Xx.',
'Invalid server or credentials.' => 'Xx.',
'There is a space in the input password which might be the cause.' => 'Xx.',
'Adminer does not support accessing a database without a password, <a href="https://www.adminer.org/en/password/"%s>more information</a>.' => 'Xx, <a href="https://www.adminer.org/en/password/"%s>xx</a>.',
'Database does not support password.' => 'Xx.',

2
adminer/lang/zh-tw.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => '登出',
'Logged as: %s' => '登錄為: %s',
'Logout successful.' => '成功登出。',
'Invalid credentials.' => '無效的憑證。',
'Invalid server or credentials.' => null,
'There is a space in the input password which might be the cause.' => '您輸入的密碼中有一個空格,這可能是導致問題的原因。',
'Adminer does not support accessing a database without a password, <a href="https://www.adminer.org/en/password/"%s>more information</a>.' => 'Adminer預設不支援訪問沒有密碼的資料庫<a href="https://www.adminer.org/en/password/"%s>詳情見這裡</a>.',
'Database does not support password.' => '資料庫不支援密碼。',

2
adminer/lang/zh.inc.php
View file

@ -10,7 +10,7 @@ $translations = array(
'Logout' => '登出',
'Logged as: %s' => '登录用户:%s',
'Logout successful.' => '成功登出。',
'Invalid credentials.' => '无效凭据。',
'Invalid server or credentials.' => null,
'There is a space in the input password which might be the cause.' => '您输入的密码中有一个空格,这可能是导致问题的原因。',
'Adminer does not support accessing a database without a password, <a href="https://www.adminer.org/en/password/"%s>more information</a>.' => 'Adminer默认不支持访问没有密码的数据库<a href="https://www.adminer.org/en/password/"%s>详情见这里</a>.',
'Database does not support password.' => '数据库不支持密码。',

