EMS/web.ems
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

init web ems all

Browse Source
This commit is contained in:
agtuser
2024-09-27 17:13:36 +08:00
parent 81c97acbe9
commit 5cc56f8078
4263 changed files with 798779 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

531
phpMyAdmin/libraries/classes/Config/ConfigFile.php Executable file
View File

@@ -0,0 +1,531 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* Config file management
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config;
use PhpMyAdmin\Config;
use PhpMyAdmin\Core;
/**
* Config file management class.
* Stores its data in $_SESSION
*
* @package PhpMyAdmin
*/
class ConfigFile
{
/**
* Stores default PMA config from config.default.php
* @var array
*/
private $_defaultCfg;
/**
* Stores allowed values for non-standard fields
* @var array
*/
private $_cfgDb;
/**
* Stores original PMA config, not modified by user preferences
* @var Config
*/
private $_baseCfg;
/**
* Whether we are currently working in PMA Setup context
* @var bool
*/
private $_isInSetup;
/**
* Keys which will be always written to config file
* @var array
*/
private $_persistKeys = array();
/**
* Changes keys while updating config in {@link updateWithGlobalConfig()}
* or reading by {@link getConfig()} or {@link getConfigArray()}
* @var array
*/
private $_cfgUpdateReadMapping = array();
/**
* Key filter for {@link set()}
* @var array|null
*/
private $_setFilter;
/**
* Instance id (key in $_SESSION array, separate for each server -
* ConfigFile{server id})
* @var string
*/
private $_id;
/**
* Result for {@link _flattenArray()}
* @var array|null
*/
private $_flattenArrayResult;
/**
* Constructor
*
* @param array|null $base_config base configuration read from
* {@link PhpMyAdmin\Config::$base_config},
* use only when not in PMA Setup
*/
public function __construct($base_config = null)
{
// load default config values
$cfg = &$this->_defaultCfg;
include './libraries/config.default.php';
$cfg['fontsize'] = '82%';
// load additional config information
$cfg_db = &$this->_cfgDb;
include './libraries/config.values.php';
// apply default values overrides
if (count($cfg_db['_overrides'])) {
foreach ($cfg_db['_overrides'] as $path => $value) {
Core::arrayWrite($path, $cfg, $value);
}
}
$this->_baseCfg = $base_config;
$this->_isInSetup = is_null($base_config);
$this->_id = 'ConfigFile' . $GLOBALS['server'];
if (!isset($_SESSION[$this->_id])) {
$_SESSION[$this->_id] = array();
}
}
/**
* Sets names of config options which will be placed in config file even if
* they are set to their default values (use only full paths)
*
* @param array $keys the names of the config options
*
* @return void
*/
public function setPersistKeys(array $keys)
{
// checking key presence is much faster than searching so move values
// to keys
$this->_persistKeys = array_flip($keys);
}
/**
* Returns flipped array set by {@link setPersistKeys()}
*
* @return array
*/
public function getPersistKeysMap()
{
return $this->_persistKeys;
}
/**
* By default ConfigFile allows setting of all configuration keys, use
* this method to set up a filter on {@link set()} method
*
* @param array|null $keys array of allowed keys or null to remove filter
*
* @return void
*/
public function setAllowedKeys($keys)
{
if ($keys === null) {
$this->_setFilter = null;
return;
}
// checking key presence is much faster than searching so move values
// to keys
$this->_setFilter = array_flip($keys);
}
/**
* Sets path mapping for updating config in
* {@link updateWithGlobalConfig()} or reading
* by {@link getConfig()} or {@link getConfigArray()}
*
* @param array $mapping Contains the mapping of "Server/config options"
* to "Server/1/config options"
*
* @return void
*/
public function setCfgUpdateReadMapping(array $mapping)
{
$this->_cfgUpdateReadMapping = $mapping;
}
/**
* Resets configuration data
*
* @return void
*/
public function resetConfigData()
{
$_SESSION[$this->_id] = array();
}
/**
* Sets configuration data (overrides old data)
*