107
adminer/select.inc.php
View file

@ -4,8 +4,12 @@ $table_status = table_status1($TABLE);
$indexes = indexes($TABLE);
$fields = fields($TABLE);
$foreign_keys = column_foreign_keys($TABLE);
$oid = $table_status["Oid"];
parse_str($_COOKIE["adminer_import"], $adminer_import);
$oid = (isset($table_status["Oid"]) ? $table_status["Oid"] : null);
if (isset($_COOKIE["adminer_import"])) {
parse_str($_COOKIE["adminer_import"], $adminer_import);
} else {
$adminer_import = [];
}
$rights = array(); // privilege => 0
$columns = array(); // selectable columns
@ -22,12 +26,12 @@ foreach ($fields as $key => $field) {
}
list($select, $group) = $adminer->selectColumnsProcess($columns, $indexes);
$is_group = count($group) < count($select) || strstr($select[0], "DISTINCT");
$is_group = count($group) < count($select) || (isset($select[0]) && strstr($select[0], "DISTINCT"));
$where = $adminer->selectSearchProcess($fields, $indexes);
$order = $adminer->selectOrderProcess($fields, $indexes);
$limit = $adminer->selectLimitProcess();
if ($_GET["val"] && is_ajax()) {
if (isset($_GET["val"]) && $_GET["val"] && is_ajax()) {
header("Content-Type: text/plain; charset=utf-8");
foreach ($_GET["val"] as $unique_idf => $row) {
$as = convert_field($fields[key($row)]);
@ -61,7 +65,7 @@ if ($oid && !$primary) {
if ($_POST && !$error) {
$where_check = $where;
if (!$_POST["all"] && is_array($_POST["check"])) {
if ((isset($_POST["all"]) === false || !$_POST["all"]) && (isset($_POST["check"]) && is_array($_POST["check"]))) {
$checks = array();
foreach ($_POST["check"] as $check) {
$checks[] = where_check($check, $fields);
@ -69,7 +73,7 @@ if ($_POST && !$error) {
$where_check[] = "((" . implode(") OR (", $checks) . "))";
}
$where_check = ($where_check ? "\nWHERE " . implode(" AND ", $where_check) : "");
if ($_POST["export"]) {
if (isset($_POST["export"]) && $_POST["export"]) {
cookie("adminer_import", "output=" . urlencode($_POST["output"]) . "&format=" . urlencode($_POST["format"]));
dump_headers($TABLE);
$adminer->dumpTable($TABLE, "");
@ -92,11 +96,11 @@ if ($_POST && !$error) {
}
if (!$adminer->selectEmailProcess($where, $foreign_keys)) {
if ($_POST["save"] || $_POST["delete"]) { // edit
if ((isset($_POST["save"]) && $_POST["save"]) || (isset($_POST["delete"]) && $_POST["delete"])) { // edit
$result = true;
$affected = 0;
$set = array();
if (!$_POST["delete"]) {
if (isset($_POST["delete"]) === false || !$_POST["delete"]) {
foreach ($columns as $name => $val) { //! should check also for edit or insert privileges
$val = process_input($fields[$name]);
if ($val !== null && ($_POST["clone"] || $val !== false)) {
@ -104,11 +108,11 @@ if ($_POST && !$error) {
}
}
}
if ($_POST["delete"] || $set) {
if ($_POST["clone"]) {
if ((isset($_POST["delete"]) && $_POST["delete"]) || $set) {
if (isset($_POST["clone"]) && $_POST["clone"]) {
$query = "INTO " . table($TABLE) . " (" . implode(", ", array_keys($set)) . ")\nSELECT " . implode(", ", $set) . "\nFROM " . table($TABLE);
}
if ($_POST["all"] || ($primary && is_array($_POST["check"])) || $is_group) {
if ((isset($_POST["all"]) && $_POST["all"]) || ($primary && isset($_POST["check"]) && is_array($_POST["check"])) || $is_group) {
$result = ($_POST["delete"]
? $driver->delete($TABLE, $where_check)
: ($_POST["clone"]
@ -121,7 +125,7 @@ if ($_POST && !$error) {
foreach ((array) $_POST["check"] as $val) {
// where is not unique so OR can't be used
$where2 = "\nWHERE " . ($where ? implode(" AND ", $where) . " AND " : "") . where_check($val, $fields);
$result = ($_POST["delete"]
$result = (isset($_POST["delete"]) && $_POST["delete"]
? $driver->delete($TABLE, $where2, 1)
: ($_POST["clone"]
? queries("INSERT" . limit1($TABLE, $query, $where2))
@ -136,13 +140,13 @@ if ($_POST && !$error) {
}
}
$message = lang('%d item(s) have been affected.', $affected);
if ($_POST["clone"] && $result && $affected == 1) {
if (isset($_POST["clone"]) && $_POST["clone"] && $result && $affected == 1) {
$last_id = last_id();
if ($last_id) {
$message = lang('Item%s has been inserted.', " $last_id");
}
}
queries_redirect(remove_from_uri($_POST["all"] && $_POST["delete"] ? "page" : ""), $message, $result);
queries_redirect(remove_from_uri(isset($_POST["all"]) && $_POST["all"] && isset($_POST["delete"]) && $_POST["delete"] ? "page" : ""), $message, $result);
if (!$_POST["delete"]) {
edit_form($TABLE, $fields, (array) $_POST["fields"], !$_POST["clone"]);
page_footer();
@ -225,11 +229,13 @@ if (is_ajax()) {
$set = null;
if (isset($rights["insert"]) || !support("table")) {
$set = "";
foreach ((array) $_GET["where"] as $val) {
if ($foreign_keys[$val["col"]] && count($foreign_keys[$val["col"]]) == 1 && ($val["op"] == "="
|| (!$val["op"] && !preg_match('~[_%]~', $val["val"])) // LIKE in Editor
)) {
$set .= "&set" . urlencode("[" . bracket_escape($val["col"]) . "]") . "=" . urlencode($val["val"]);
if (isset($_GET["where"])) {
foreach ((array) $_GET["where"] as $val) {
if ($foreign_keys[$val["col"]] && count($foreign_keys[$val["col"]]) == 1 && ($val["op"] == "="
|| (!$val["op"] && !preg_match('~[_%]~', $val["val"])) // LIKE in Editor
)) {
$set .= "&set" . urlencode("[" . bracket_escape($val["col"]) . "]") . "=" . urlencode($val["val"]);
}
}
}
}
@ -253,7 +259,7 @@ if (!$columns && support("table")) {
$adminer->selectActionPrint($indexes);
echo "</form>\n";
$page = $_GET["page"];
$page = (isset($_GET["page"]) ? $_GET["page"] : null);
if ($page == "last") {
$found_rows = $connection->result(count_rows($TABLE, $where, $is_group, $group));
$page = floor(max(0, $found_rows - 1) / $limit);
@ -301,7 +307,7 @@ if (!$columns && support("table")) {
}
// use count($rows) without LIMIT, COUNT(*) without grouping, FOUND_ROWS otherwise (slowest)
if ($_GET["page"] != "last" && $limit != "" && $group && $is_group && $jush == "sql") {
if (isset($_GET["page"]) && $_GET["page"] != "last" && $limit != "" && $group && $is_group && $jush == "sql") {
$found_rows = $connection->result(" SELECT FOUND_ROWS()"); // space to allow mysql.trace_mode
}
@ -316,7 +322,7 @@ if (!$columns && support("table")) {
echo "<thead><tr>" . (!$group && $select
? ""
: "<td><input type='checkbox' id='all-page' class='jsonly'>" . script("qs('#all-page').onclick = partial(formCheck, /check/);", "")
. " <a href='" . h($_GET["modify"] ? remove_from_uri("modify") : $_SERVER["REQUEST_URI"] . "&modify=1") . "' title='" . lang('Modify') . "' class='edit-all'>" . lang('Modify') . "</a>");
. " <a href='" . h(isset($_GET["modify"]) && $_GET["modify"] ? remove_from_uri("modify") : $_SERVER["REQUEST_URI"] . "&modify=1") . "' title='" . lang('Modify') . "' class='edit-all'>" . lang('Modify') . "</a>");
$names = array();
$functions = array();
reset($select);
@ -333,7 +339,7 @@ if (!$columns && support("table")) {
$href = remove_from_uri('(order|desc)[^=]*|page') . '&order%5B0%5D=' . urlencode($key);
$desc = "&desc%5B0%5D=1";
echo "<th id='th[" . h(bracket_escape($key)) . "]'>" . script("mixin(qsl('th'), {onmouseover: partial(columnMouse), onmouseout: partial(columnMouse, ' hidden')});", "");
echo '<a href="' . h($href . ($order[0] == $column || $order[0] == $key || (!$order && $is_group && $group[0] == $column) ? $desc : '')) . '">'; // $order[0] == $key - COUNT(*)
echo '<a href="' . h($href . ((isset($order[0]) && $order[0] == $column) || (isset($order[0]) && $order[0] == $key) || (!$order && $is_group && $group[0] == $column) ? $desc : '')) . '">'; // $order[0] == $key - COUNT(*)
echo apply_sql_function($val["fun"] ?? null, $name) . "</a>"; //! columns looking like functions
echo "<span class='column hidden'>";
echo "<a href='" . h($href . $desc) . "' title='" . lang('descending') . "' class='text'> ↓</a>";
@ -349,7 +355,7 @@ if (!$columns && support("table")) {
}
$lengths = array();
if ($_GET["modify"]) {
if (isset($_GET["modify"]) && $_GET["modify"]) {
foreach ($rows as $row) {
foreach ($row as $key => $val) {
$lengths[$key] = max($lengths[$key], min(40, strlen(utf8_decode($val))));
@ -386,7 +392,7 @@ if (!$columns && support("table")) {
$unique_idf .= "&" . ($val !== null ? urlencode("where[" . bracket_escape($key) . "]") . "=" . urlencode($val === false ? "f" : $val) : "null%5B%5D=" . urlencode($key));
}
echo "<tr" . odd() . ">" . (!$group && $select ? "" : "<td>"
. checkbox("check[]", substr($unique_idf, 1), in_array(substr($unique_idf, 1), (array) $_POST["check"]))
. checkbox("check[]", substr($unique_idf, 1), in_array(substr($unique_idf, 1), (array) (isset($_POST["check"]) ? $_POST["check"] : null)))
. ($is_group || information_schema(DB) ? "" : " <a href='" . h(ME . "edit=" . urlencode($TABLE) . $unique_idf) . "' class='edit' title='" . lang('edit') . "'>" . lang('edit') . "</a>")
);
@ -403,18 +409,20 @@ if (!$columns && support("table")) {
$link = ME . 'download=' . urlencode($TABLE) . '&field=' . urlencode($key) . $unique_idf;
}
if (!$link && $val !== null) { // link related items
foreach ((array) $foreign_keys[$key] as $foreign_key) {
if (count($foreign_keys[$key]) == 1 || end($foreign_key["source"]) == $key) {
$link = "";
foreach ($foreign_key["source"] as $i => $source) {
$link .= where_link($i, $foreign_key["target"][$i], $rows[$n][$source]);
}
$link = ($foreign_key["db"] != "" ? preg_replace('~([?&]db=)[^&]+~', '\1' . urlencode($foreign_key["db"]), ME) : ME) . 'select=' . urlencode($foreign_key["table"]) . $link; // InnoDB supports non-UNIQUE keys
if ($foreign_key["ns"]) {
$link = preg_replace('~([?&]ns=)[^&]+~', '\1' . urlencode($foreign_key["ns"]), $link);
}
if (count($foreign_key["source"]) == 1) {
break;
if (isset($foreign_keys[$key])) {
foreach ((array) $foreign_keys[$key] as $foreign_key) {
if (count($foreign_keys[$key]) == 1 || end($foreign_key["source"]) == $key) {
$link = "";
foreach ($foreign_key["source"] as $i => $source) {
$link .= where_link($i, $foreign_key["target"][$i], $rows[$n][$source]);
}
$link = ($foreign_key["db"] != "" ? preg_replace('~([?&]db=)[^&]+~', '\1' . urlencode($foreign_key["db"]), ME) : ME) . 'select=' . urlencode($foreign_key["table"]) . $link; // InnoDB supports non-UNIQUE keys
if ($foreign_key["ns"]) {
$link = preg_replace('~([?&]ns=)[^&]+~', '\1' . urlencode($foreign_key["ns"]), $link);
}
if (count($foreign_key["source"]) == 1) {
break;
}
}
}
}
@ -441,7 +449,7 @@ if (!$columns && support("table")) {
$editable = !is_array($row[$key]) && is_utf8($val) && $rows[$n][$key] == $row[$key] && !$functions[$key];
$text = preg_match('~text|lob~', $field["type"] ?? null);
echo "<td id='$id'";
if (($_GET["modify"] && $editable) || $value !== null) {
if ((isset($_GET["modify"]) && $_GET["modify"] && $editable) || $value !== null) {
$h_value = h($value !== null ? $value : $row[$key]);
echo ">" . ($text ? "<textarea name='$id' cols='30' rows='" . (substr_count($row[$key], "\n") + 1) . "'>$h_value</textarea>" : "<input name='$id' value='$h_value' size='$lengths[$key]'>");
} else {
@ -471,7 +479,8 @@ if (!$columns && support("table")) {
if (!is_ajax()) {
if ($rows || $page) {
$exact_count = true;
if ($_GET["page"] != "last") {
$found_rows = null;
if (isset($_GET["page"]) && $_GET["page"] != "last") {
if ($limit == "" || (count($rows) < $limit && ($rows || !$page))) {
$found_rows = ($page ? $page * $limit : 0) + count($rows);
} elseif ($jush != "sql" || !$is_group) {
@ -536,8 +545,8 @@ if (!$columns && support("table")) {
if ($adminer->selectCommandPrint()) {
?>
<fieldset<?php echo ($_GET["modify"] ? '' : ' class="jsonly"'); ?>><legend><?php echo lang('Modify'); ?></legend><div>
<input type="submit" value="<?php echo lang('Save'); ?>"<?php echo ($_GET["modify"] ? '' : ' title="' . lang('Ctrl+click on a value to modify it.') . '"'); ?>>
<fieldset<?php echo (isset($_GET["modify"]) && $_GET["modify"] ? '' : ' class="jsonly"'); ?>><legend><?php echo lang('Modify'); ?></legend><div>
<input type="submit" value="<?php echo lang('Save'); ?>"<?php echo (isset($_GET["modify"]) && $_GET["modify"] ? '' : ' title="' . lang('Ctrl+click on a value to modify it.') . '"'); ?>>
</div></fieldset>
<fieldset><legend><?php echo lang('Selected'); ?> <span id="selected"></span></legend><div>
<input type="submit" name="edit" value="<?php echo lang('Edit'); ?>">
@ -548,17 +557,19 @@ if (!$columns && support("table")) {
}
$format = $adminer->dumpFormat();
foreach ((array) $_GET["columns"] as $column) {
if ($column["fun"]) {
unset($format['sql']);
break;
if (isset($_GET["columns"])) {
foreach ((array) $_GET["columns"] as $column) {
if ($column["fun"]) {
unset($format['sql']);
break;
}
}
}
if ($format) {
print_fieldset("export", lang('Export') . " <span id='selected2'></span>");
$output = $adminer->dumpOutput();
echo ($output ? html_select("output", $output, $adminer_import["output"]) . " " : "");
echo html_select("format", $format, $adminer_import["format"]);
echo ($output ? html_select("output", $output, (isset($adminer_import["output"]) ? $adminer_import["output"] : null)) . " " : "");
echo html_select("format", $format, (isset($adminer_import["format"]) ? $adminer_import["format"] : null));
echo " <input type='submit' name='export' value='" . lang('Export') . "'>\n";
echo "</div></fieldset>\n";
}
@ -574,7 +585,7 @@ if (!$columns && support("table")) {
echo script("qsl('a').onclick = partial(toggle, 'import');", "");
echo "<span id='import' class='hidden'>: ";
echo "<input type='file' name='csv_file'> ";
echo html_select("separator", array("csv" => "CSV,", "csv;" => "CSV;", "tsv" => "TSV"), $adminer_import["format"], 1); // 1 - select
echo html_select("separator", array("csv" => "CSV,", "csv;" => "CSV;", "tsv" => "TSV"), (isset($adminer_import["format"]) ? $adminer_import["format"] : null), 1); // 1 - select
echo " <input type='submit' name='import' value='" . lang('Import') . "'>";
echo "</span>";
echo "</div>";