* @param array $cfg Configuration options
*
* @return void
*/
public function setConfigData(array $cfg)
{
$_SESSION[$this->_id] = $cfg;
}
/**
* Sets config value
*
* @param string $path Path
* @param mixed $value Value
* @param string $canonical_path Canonical path
*
* @return void
*/
public function set($path, $value, $canonical_path = null)
{
if ($canonical_path === null) {
$canonical_path = $this->getCanonicalPath($path);
}
// apply key whitelist
if ($this->_setFilter !== null
&& ! isset($this->_setFilter[$canonical_path])
) {
return;
}
// if the path isn't protected it may be removed
if (isset($this->_persistKeys[$canonical_path])) {
Core::arrayWrite($path, $_SESSION[$this->_id], $value);
return;
}
$default_value = $this->getDefault($canonical_path);
$remove_path = $value === $default_value;
if ($this->_isInSetup) {
// remove if it has a default value or is empty
$remove_path = $remove_path
|| (empty($value) && empty($default_value));
} else {
// get original config values not overwritten by user
// preferences to allow for overwriting options set in
// config.inc.php with default values
$instance_default_value = Core::arrayRead(
$canonical_path,
$this->_baseCfg
);
// remove if it has a default value and base config (config.inc.php)
// uses default value
$remove_path = $remove_path
&& ($instance_default_value === $default_value);
}
if ($remove_path) {
Core::arrayRemove($path, $_SESSION[$this->_id]);
return;
}
Core::arrayWrite($path, $_SESSION[$this->_id], $value);
}
/**
* Flattens multidimensional array, changes indices to paths
* (eg. 'key/subkey').
* Used as array_walk() callback.
*
* @param mixed $value Value
* @param mixed $key Key
* @param mixed $prefix Prefix
*
* @return void
*/
private function _flattenArray($value, $key, $prefix)
{
// no recursion for numeric arrays
if (is_array($value) && !isset($value[0])) {
$prefix .= $key . '/';
array_walk($value, array($this, '_flattenArray'), $prefix);
} else {
$this->_flattenArrayResult[$prefix . $key] = $value;
}
}
/**
* Returns default config in a flattened array
*
* @return array
*/
public function getFlatDefaultConfig()
{
$this->_flattenArrayResult = array();
array_walk($this->_defaultCfg, array($this, '_flattenArray'), '');
$flat_cfg = $this->_flattenArrayResult;
$this->_flattenArrayResult = null;
return $flat_cfg;
}
/**
* Updates config with values read from given array
* (config will contain differences to defaults from config.defaults.php).
*
* @param array $cfg Configuration
*
* @return void
*/
public function updateWithGlobalConfig(array $cfg)
{
// load config array and flatten it
$this->_flattenArrayResult = array();
array_walk($cfg, array($this, '_flattenArray'), '');
$flat_cfg = $this->_flattenArrayResult;
$this->_flattenArrayResult = null;
// save values map for translating a few user preferences paths,
// should be complemented by code reading from generated config
// to perform inverse mapping
foreach ($flat_cfg as $path => $value) {
if (isset($this->_cfgUpdateReadMapping[$path])) {
$path = $this->_cfgUpdateReadMapping[$path];
}
$this->set($path, $value, $path);
}
}
/**
* Returns config value or $default if it's not set
*
* @param string $path Path of config file
* @param mixed $default Default values
*
* @return mixed
*/
public function get($path, $default = null)
{
return Core::arrayRead($path, $_SESSION[$this->_id], $default);
}
/**
* Returns default config value or $default it it's not set ie. it doesn't
* exist in config.default.php ($cfg) and config.values.php
* ($_cfg_db['_overrides'])
*
* @param string $canonical_path Canonical path
* @param mixed $default Default value
*
* @return mixed
*/
public function getDefault($canonical_path, $default = null)
{
return Core::arrayRead($canonical_path, $this->_defaultCfg, $default);
}
/**
* Returns config value, if it's not set uses the default one; returns
* $default if the path isn't set and doesn't contain a default value
*
* @param string $path Path
* @param mixed $default Default value
*
* @return mixed
*/