14
adminer/sql.inc.php
View file

@ -1,5 +1,5 @@
<?php
if (!$error && $_POST["export"]) {
if (!$error && isset($_POST["export"]) && $_POST["export"]) {
dump_headers("sql");
$adminer->dumpTable("", "");
$adminer->dumpData("", "table", $_POST["query"]);
@ -9,7 +9,7 @@ if (!$error && $_POST["export"]) {
restart_session();
$history_all = &get_session("queries");
$history = &$history_all[DB];
if (!$error && $_POST["clear"]) {
if (!$error && isset($_POST["clear"]) && $_POST["clear"]) {
$history = array();
redirect(remove_from_uri("history"));
}
@ -216,16 +216,16 @@ if (!isset($_GET["import"])) {
$q = $_GET["sql"]; // overwrite $q from if ($_POST) to save memory
if ($_POST) {
$q = $_POST["query"];
} elseif ($_GET["history"] == "all") {
} elseif (isset($_GET["history"]) && $_GET["history"] == "all") {
$q = $history;
} elseif ($_GET["history"] != "") {
} elseif (isset($_GET["history"]) && $_GET["history"] != "") {
$q = $history[$_GET["history"]][0];
}
echo "<p>";
textarea("query", $q, 20);
echo script(($_POST ? "" : "qs('textarea').focus();\n") . "qs('#form').onsubmit = partial(sqlSubmit, qs('#form'), '" . js_escape(remove_from_uri("sql|limit|error_stops|only_errors|history")) . "');");
echo "<p>$execute\n";
echo lang('Limit rows') . ": <input type='number' name='limit' class='size' value='" . h($_POST ? $_POST["limit"] : $_GET["limit"]) . "'>\n";
echo lang('Limit rows') . ": <input type='number' name='limit' class='size' value='" . h(isset($_POST["limit"]) ? $_POST["limit"] : (isset($_GET["limit"]) ? $_GET["limit"] : null)) . "'>\n";
} else {
echo "<fieldset><legend>" . lang('File upload') . "</legend><div>";
@ -245,8 +245,8 @@ if (!isset($_GET["import"])) {
echo "<p>";
}
echo checkbox("error_stops", 1, ($_POST ? $_POST["error_stops"] : isset($_GET["import"]) || $_GET["error_stops"]), lang('Stop on error')) . "\n";
echo checkbox("only_errors", 1, ($_POST ? $_POST["only_errors"] : isset($_GET["import"]) || $_GET["only_errors"]), lang('Show only errors')) . "\n";
echo checkbox("error_stops", 1, (isset($_POST["error_stops"]) ? $_POST["error_stops"] : isset($_GET["import"]) || (isset($_GET["error_stops"]) && $_GET["error_stops"])), lang('Stop on error')) . "\n";
echo checkbox("only_errors", 1, (isset($_POST["only_errors"]) ? $_POST["only_errors"] : isset($_GET["import"]) || (isset($_GET["only_errors"]) && $_GET["only_errors"])), lang('Show only errors')) . "\n";
echo "<input type='hidden' name='token' value='$token'>\n";
if (!isset($_GET["import"]) && $history) {

BIN
adminer/static/favicon.ico
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 17 KiB

After

Width:  |  Height:  |  Size: 9.4 KiB

14
adminer/trigger.inc.php
View file

@ -1,6 +1,6 @@
<?php
$TABLE = $_GET["trigger"];
$name = $_GET["name"];
$TABLE = isset($_GET["trigger"]) ? $_GET["trigger"] : null;
$name = isset($_GET["name"]) ? $_GET["name"] : null;
$trigger_options = trigger_options();
$row = (array) trigger($name, $TABLE) + array("Trigger" => $TABLE . "_bi");
@ -10,7 +10,7 @@ if ($_POST) {
$on = " ON " . table($TABLE);
$drop = "DROP TRIGGER " . idf_escape($name) . ($jush == "pgsql" ? $on : "");
$location = ME . "table=" . urlencode($TABLE);
if ($_POST["drop"]) {
if (isset($_POST["drop"]) && $_POST["drop"]) {
query_redirect($drop, $location, lang('Trigger has been dropped.'));
} else {
if ($name != "") {
@ -34,10 +34,10 @@ page_header(($name != "" ? lang('Alter trigger') . ": " . h($name) : lang('Creat
<form action="" method="post" id="form">
<table cellspacing="0" class="layout">
<tr><th><?php echo lang('Time'); ?><td><?php echo html_select("Timing", $trigger_options["Timing"], $row["Timing"], "triggerChange(/^" . preg_quote($TABLE, "/") . "_[ba][iud]$/, '" . js_escape($TABLE) . "', this.form);"); ?>
<tr><th><?php echo lang('Event'); ?><td><?php echo html_select("Event", $trigger_options["Event"], $row["Event"], "this.form['Timing'].onchange();"); ?>
<?php echo (in_array("UPDATE OF", $trigger_options["Event"]) ? " <input name='Of' value='" . h($row["Of"]) . "' class='hidden'>": ""); ?>
<tr><th><?php echo lang('Type'); ?><td><?php echo html_select("Type", $trigger_options["Type"], $row["Type"]); ?>
<tr><th><?php echo lang('Time'); ?><td><?php echo html_select("Timing", isset($trigger_options["Timing"]) ? $trigger_options["Timing"] : null, isset($row["Timing"]) ? $row["Timing"] : null, "triggerChange(/^" . preg_quote($TABLE, "/") . "_[ba][iud]$/, '" . js_escape($TABLE) . "', this.form);"); ?>
<tr><th><?php echo lang('Event'); ?><td><?php echo html_select("Event", isset($trigger_options["Event"]) ? $trigger_options["Event"] : null, isset($row["Event"]) ? $row["Event"] : null, "this.form['Timing'].onchange();"); ?>
<?php echo (in_array("UPDATE OF", $trigger_options["Event"]) ? " <input name='Of' value='" . h(isset($row["Of"]) ? $row["Of"] : null) . "' class='hidden'>": ""); ?>
<tr><th><?php echo lang('Type'); ?><td><?php echo html_select("Type", isset($trigger_options["Type"]) ? $trigger_options["Type"] : null, isset($row["Type"]) ? $row["Type"] : null); ?>
</table>
<p><?php echo lang('Name'); ?>: <input name="Trigger" value="<?php echo h($row["Trigger"]); ?>" data-maxlength="64" autocapitalize="off">
<?php echo script("qs('#form')['Timing'].onchange();"); ?>