public function getValue($path, $default = null)
{
$v = Core::arrayRead($path, $_SESSION[$this->_id], null);
if ($v !== null) {
return $v;
}
$path = $this->getCanonicalPath($path);
return $this->getDefault($path, $default);
}
/**
* Returns canonical path
*
* @param string $path Path
*
* @return string
*/
public function getCanonicalPath($path)
{
return preg_replace('#^Servers/([\d]+)/#', 'Servers/1/', $path);
}
/**
* Returns config database entry for $path ($cfg_db in config_info.php)
*
* @param string $path path of the variable in config db
* @param mixed $default default value
*
* @return mixed
*/
public function getDbEntry($path, $default = null)
{
return Core::arrayRead($path, $this->_cfgDb, $default);
}
/**
* Returns server count
*
* @return int
*/
public function getServerCount()
{
return isset($_SESSION[$this->_id]['Servers'])
? count($_SESSION[$this->_id]['Servers'])
: 0;
}
/**
* Returns server list
*
* @return array|null
*/
public function getServers()
{
return isset($_SESSION[$this->_id]['Servers'])
? $_SESSION[$this->_id]['Servers']
: null;
}
/**
* Returns DSN of given server
*
* @param integer $server server index
*
* @return string
*/
public function getServerDSN($server)
{
if (!isset($_SESSION[$this->_id]['Servers'][$server])) {
return '';
}
$path = 'Servers/' . $server;
$dsn = 'mysqli://';
if ($this->getValue("$path/auth_type") == 'config') {
$dsn .= $this->getValue("$path/user");
if (! empty($this->getValue("$path/password"))) {
$dsn .= ':***';
}
$dsn .= '@';
}
if ($this->getValue("$path/host") != 'localhost') {
$dsn .= $this->getValue("$path/host");
$port = $this->getValue("$path/port");
if ($port) {
$dsn .= ':' . $port;
}
} else {
$dsn .= $this->getValue("$path/socket");
}
return $dsn;
}
/**
* Returns server name
*
* @param int $id server index
*
* @return string
*/
public function getServerName($id)
{
if (!isset($_SESSION[$this->_id]['Servers'][$id])) {
return '';
}
$verbose = $this->get("Servers/$id/verbose");
if (!empty($verbose)) {
return $verbose;
}
$host = $this->get("Servers/$id/host");
return empty($host) ? 'localhost' : $host;
}
/**
* Removes server
*
* @param int $server server index
*
* @return void
*/
public function removeServer($server)
{
if (!isset($_SESSION[$this->_id]['Servers'][$server])) {
return;
}
$last_server = $this->getServerCount();
for ($i = $server; $i < $last_server; $i++) {
$_SESSION[$this->_id]['Servers'][$i]
= $_SESSION[$this->_id]['Servers'][$i + 1];
}
unset($_SESSION[$this->_id]['Servers'][$last_server]);
if (isset($_SESSION[$this->_id]['ServerDefault'])
&& $_SESSION[$this->_id]['ServerDefault'] == $last_server
) {
unset($_SESSION[$this->_id]['ServerDefault']);
}
}
/**
* Returns configuration array (full, multidimensional format)
*
* @return array
*/
public function getConfig()
{
$c = $_SESSION[$this->_id];
foreach ($this->_cfgUpdateReadMapping as $map_to => $map_from) {
// if the key $c exists in $map_to
if (Core::arrayRead($map_to, $c) !== null) {
Core::arrayWrite($map_to, $c, Core::arrayRead($map_from, $c));
Core::arrayRemove($map_from, $c);
}
}
return $c;
}
/**
* Returns configuration array (flat format)
*
* @return array
*/
public function getConfigArray()
{
$this->_flattenArrayResult = array();
array_walk($_SESSION[$this->_id], array($this, '_flattenArray'), '');
$c = $this->_flattenArrayResult;
$this->_flattenArrayResult = null;
$persistKeys = array_diff(
array_keys($this->_persistKeys),
array_keys($c)
);
foreach ($persistKeys as $k) {
$c[$k] = $this->getDefault($this->getCanonicalPath($k));
}
foreach ($this->_cfgUpdateReadMapping as $map_to => $map_from) {
if (!isset($c[$map_from])) {
continue;
}
$c[$map_to] = $c[$map_from];
unset($c[$map_from]);
}
return $c;
}
}

1493
phpMyAdmin/libraries/classes/Config/Descriptions.php Executable file
View File

File diff suppressed because it is too large Load Diff

233
phpMyAdmin/libraries/classes/Config/Form.php Executable file
View File

@@ -0,0 +1,233 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* Form handling code.
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config;
use PhpMyAdmin\Config\ConfigFile;
/**
* Base class for forms, loads default configuration options, checks allowed
* values etc.
*
* @package PhpMyAdmin
*/
class Form
{
/**
* Form name
* @var string
*/
public $name;
/**
* Arbitrary index, doesn't affect class' behavior
* @var int
*/
public $index;
/**
* Form fields (paths), filled by {@link readFormPaths()}, indexed by field name
* @var array
*/
public $fields;
/**
* Stores default values for some fields (eg. pmadb tables)
* @var array
*/
public $default;
/**
* Caches field types, indexed by field names
* @var array
*/
private $_fieldsTypes;
/**
* ConfigFile instance
* @var ConfigFile
*/
private $_configFile;
/**
* Constructor, reads default config values
*
* @param string $form_name Form name
* @param array $form Form data
* @param ConfigFile $cf Config file instance
* @param int $index arbitrary index, stored in Form::$index
*/
public function __construct(
$form_name, array $form, ConfigFile $cf, $index = null
) {
$this->index = $index;
$this->_configFile = $cf;
$this->loadForm($form_name, $form);
}
/**
* Returns type of given option
*
* @param string $option_name path or field name
*
* @return string|null one of: boolean, integer, double, string, select, array
*/
public function getOptionType($option_name)
{
$key = ltrim(
mb_substr(
$option_name,
mb_strrpos($option_name, '/')
),
'/'
);
return isset($this->_fieldsTypes[$key])
? $this->_fieldsTypes[$key]
: null;
}
/**
* Returns allowed values for select fields
*
* @param string $option_path Option path
*
* @return array
*/
public function getOptionValueList($option_path)
{
$value = $this->_configFile->getDbEntry($option_path);
if ($value === null) {
trigger_error("$option_path - select options not defined", E_USER_ERROR);
return array();
}
if (!is_array($value)) {
trigger_error("$option_path - not a static value list", E_USER_ERROR);
return array();
}
// convert array('#', 'a', 'b') to array('a', 'b')
if (isset($value[0]) && $value[0] === '#') {
// remove first element ('#')
array_shift($value);
// $value has keys and value names, return it
return $value;
}
// convert value list array('a', 'b') to array('a' => 'a', 'b' => 'b')
$has_string_keys = false;
$keys = array();
for ($i = 0, $nb = count($value); $i < $nb; $i++) {
if (!isset($value[$i])) {
$has_string_keys = true;
break;
}
$keys[] = is_bool($value[$i]) ? (int)$value[$i] : $value[$i];
}
if (! $has_string_keys) {
$value = array_combine($keys, $value);
}
// $value has keys and value names, return it
return $value;
}
/**
* array_walk callback function, reads path of form fields from
* array (see docs for \PhpMyAdmin\Config\Forms\BaseForm::getForms)
*
* @param mixed $value Value
* @param mixed $key Key
* @param mixed $prefix Prefix
*
* @return void
*/
private function _readFormPathsCallback($value, $key, $prefix)
{
static $group_counter = 0;
if (is_array($value)) {
$prefix .= $key . '/';
array_walk($value, array($this, '_readFormPathsCallback'), $prefix);
return;
}
if (!is_int($key)) {
$this->default[$prefix . $key] = $value;
$value = $key;
}
// add unique id to group ends
if ($value == ':group:end') {
$value .= ':' . $group_counter++;
}
$this->fields[] = $prefix . $value;
}
/**
* Reads form paths to {@link $fields}
*
* @param array $form Form
*
* @return void
*/
protected function readFormPaths(array $form)
{
// flatten form fields' paths and save them to $fields
$this->fields = array();
array_walk($form, array($this, '_readFormPathsCallback'), '');
// $this->fields is an array of the form: [0..n] => 'field path'
// change numeric indexes to contain field names (last part of the path)
$paths = $this->fields;
$this->fields = array();
foreach ($paths as $path) {
$key = ltrim(
mb_substr($path, mb_strrpos($path, '/')),
'/'
);
$this->fields[$key] = $path;
}
// now $this->fields is an array of the form: 'field name' => 'field path'
}
/**
* Reads fields' types to $this->_fieldsTypes