77
compile.php
View file

@ -1,13 +1,13 @@
#!/usr/bin/env php
<?php
function adminer_errors($errno, $errstr) {
return !!preg_match('~^(Trying to access array offset on value of type null|Undefined array key)~', $errstr);
function adminer_errors($errNo, $errStr, $errFile, $errLine) {
file_put_contents("php://stderr", sprintf("%d - %s - %s:%d\n", $errNo, $errStr, $errFile, $errLine));
}
error_reporting(6135); // errors and warnings
set_error_handler('adminer_errors', E_WARNING);
include dirname(__FILE__) . "/adminer/include/version.inc.php";
include dirname(__FILE__) . "/externals/JsShrink/jsShrink.php";
include dirname(__FILE__) . "/vendor/vrana/jsshrink/jsShrink.php";
function add_apo_slashes($s) {
return addcslashes($s, "\\'");
@ -37,7 +37,7 @@ function lang_ids($match) {
if ($lang_id === null) {
$lang_id = count($lang_ids) - 1;
}
return ($_SESSION["lang"] ? $match[0] : "lang($lang_id$match[2]");
return (isset($_SESSION["lang"]) && $_SESSION["lang"] ? $match[0] : "lang($lang_id$match[2]");
}
function put_file($match) {
@ -64,7 +64,7 @@ header("Cache-Control: immutable");
if ($driver && dirname($match[2]) == "../adminer/drivers") {
$return = preg_replace('~^if \(isset\(\$_GET\["' . $driver . '"]\)\) \{(.*)^}~ms', '\1', $return);
}
if (basename($match[2]) != "lang.inc.php" || !$_SESSION["lang"]) {
if (basename($match[2]) != "lang.inc.php" || isset($_SESSION["lang"]) === false || !$_SESSION["lang"]) {
$return = str_replace('<?php echo $GLOBALS[\'project\']; ?>', $project, $return);
if (basename($match[2]) == "lang.inc.php") {
$return = str_replace('function lang($idf, $number = null) {', 'function lang($idf, $number = null) {
@ -109,13 +109,15 @@ function lzw_compress($string) {
$word = "";
$codes = array();
for ($i=0; $i <= strlen($string); $i++) {
$x = @$string[$i];
if (strlen($x) && isset($dictionary[$word . $x])) {
$word .= $x;
} elseif ($i) {
$codes[] = $dictionary[$word];
$dictionary[$word . $x] = count($dictionary);
$word = $x;
if (isset($string[$i])) {
$x = $string[$i];
if (strlen($x) && isset($dictionary[$word . $x])) {
$word .= $x;
} elseif ($i) {
$codes[] = $dictionary[$word];
$dictionary[$word . $x] = count($dictionary);
$word = $x;
}
}
}
// convert codes to binary string
@ -142,7 +144,7 @@ function lzw_compress($string) {
function put_file_lang($match) {
global $lang_ids, $project, $langs;
if ($_SESSION["lang"]) {
if (isset($_SESSION["lang"]) && $_SESSION["lang"]) {
return "";
}
$return = "";
@ -151,7 +153,9 @@ function put_file_lang($match) {
$translation_ids = array_flip($lang_ids); // default translation
foreach ($translations as $key => $val) {
if ($val !== null) {
$translation_ids[$lang_ids[$key]] = implode("\t", (array) $val);
if (isset($lang_ids[$key])) {
$translation_ids[$lang_ids[$key]] = implode("\t", (array) $val);
}
}
}
$return .= '
@ -227,7 +231,11 @@ function php_shrink($input) {
foreach ($tokens as $i => $token) {
if ($token[0] === T_VARIABLE && !isset($special_variables[$token[1]])) {
$short_variables[$token[1]]++;
if (isset($short_variables[$token[1]]) === false) {
$short_variables[$token[1]] = 1;
} else {
$short_variables[$token[1]]++;
}
}
}
@ -251,7 +259,7 @@ function php_shrink($input) {
if (!is_array($token)) {
$token = array(0, $token);
}
if ($tokens[$i+2][0] === T_CLOSE_TAG && $tokens[$i+3][0] === T_INLINE_HTML && $tokens[$i+4][0] === T_OPEN_TAG
if (isset($tokens[$i+2][0]) && $tokens[$i+2][0] === T_CLOSE_TAG && isset($tokens[$i+3][0]) && $tokens[$i+3][0] === T_INLINE_HTML && isset($tokens[$i+4][0]) && $tokens[$i+4][0] === T_OPEN_TAG
&& strlen(add_apo_slashes($tokens[$i+3][1])) < strlen($tokens[$i+3][1]) + 3
) {
$tokens[$i+2] = array(T_ECHO, 'echo');
@ -312,7 +320,14 @@ function minify_js($file) {
function compile_file($match) {
global $project;
$file = "";
list(, $filenames, $callback) = $match;
$filenames = null;
if (isset($match[1])) {
$filenames = $match[1];
}
$callback = null;
if (isset($match[2])) {
$callback = $match[2];
}
if ($filenames != "") {
foreach (explode(";", $filenames) as $filename) {
$file .= file_get_contents(dirname(__FILE__) . "/$project/$filename");
@ -347,26 +362,28 @@ function ini_bool($ini) {
$project = "adminer";
if ($_SERVER["argv"][1] == "editor") {
if (isset($_SERVER["argv"][1]) && $_SERVER["argv"][1] == "editor") {
$project = "editor";
array_shift($_SERVER["argv"]);
}
$driver = "";
if (file_exists(dirname(__FILE__) . "/adminer/drivers/" . $_SERVER["argv"][1] . ".inc.php")) {
if (isset($_SERVER["argv"][1]) && file_exists(dirname(__FILE__) . "/adminer/drivers/" . $_SERVER["argv"][1] . ".inc.php")) {
$driver = $_SERVER["argv"][1];
array_shift($_SERVER["argv"]);
}
unset($_COOKIE["adminer_lang"]);
$_SESSION["lang"] = $_SERVER["argv"][1]; // Adminer functions read language from session
if (isset($_SERVER["argv"][1])) {
$_SESSION["lang"] = $_SERVER["argv"][1]; // Adminer functions read language from session
}
include dirname(__FILE__) . "/adminer/include/lang.inc.php";
if (isset($langs[$_SESSION["lang"]])) {
if (isset($_SESSION["lang"]) && isset($langs[$_SESSION["lang"]])) {
include dirname(__FILE__) . "/adminer/lang/$_SESSION[lang].inc.php";
array_shift($_SERVER["argv"]);
}
if ($_SERVER["argv"][1]) {
if (isset($_SERVER["argv"][1]) && $_SERVER["argv"][1]) {
echo "Usage: php compile.php [editor] [driver] [lang]\n";
echo "Purpose: Compile adminer[-driver][-lang].php or editor[-driver][-lang].php.\n";
exit(1);
@ -426,7 +443,7 @@ if ($driver) {
if (count($drivers) == 1) {
$file = str_replace('<?php echo html_select("auth[driver]", $drivers, DRIVER) . "\n"; ?>', "<input type='hidden' name='auth[driver]' value='" . ($driver == "mysql" ? "server" : $driver) . "'>" . reset($drivers), $file);
}
$file = preg_replace('(;../externals/jush/modules/jush-(?!textarea\.|txt\.|js\.|' . preg_quote($driver == "mysql" ? "sql" : $driver) . '\.)[^.]+.js)', '', $file);
$file = preg_replace('(;../vendor/vrana/jush/modules/jush-(?!textarea\.|txt\.|js\.|' . preg_quote($driver == "mysql" ? "sql" : $driver) . '\.)[^.]+.js)', '', $file);
$file = preg_replace_callback('~doc_link\(array\((.*)\)\)~sU', function ($match) use ($driver) {
list(, $links) = $match;
$links = preg_replace("~'(?!(" . ($driver == "mysql" ? "sql|mariadb" : $driver) . ")')[^']*' => [^,]*,?~", '', $links);
@ -435,30 +452,30 @@ if ($driver) {
//! strip doc_link() definition
}
if ($project == "editor") {
$file = preg_replace('~;.\.\/externals/jush/jush\.css~', '', $file);
$file = preg_replace('~compile_file\(\'\.\./(externals/jush/modules/jush\.js|adminer/static/[^.]+\.gif)[^)]+\)~', "''", $file);
$file = preg_replace('~;.\.\/vendor/vrana/jush/jush\.css~', '', $file);
$file = preg_replace('~compile_file\(\'\.\./(vendor/vrana/jush/modules/jush\.js|adminer/static/[^.]+\.gif)[^)]+\)~', "''", $file);
}
$file = preg_replace_callback("~lang\\('((?:[^\\\\']+|\\\\.)*)'([,)])~s", 'lang_ids', $file);
$file = preg_replace_callback('~\b(include|require) "([^"]*\$LANG.inc.php)";~', 'put_file_lang', $file);
$file = str_replace("\r", "", $file);
if ($_SESSION["lang"]) {
if (isset($_SESSION["lang"]) && $_SESSION["lang"]) {
// single language version
$file = preg_replace_callback("~(<\\?php\\s*echo )?lang\\('((?:[^\\\\']+|\\\\.)*)'([,)])(;\\s*\\?>)?~s", 'remove_lang', $file);
$file = str_replace("<?php switch_lang(); ?>\n", "", $file);
$file = str_replace('<?php echo $LANG; ?>', $_SESSION["lang"], $file);
}
$file = str_replace('<?php echo script_src("static/editing.js"); ?>' . "\n", "", $file);
$file = preg_replace('~\s+echo script_src\("\.\./externals/jush/modules/jush-(textarea|txt|js|\$jush)\.js"\);~', '', $file);
$file = str_replace('<link rel="stylesheet" type="text/css" href="../externals/jush/jush.css">' . "\n", "", $file);
$file = preg_replace('~\s+echo script_src\("\.\./vendor/vrana/jush/modules/jush-(textarea|txt|js|\$jush)\.js"\);~', '', $file);
$file = str_replace('<link rel="stylesheet" type="text/css" href="../vendor/vrana/jush/jush.css">' . "\n", "", $file);
$file = preg_replace_callback("~compile_file\\('([^']+)'(?:, '([^']*)')?\\)~", 'compile_file', $file); // integrate static files
$replace = 'preg_replace("~\\\\\\\\?.*~", "", ME) . "?file=\1&version=' . $VERSION . '"';
$file = preg_replace('~\.\./adminer/static/(default\.css|favicon\.ico)~', '<?php echo h(' . $replace . '); ?>', $file);
$file = preg_replace('~"\.\./adminer/static/(functions\.js)"~', $replace, $file);
$file = preg_replace('~\.\./adminer/static/([^\'"]*)~', '" . h(' . $replace . ') . "', $file);
$file = preg_replace('~"\.\./externals/jush/modules/(jush\.js)"~', $replace, $file);
$file = preg_replace('~"\.\./vendor/vrana/jush/modules/(jush\.js)"~', $replace, $file);
$file = preg_replace("~<\\?php\\s*\\?>\n?|\\?>\n?<\\?php~", '', $file);
$file = php_shrink($file);
$filename = $project . (preg_match('~-dev$~', $VERSION) ? "" : "-$VERSION") . ($driver ? "-$driver" : "") . ($_SESSION["lang"] ? "-$_SESSION[lang]" : "") . ".php";
$filename = $project . (preg_match('~-dev$~', $VERSION) ? "" : "-$VERSION") . ($driver ? "-$driver" : "") . (isset($_SESSION["lang"]) && $_SESSION["lang"] ? "-$_SESSION[lang]" : "") . ".php";
file_put_contents($filename, $file);
echo "$filename created (" . strlen($file) . " B).\n";