*
* @return void
*/
protected function readTypes()
{
$cf = $this->_configFile;
foreach ($this->fields as $name => $path) {
if (mb_strpos($name, ':group:') === 0) {
$this->_fieldsTypes[$name] = 'group';
continue;
}
$v = $cf->getDbEntry($path);
if ($v !== null) {
$type = is_array($v) ? 'select' : $v;
} else {
$type = gettype($cf->getDefault($path));
}
$this->_fieldsTypes[$name] = $type;
}
}
/**
* Reads form settings and prepares class to work with given subset of
* config file
*
* @param string $form_name Form name
* @param array $form Form
*
* @return void
*/
public function loadForm($form_name, array $form)
{
$this->name = $form_name;
$this->readFormPaths($form);
$this->readTypes();
}
}

880
phpMyAdmin/libraries/classes/Config/FormDisplay.php Executable file
View File

@@ -0,0 +1,880 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* Form management class, displays and processes forms
*
* Explanation of used terms:
* o work_path - original field path, eg. Servers/4/verbose
* o system_path - work_path modified so that it points to the first server,
* eg. Servers/1/verbose
* o translated_path - work_path modified for HTML field name, a path with
* slashes changed to hyphens, eg. Servers-4-verbose
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config;
use PhpMyAdmin\Config\ConfigFile;
use PhpMyAdmin\Config\Descriptions;
use PhpMyAdmin\Config\Form;
use PhpMyAdmin\Config\FormDisplayTemplate;
use PhpMyAdmin\Config\Forms\User\UserFormList;
use PhpMyAdmin\Config\Validator;
use PhpMyAdmin\Sanitize;
use PhpMyAdmin\Util;
/**
* Form management class, displays and processes forms
*
* @package PhpMyAdmin
*/
class FormDisplay
{
/**
* ConfigFile instance
* @var ConfigFile
*/
private $_configFile;
/**
* Form list
* @var Form[]
*/
private $_forms = array();
/**
* Stores validation errors, indexed by paths
* [ Form_name ] is an array of form errors
* [path] is a string storing error associated with single field
* @var array
*/
private $_errors = array();
/**
* Paths changed so that they can be used as HTML ids, indexed by paths
* @var array
*/
private $_translatedPaths = array();
/**
* Server paths change indexes so we define maps from current server
* path to the first one, indexed by work path
* @var array
*/
private $_systemPaths = array();
/**
* Language strings which will be sent to PMA_messages JS variable
* Will be looked up in $GLOBALS: str{value} or strSetup{value}
* @var array
*/
private $_jsLangStrings = array();
/**
* Tells whether forms have been validated
* @var bool
*/
private $_isValidated = true;
/**
* Dictionary with user preferences keys
* @var array|null
*/
private $_userprefsKeys;
/**
* Dictionary with disallowed user preferences keys
* @var array
*/
private $_userprefsDisallow;
/**
* Constructor
*
* @param ConfigFile $cf Config file instance
*/
public function __construct(ConfigFile $cf)
{
$this->_jsLangStrings = array(
'error_nan_p' => __('Not a positive number!'),
'error_nan_nneg' => __('Not a non-negative number!'),
'error_incorrect_port' => __('Not a valid port number!'),
'error_invalid_value' => __('Incorrect value!'),
'error_value_lte' => __('Value must be less than or equal to %s!'));
$this->_configFile = $cf;
// initialize validators
Validator::getValidators($this->_configFile);
}
/**
* Returns {@link ConfigFile} associated with this instance
*
* @return ConfigFile
*/
public function getConfigFile()
{
return $this->_configFile;
}
/**
* Registers form in form manager
*
* @param string $form_name Form name
* @param array $form Form data
* @param int $server_id 0 if new server, validation; >= 1 if editing a server
*
* @return void
*/
public function registerForm($form_name, array $form, $server_id = null)
{
$this->_forms[$form_name] = new Form(
$form_name, $form, $this->_configFile, $server_id
);
$this->_isValidated = false;
foreach ($this->_forms[$form_name]->fields as $path) {
$work_path = $server_id === null
? $path