23
composer.json
View file

@ -1,14 +1,13 @@
{
"name": "vrana/adminer",
"name": "adminerevo/adminerevo",
"description": "Database management in a single PHP file.",
"homepage": "https://www.adminer.org/",
"homepage": "https://www.adminerevo.org/",
"keywords": [
"database"
],
"support": {
"issues": "https://sourceforge.net/p/adminer/bugs-and-features/",
"forum": "https://sourceforge.net/p/adminer/discussion/",
"source": "https://github.com/vrana/adminer/"
"issues": "https://github.com/adminerevo/adminerevo/issues/",
"source": "https://github.com/adminerevo/adminerevo/"
},
"authors": [
{
@ -27,5 +26,19 @@
],
"scripts": {
"compile": "php compile.php"
},
"repositories": [
{
"type": "vcs",
"url": "https://github.com/vrana/jush.git"
},
{
"type": "vcs",
"url": "https://github.com/vrana/jsshrink.git"
}
],
"require": {
"vrana/jush": "dev-master#ae33623c66189375a3654954cddc1c73f65c36fa",
"vrana/jsshrink": "dev-master#96a466fa4cef74ba8362f4bc4b1bb17b2c9ecbcc"
}
}

105
composer.lock generated Normal file
View file

@ -0,0 +1,105 @@
{
"_readme": [
"This file locks the dependencies of your project to a known state",
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "07c328449153caaf58dca2fa394054e3",
"packages": [
{
"name": "vrana/jsshrink",
"version": "dev-master",
"source": {
"type": "git",
"url": "https://github.com/vrana/JsShrink.git",
"reference": "96a466fa4cef74ba8362f4bc4b1bb17b2c9ecbcc"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/vrana/JsShrink/zipball/96a466fa4cef74ba8362f4bc4b1bb17b2c9ecbcc",
"reference": "96a466fa4cef74ba8362f4bc4b1bb17b2c9ecbcc",
"shasum": ""
},
"default-branch": true,
"type": "library",
"extra": {
"component": {
"scripts": [
"jsShrink.js"
]
}
},
"autoload": {
"files": [
"jsShrink.js"
]
},
"license": [
"Apache-2.0",
"GPL-2.0"
],
"authors": [
{
"name": "Jakub Vrána",
"homepage": "http://www.vrana.cz"
}
],
"description": "Remove spaces and comments from JavaScript code (available in PHP and JavaScript).",
"homepage": "https://github.com/vrana/JsShrink",
"support": {
"source": "https://github.com/vrana/JsShrink/tree/master",
"issues": "https://github.com/vrana/JsShrink/issues"
},
"time": "2014-10-25T23:40:07+00:00"
},
{
"name": "vrana/jush",
"version": "dev-master",
"source": {
"type": "git",
"url": "https://github.com/vrana/jush.git",
"reference": "ae33623c66189375a3654954cddc1c73f65c36fa"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/vrana/jush/zipball/ae33623c66189375a3654954cddc1c73f65c36fa",
"reference": "ae33623c66189375a3654954cddc1c73f65c36fa",
"shasum": ""
},
"default-branch": true,
"type": "library",
"license": [
"Apache-2.0",
"GPL-2.0-only"
],
"authors": [
{
"name": "Jakub Vrána",
"homepage": "https://www.vrana.cz/"
}
],
"description": "JUSH - JavaScript Syntax Highlighter",
"homepage": "http://jush.sourceforge.net/",
"keywords": [
"javascript",
"syntax highlighter"
],
"support": {
"source": "https://github.com/vrana/jush/"
},
"time": "2021-02-06T15:06:41+00:00"
}
],
"packages-dev": [],
"aliases": [],
"minimum-stability": "stable",
"stability-flags": {
"vrana/jush": 20,
"vrana/jsshrink": 20
},
"prefer-stable": false,
"prefer-lowest": false,
"platform": [],
"platform-dev": [],
"plugin-api-version": "2.6.0"
}

BIN
docs/assets/favicon.png
View file

Binary file not shown.
Side by side Swipe Overlay

Before

Width:  |  Height:  |  Size: 2.4 KiB

After

Width:  |  Height:  |  Size: 2.8 KiB

6
editor/db.inc.php
View file

@ -3,8 +3,8 @@ page_header(lang('Server'), "", false);
if ($adminer->homepage()) {
echo "<form action='' method='post'>\n";
echo "<p>" . lang('Search data in tables') . ": <input type='search' name='query' value='" . h($_POST["query"]) . "'> <input type='submit' value='" . lang('Search') . "'>\n";
if ($_POST["query"] != "") {
echo "<p>" . lang('Search data in tables') . ": <input type='search' name='query' value='" . h(isset($_POST["query"]) ? $_POST["query"] : null) . "'> <input type='submit' value='" . lang('Search') . "'>\n";
if (isset($_POST["query"]) && $_POST["query"] != "") {
search_tables();
}
echo "<div class='scrollable'>\n";
@ -19,7 +19,7 @@ if ($adminer->homepage()) {
foreach (table_status() as $table => $row) {
$name = $adminer->tableName($row);
if (isset($row["Engine"]) && $name != "") {
echo '<tr' . odd() . '><td>' . checkbox("tables[]", $table, in_array($table, (array) $_POST["tables"], true));
echo '<tr' . odd() . '><td>' . checkbox("tables[]", $table, in_array($table, (array) (isset($_POST["tables"]) ? $_POST["tables"] : []), true));
echo "<th><a href='" . h(ME) . 'select=' . urlencode($table) . "'>$name</a>";
$val = format_number($row["Rows"]);
echo "<td align='right'><a href='" . h(ME . "edit=") . urlencode($table) . "'>" . ($row["Engine"] == "InnoDB" && $val ? "~ $val" : $val) . "</a>";