: str_replace('Servers/1/', "Servers/$server_id/", $path);
$this->_systemPaths[$work_path] = $path;
$this->_translatedPaths[$work_path] = str_replace('/', '-', $work_path);
}
}
/**
* Processes forms, returns true on successful save
*
* @param bool $allow_partial_save allows for partial form saving
* on failed validation
* @param bool $check_form_submit whether check for $_POST['submit_save']
*
* @return boolean whether processing was successful
*/
public function process($allow_partial_save = true, $check_form_submit = true)
{
if ($check_form_submit && !isset($_POST['submit_save'])) {
return false;
}
// save forms
if (count($this->_forms) > 0) {
return $this->save(array_keys($this->_forms), $allow_partial_save);
}
return false;
}
/**
* Runs validation for all registered forms
*
* @return void
*/
private function _validate()
{
if ($this->_isValidated) {
return;
}
$paths = array();
$values = array();
foreach ($this->_forms as $form) {
/* @var $form Form */
$paths[] = $form->name;
// collect values and paths
foreach ($form->fields as $path) {
$work_path = array_search($path, $this->_systemPaths);
$values[$path] = $this->_configFile->getValue($work_path);
$paths[] = $path;
}
}
// run validation
$errors = Validator::validate(
$this->_configFile, $paths, $values, false
);
// change error keys from canonical paths to work paths
if (is_array($errors) && count($errors) > 0) {
$this->_errors = array();
foreach ($errors as $path => $error_list) {
$work_path = array_search($path, $this->_systemPaths);
// field error
if (! $work_path) {
// form error, fix path
$work_path = $path;
}
$this->_errors[$work_path] = $error_list;
}
}
$this->_isValidated = true;
}
/**
* Outputs HTML for the forms under the menu tab
*
* @param bool $show_restore_default whether to show "restore default"
* button besides the input field
* @param array &$js_default stores JavaScript code
* to be displayed
* @param array &$js will be updated with javascript code
* @param bool $show_buttons whether show submit and reset button
*
* @return string $htmlOutput
*/
private function _displayForms(
$show_restore_default, array &$js_default, array &$js, $show_buttons
) {
$htmlOutput = '';
$validators = Validator::getValidators($this->_configFile);
foreach ($this->_forms as $form) {
/* @var $form Form */
$form_errors = isset($this->_errors[$form->name])
? $this->_errors[$form->name] : null;
$htmlOutput .= FormDisplayTemplate::displayFieldsetTop(
Descriptions::get("Form_{$form->name}"),
Descriptions::get("Form_{$form->name}", 'desc'),
$form_errors,
array('id' => $form->name)
);
foreach ($form->fields as $field => $path) {
$work_path = array_search($path, $this->_systemPaths);
$translated_path = $this->_translatedPaths[$work_path];
// always true/false for user preferences display
// otherwise null
$userprefs_allow = isset($this->_userprefsKeys[$path])
? !isset($this->_userprefsDisallow[$path])
: null;
// display input
$htmlOutput .= $this->_displayFieldInput(
$form,
$field,
$path,
$work_path,
$translated_path,
$show_restore_default,
$userprefs_allow,
$js_default
);
// register JS validators for this field
if (isset($validators[$path])) {
FormDisplayTemplate::addJsValidate($translated_path, $validators[$path], $js);
}
}
$htmlOutput .= FormDisplayTemplate::displayFieldsetBottom($show_buttons);
}
return $htmlOutput;
}
/**
* Outputs HTML for forms
*
* @param bool $tabbed_form if true, use a form with tabs
* @param bool $show_restore_default whether show "restore default" button
* besides the input field
* @param bool $show_buttons whether show submit and reset button
* @param string $form_action action attribute for the form
* @param array|null $hidden_fields array of form hidden fields (key: field
* name)
*
* @return string HTML for forms
*/
public function getDisplay(
$tabbed_form = false,
$show_restore_default = false,
$show_buttons = true,
$form_action = null,
$hidden_fields = null
) {
static $js_lang_sent = false;
$htmlOutput = '';