108
editor/include/adminer.inc.php
View file

@ -72,11 +72,11 @@ class Adminer {
function loginForm() {
echo "<table cellspacing='0' class='layout'>\n";
echo $this->loginFormField('username', '<tr><th>' . lang('Username') . '<td>', '<input type="hidden" name="auth[driver]" value="server"><input name="auth[username]" id="username" value="' . h($_GET["username"]) . '" autocomplete="username" autocapitalize="off">' . script("focus(qs('#username'));"));
echo $this->loginFormField('username', '<tr><th>' . lang('Username') . '<td>', '<input type="hidden" name="auth[driver]" value="server"><input name="auth[username]" id="username" value="' . h((isset($_GET["username"]) ? $_GET["username"] : null)) . '" autocomplete="username" autocapitalize="off">' . script("focus(qs('#username'));"));
echo $this->loginFormField('password', '<tr><th>' . lang('Password') . '<td>', '<input type="password" name="auth[password]" autocomplete="current-password">' . "\n");
echo "</table>\n";
echo "<p><input type='submit' value='" . lang('Login') . "'>\n";
echo checkbox("auth[permanent]", 1, $_COOKIE["adminer_permanent"], lang('Permanent login')) . "\n";
echo checkbox("auth[permanent]", 1, (isset($_COOKIE["adminer_permanent"]) ? $_COOKIE["adminer_permanent"] : null), lang('Permanent login')) . "\n";
}
function loginFormField($name, $heading, $value) {
@ -224,7 +224,7 @@ ORDER BY ORDINAL_POSITION", null, "") as $row) { //! requires MySQL 5
}
function selectSearchPrint($where, $columns, $indexes) {
$where = (array) $_GET["where"];
$where = isset($_GET["where"]) ? (array) $_GET["where"] : [];
echo '<fieldset id="fieldset-search"><legend>' . lang('Search') . "</legend><div>\n";
$keys = array();
foreach ($where as $key => $val) {
@ -293,7 +293,7 @@ ORDER BY ORDINAL_POSITION", null, "") as $row) { //! requires MySQL 5
echo "<select name='index_order'>" . optionlist(array("" => "") + $orders, ($_GET["order"][0] != "" ? "" : $_GET["index_order"]), true) . "</select>";
echo "</div></fieldset>\n";
}
if ($_GET["order"]) {
if (isset($_GET["order"]) && $_GET["order"]) {
echo "<div style='display: none;'>" . hidden_fields(array(
"order" => array(1 => reset($_GET["order"])),
"desc" => ($_GET["desc"] ? array(1 => 1) : array()),
@ -326,13 +326,13 @@ ORDER BY ORDINAL_POSITION", null, "") as $row) { //! requires MySQL 5
function selectEmailPrint($emailFields, $columns) {
if ($emailFields) {
print_fieldset("email", lang('E-mail'), $_POST["email_append"]);
print_fieldset("email", lang('E-mail'), isset($_POST["email_append"]) ? $_POST["email_append"] : null);
echo "<div>";
echo script("qsl('div').onkeydown = partialArg(bodyKeydown, 'email');");
echo "<p>" . lang('From') . ": <input name='email_from' value='" . h($_POST ? $_POST["email_from"] : $_COOKIE["adminer_email"]) . "'>\n";
echo lang('Subject') . ": <input name='email_subject' value='" . h($_POST["email_subject"]) . "'>\n";
echo "<p><textarea name='email_message' rows='15' cols='75'>" . h($_POST["email_message"] . ($_POST["email_append"] ? '{$' . "$_POST[email_addition]}" : "")) . "</textarea>\n";
echo "<p>" . script("qsl('p').onkeydown = partialArg(bodyKeydown, 'email_append');", "") . html_select("email_addition", $columns, $_POST["email_addition"]) . "<input type='submit' name='email_append' value='" . lang('Insert') . "'>\n"; //! JavaScript
echo "<p>" . lang('From') . ": <input name='email_from' value='" . h(isset($_POST["email_from"]) ? $_POST["email_from"] : (isset($_COOKIE["adminer_email"]) ? $_COOKIE["adminer_email"] : null)) . "'>\n";
echo lang('Subject') . ": <input name='email_subject' value='" . h(isset($_POST["email_subject"]) ? $_POST["email_subject"] : null) . "'>\n";
echo "<p><textarea name='email_message' rows='15' cols='75'>" . h(isset($_POST["email_message"]) ? $_POST["email_message"] : null . (isset($_POST["email_append"]) && $_POST["email_append"] ? '{$' . "$_POST[email_addition]}" : "")) . "</textarea>\n";
echo "<p>" . script("qsl('p').onkeydown = partialArg(bodyKeydown, 'email_append');", "") . html_select("email_addition", $columns, isset($_POST["email_addition"]) ? $_POST["email_addition"] : null) . "<input type='submit' name='email_append' value='" . lang('Insert') . "'>\n"; //! JavaScript
echo "<p>" . lang('Attachments') . ": <input type='file' name='email_files[]'>" . script("qsl('input').onchange = emailFileChange;");
echo "<p>" . (count($emailFields) == 1 ? '<input type="hidden" name="email_field" value="' . h(key($emailFields)) . '">' : html_select("email_field", $emailFields));
echo "<input type='submit' name='email' value='" . lang('Send') . "'>" . confirm();
@ -348,43 +348,45 @@ ORDER BY ORDINAL_POSITION", null, "") as $row) { //! requires MySQL 5
function selectSearchProcess($fields, $indexes) {
global $driver;
$return = array();
foreach ((array) $_GET["where"] as $key => $where) {
$col = $where["col"];
$op = $where["op"];
$val = $where["val"];
if (($key < 0 ? "" : $col) . $val != "") {
$conds = array();
foreach (($col != "" ? array($col => $fields[$col]) : $fields) as $name => $field) {
if ($col != "" || is_numeric($val) || !preg_match(number_type(), $field["type"])) {
$name = idf_escape($name);
if ($col != "" && $field["type"] == "enum") {
$conds[] = (in_array(0, $val) ? "$name IS NULL OR " : "") . "$name IN (" . implode(", ", array_map('intval', $val)) . ")";
} else {
$text_type = preg_match('~char|text|enum|set~', $field["type"]);
$value = $this->processInput($field, (!$op && $text_type && preg_match('~^[^%]+$~', $val) ? "%$val%" : $val));
$conds[] = $driver->convertSearch($name, $val, $field) . ($value == "NULL" ? " IS" . ($op == ">=" ? " NOT" : "") . " $value"
: (in_array($op, $this->operators) || $op == "=" ? " $op $value"
: ($text_type ? " LIKE $value"
: " IN (" . str_replace(",", "', '", $value) . ")"
)));
if ($key < 0 && $val == "0") {
$conds[] = "$name IS NULL";
if (isset($_GET["where"])) {
foreach ((array) $_GET["where"] as $key => $where) {
$col = $where["col"];
$op = $where["op"];
$val = $where["val"];
if (($key < 0 ? "" : $col) . $val != "") {
$conds = array();
foreach (($col != "" ? array($col => $fields[$col]) : $fields) as $name => $field) {
if ($col != "" || is_numeric($val) || !preg_match(number_type(), $field["type"])) {
$name = idf_escape($name);
if ($col != "" && $field["type"] == "enum") {
$conds[] = (in_array(0, $val) ? "$name IS NULL OR " : "") . "$name IN (" . implode(", ", array_map('intval', $val)) . ")";
} else {
$text_type = preg_match('~char|text|enum|set~', $field["type"]);
$value = $this->processInput($field, (!$op && $text_type && preg_match('~^[^%]+$~', $val) ? "%$val%" : $val));
$conds[] = $driver->convertSearch($name, $val, $field) . ($value == "NULL" ? " IS" . ($op == ">=" ? " NOT" : "") . " $value"
: (in_array($op, $this->operators) || $op == "=" ? " $op $value"
: ($text_type ? " LIKE $value"
: " IN (" . str_replace(",", "', '", $value) . ")"
)));
if ($key < 0 && $val == "0") {
$conds[] = "$name IS NULL";
}
}
}
}
$return[] = ($conds ? "(" . implode(" OR ", $conds) . ")" : "1 = 0");
}
$return[] = ($conds ? "(" . implode(" OR ", $conds) . ")" : "1 = 0");
}
}
return $return;
}
function selectOrderProcess($fields, $indexes) {
$index_order = $_GET["index_order"];
$index_order = isset($_GET["index_order"]) ? $_GET["index_order"] : null;
if ($index_order != "") {
unset($_GET["order"][1]);
}
if ($_GET["order"]) {
if (isset($_GET["order"]) && $_GET["order"]) {
return array(idf_escape(reset($_GET["order"])) . ($_GET["desc"] ? " DESC" : ""));
}
foreach (($index_order != "" ? array($indexes[$index_order]) : $indexes) as $index) {
@ -416,10 +418,10 @@ ORDER BY ORDINAL_POSITION", null, "") as $row) { //! requires MySQL 5
}
function selectEmailProcess($where, $foreignKeys) {
if ($_POST["email_append"]) {
if (isset($_POST["email_append"]) && $_POST["email_append"]) {
return true;
}
if ($_POST["email"]) {
if (isset($_POST["email"]) && $_POST["email"]) {
$sent = 0;
if ($_POST["all"] || $_POST["check"]) {
$field = idf_escape($_POST["email_field"]);
@ -591,15 +593,17 @@ qsl('div').onclick = whisperClick;", "")
<?php
if ($missing == "auth") {
$first = true;
foreach ((array) $_SESSION["pwds"] as $vendor => $servers) {
foreach ($servers[""] as $username => $password) {
if ($password !== null) {
if ($first) {
echo "<ul id='logins'>";
echo script("mixin(qs('#logins'), {onmouseover: menuOver, onmouseout: menuOut});");
$first = false;
if (isset($_SESSION["pwds"])) {
foreach ((array) $_SESSION["pwds"] as $vendor => $servers) {
foreach ($servers[""] as $username => $password) {
if ($password !== null) {
if ($first) {
echo "<ul id='logins'>";
echo script("mixin(qs('#logins'), {onmouseover: menuOver, onmouseout: menuOut});");
$first = false;
}
echo "<li><a href='" . h(auth_url($vendor, "", $username)) . "'>" . ($username != "" ? h($username) : "<i>" . lang('empty') . "</i>") . "</a>\n";
}
echo "<li><a href='" . h(auth_url($vendor, "", $username)) . "'>" . ($username != "" ? h($username) : "<i>" . lang('empty') . "</i>") . "</a>\n";
}
}
}
@ -627,10 +631,10 @@ qsl('div').onclick = whisperClick;", "")
$name = $this->tableName($row);
if (isset($row["Engine"]) && $name != "") { // ignore views and tables without name
echo "<a href='" . h(ME) . 'select=' . urlencode($row["Name"]) . "'"
. bold($_GET["select"] == $row["Name"] || $_GET["edit"] == $row["Name"], "select")
. bold((isset($_GET["select"]) && $_GET["select"] == $row["Name"]) || (isset($_GET["edit"]) && $_GET["edit"] == $row["Name"]), "select")
. " title='" . lang('Select data') . "'>$name</a>\n";
echo "<a href='" . h(ME) . 'select=' . urlencode($row["Name"]) . "'"
. bold($_GET["select"] == $row["Name"] || $_GET["edit"] == $row["Name"], "")
. bold((isset($_GET["select"]) && $_GET["select"] == $row["Name"]) || (isset($_GET["edit"]) && $_GET["edit"] == $row["Name"]), "")
. " title='" . lang('Select data') . "'>$name</a>\n";
}
}
@ -638,12 +642,14 @@ qsl('div').onclick = whisperClick;", "")
}
function _foreignColumn($foreignKeys, $column) {
foreach ((array) $foreignKeys[$column] as $foreignKey) {
if (count($foreignKey["source"]) == 1) {
$name = $this->rowDescription($foreignKey["table"]);
if ($name != "") {
$id = idf_escape($foreignKey["target"][0]);
return array($foreignKey["table"], $id, $name);
if (isset($foreignKeys[$column])) {
foreach ((array) $foreignKeys[$column] as $foreignKey) {
if (count($foreignKey["source"]) == 1) {
$name = $this->rowDescription($foreignKey["table"]);
if ($name != "") {
$id = idf_escape($foreignKey["target"][0]);
return array($foreignKey["table"], $id, $name);
}
}
}
}

2
editor/index.php
View file

@ -11,7 +11,7 @@ $GLOBALS['project'] = basename(dirname(__FILE__));
include "../adminer/include/bootstrap.inc.php";
$drivers[DRIVER] = lang('Login');
if (isset($_GET["select"]) && ($_POST["edit"] || $_POST["clone"]) && !$_POST["save"]) {
if (isset($_GET["select"]) && ((isset($_POST["edit"]) && $_POST["edit"]) || (isset($_POST["clone"]) && $_POST["clone"])) && (isset($_POST["save"]) === false || !$_POST["save"])) {
$_GET["edit"] = $_GET["select"];
}

1
externals/JsShrink vendored

@ -1 +0,0 @@
Subproject commit 17cbfacae67dede6d94d94ce92214c8ca31d858e

1
externals/jush vendored

@ -1 +0,0 @@
Subproject commit ae33623c66189375a3654954cddc1c73f65c36fa

86
plugins/drivers/clickhouse.php
View file

@ -8,56 +8,78 @@ if (isset($_GET["clickhouse"])) {
var $extension = "JSON", $server_info, $errno, $_result, $error, $_url;
var $_db = 'default';
/**
* @param string $db
* @param string $query
* @return Min_Result|bool
*/
function rootQuery($db, $query) {
@ini_set('track_errors', 1); // @ - may be disabled
$file = @file_get_contents("$this->_url/?database=$db", false, stream_context_create(array('http' => array(
'method' => 'POST',
'content' => $this->isQuerySelectLike($query) ? "$query FORMAT JSONCompact" : $query,
'header' => 'Content-type: application/x-www-form-urlencoded',
'ignore_errors' => 1, // available since PHP 5.2.10
'ignore_errors' => 1,
'follow_location' => 0,
'max_redirects' => 0,
))));
if ($file === false) {
$this->error = $php_errormsg;
return $file;
}
if (!preg_match('~^HTTP/[0-9.]+ 2~i', $http_response_header[0])) {
$this->error = lang('Invalid credentials.') . " $http_response_header[0]";
$this->error = lang('Invalid server or credentials.');
return false;
}
$return = json_decode($file, true);
if ($return === null) {
if (!$this->isQuerySelectLike($query) && $file === '') {
return true;
}
$this->errno = json_last_error();
if (function_exists('json_last_error_msg')) {
$this->error = json_last_error_msg();
} else {
$constants = get_defined_constants(true);
foreach ($constants['json'] as $name => $value) {
if ($value == $this->errno && preg_match('~^JSON_ERROR_~', $name)) {
$this->error = $name;
break;
}
if (!preg_match('~^HTTP/[0-9.]+ 2~i', $http_response_header[0])) {
foreach ($http_response_header as $header) {
if (preg_match('~^X-ClickHouse-Exception-Code:~i', $header)) {
$this->error = preg_replace('~\(version [^(]+\(.+$~', '', $file);
return false;
}
}
$this->error = lang('Invalid server or credentials.');
return false;
}
return new Min_Result($return);
if (!$this->isQuerySelectLike($query) && $file === '') {
return true;
}
$return = json_decode($file, true);
if ($return === null) {
$this->error = lang('Invalid server or credentials.');
return false;
}
if (!isset($return['rows']) || !isset($return['data']) || !isset($return['meta'])) {
$this->error = lang('Invalid server or credentials.');
return false;
}
return new Min_Result($return['rows'], $return['data'], $return['meta']);
}
function isQuerySelectLike($query) {
return (bool) preg_match('~^(select|show)~i', $query);
}
/**
* @param string $query
* @return bool|Min_Result
*/
function query($query) {
return $this->rootQuery($this->_db, $query);
}
/**
* @param string $server
* @param string $username
* @param string $password
* @return bool
*/
function connect($server, $username, $password) {
preg_match('~^(https?://)?(.*)~', $server, $match);
$this->_url = ($match[1] ? $match[1] : "http://") . "$username:$password@$match[2]";
$this->_url = build_http_url($server, $username, $password, "localhost", 8123);
$return = $this->query('SELECT 1');
return (bool) $return;
}
@ -92,11 +114,17 @@ if (isset($_GET["clickhouse"])) {
class Min_Result {
var $num_rows, $_rows, $columns, $meta, $_offset = 0;
function __construct($result) {
$this->num_rows = $result['rows'];
$this->_rows = $result['data'];
$this->meta = $result['meta'];
$this->columns = array_column($this->meta, 'name');
/**
* @param int $rows
* @param array[] $data
* @param array[] $meta
*/
function __construct($rows, array $data, array $meta) {
$this->num_rows = $rows;
$this->_rows = $data;
$this->meta = $meta;
$this->columns = array_column($meta, 'name');
reset($this->_rows);
}

61
plugins/drivers/simpledb.php
View file

@ -6,13 +6,49 @@ if (isset($_GET["simpledb"])) {
if (class_exists('SimpleXMLElement') && ini_bool('allow_url_fopen')) {
class Min_DB {
var $extension = "SimpleXML", $server_info = '2009-04-15', $error, $timeout, $next, $affected_rows, $_result;
var $extension = "SimpleXML", $server_info = '2009-04-15', $error, $timeout, $next, $affected_rows, $_url, $_result;
/**
* @param string $server
* @param string $password
* @return bool
*/
function connect($server, $password) {
if ($server == '' || $password == '') {
$this->error = lang('Invalid server or credentials.');
return false;
}
$parts = parse_url($server);
if (!$parts || !isset($parts['host']) || !preg_match('~^sdb\.([a-z0-9-]+\.)?amazonaws\.com$~i', $parts['host']) ||
isset($parts['port'])
) {
$this->error = lang('Invalid server or credentials.');
return false;
}
$this->_url = build_http_url($server, '', '', '');
return (bool) $this->workaroundLoginRequest('ListDomains', ['MaxNumberOfDomains' => 1]);
}
// FIXME: This is so wrong :-( Move sdb_request to Min_DB!
private function workaroundLoginRequest($action, $params = array()) {
global $connection;
$connection = $this;
$result = sdb_request($action, $params);
$connection = null;
return $result;
}
function select_db($database) {
return ($database == "domain");
}
function query($query, $unbuffered = false) {
function query($query) {
$params = array('SelectExpression' => $query, 'ConsistentRead' => 'true');
if ($this->next) {
$params['NextToken'] = $this->next;
@ -248,11 +284,15 @@ if (isset($_GET["simpledb"])) {
function connect() {
global $adminer;
list(, , $password) = $adminer->credentials();
if ($password != "") {
return lang('Database does not support password.');
$connection = new Min_DB;
list($server, , $password) = $adminer->credentials();
if ($connection->connect($server, $password)) {
return $connection;
}
return new Min_DB;
return $connection->error;
}
function support($feature) {
@ -422,13 +462,16 @@ if (isset($_GET["simpledb"])) {
$query = str_replace('%7E', '~', substr($query, 1));
$query .= "&Signature=" . urlencode(base64_encode(hmac('sha1', "POST\n" . preg_replace('~^https?://~', '', $host) . "\n/\n$query", $secret, true)));
@ini_set('track_errors', 1); // @ - may be disabled
$file = @file_get_contents((preg_match('~^https?://~', $host) ? $host : "http://$host"), false, stream_context_create(array('http' => array(
$file = @file_get_contents($connection->_url, false, stream_context_create(array('http' => array(
'method' => 'POST', // may not fit in URL with GET
'content' => $query,
'ignore_errors' => 1, // available since PHP 5.2.10
'ignore_errors' => 1,
'follow_location' => 0,
'max_redirects' => 0,
))));
if (!$file) {
$connection->error = $php_errormsg;
$connection->error = error_get_last()['message'];
return false;
}
libxml_use_internal_errors(true);