$js = array();
$js_default = array();
$htmlOutput .= FormDisplayTemplate::displayFormTop($form_action, 'post', $hidden_fields);
if ($tabbed_form) {
$tabs = array();
foreach ($this->_forms as $form) {
$tabs[$form->name] = Descriptions::get("Form_$form->name");
}
$htmlOutput .= FormDisplayTemplate::displayTabsTop($tabs);
}
// validate only when we aren't displaying a "new server" form
$is_new_server = false;
foreach ($this->_forms as $form) {
/* @var $form Form */
if ($form->index === 0) {
$is_new_server = true;
break;
}
}
if (! $is_new_server) {
$this->_validate();
}
// user preferences
$this->_loadUserprefsInfo();
// display forms
$htmlOutput .= $this->_displayForms(
$show_restore_default, $js_default, $js, $show_buttons
);
if ($tabbed_form) {
$htmlOutput .= FormDisplayTemplate::displayTabsBottom();
}
$htmlOutput .= FormDisplayTemplate::displayFormBottom();
// if not already done, send strings used for validation to JavaScript
if (! $js_lang_sent) {
$js_lang_sent = true;
$js_lang = array();
foreach ($this->_jsLangStrings as $strName => $strValue) {
$js_lang[] = "'$strName': '" . Sanitize::jsFormat($strValue, false) . '\'';
}
$js[] = "$.extend(PMA_messages, {\n\t"
. implode(",\n\t", $js_lang) . '})';
}
$js[] = "$.extend(defaultValues, {\n\t"
. implode(",\n\t", $js_default) . '})';
$htmlOutput .= FormDisplayTemplate::displayJavascript($js);
return $htmlOutput;
}
/**
* Prepares data for input field display and outputs HTML code
*
* @param Form $form Form object
* @param string $field field name as it appears in $form
* @param string $system_path field path, eg. Servers/1/verbose
* @param string $work_path work path, eg. Servers/4/verbose
* @param string $translated_path work path changed so that it can be
* used as XHTML id
* @param bool $show_restore_default whether show "restore default" button
* besides the input field
* @param bool|null $userprefs_allow whether user preferences are enabled
* for this field (null - no support,
* true/false - enabled/disabled)
* @param array &$js_default array which stores JavaScript code
* to be displayed
*
* @return string HTML for input field
*/
private function _displayFieldInput(
Form $form, $field, $system_path, $work_path,
$translated_path, $show_restore_default, $userprefs_allow, array &$js_default
) {
$name = Descriptions::get($system_path);
$description = Descriptions::get($system_path, 'desc');
$value = $this->_configFile->get($work_path);
$value_default = $this->_configFile->getDefault($system_path);
$value_is_default = false;
if ($value === null || $value === $value_default) {
$value = $value_default;
$value_is_default = true;
}
$opts = array(
'doc' => $this->getDocLink($system_path),
'show_restore_default' => $show_restore_default,
'userprefs_allow' => $userprefs_allow,
'userprefs_comment' => Descriptions::get($system_path, 'cmt')
);
if (isset($form->default[$system_path])) {
$opts['setvalue'] = $form->default[$system_path];
}
if (isset($this->_errors[$work_path])) {
$opts['errors'] = $this->_errors[$work_path];
}
$type = '';
switch ($form->getOptionType($field)) {
case 'string':
$type = 'text';
break;
case 'short_string':
$type = 'short_text';
break;
case 'double':
case 'integer':
$type = 'number_text';
break;
case 'boolean':
$type = 'checkbox';
break;
case 'select':
$type = 'select';
$opts['values'] = $form->getOptionValueList($form->fields[$field]);
break;
case 'array':
$type = 'list';
$value = (array) $value;
$value_default = (array) $value_default;
break;
case 'group':
// :group:end is changed to :group:end:{unique id} in Form class
$htmlOutput = '';
if (mb_substr($field, 7, 4) != 'end:') {
$htmlOutput .= FormDisplayTemplate::displayGroupHeader(
mb_substr($field, 7)
);
} else {
FormDisplayTemplate::displayGroupFooter();
}
return $htmlOutput;
case 'NULL':
trigger_error("Field $system_path has no type", E_USER_WARNING);
return null;
}
// detect password fields
if ($type === 'text'
&& (mb_substr($translated_path, -9) === '-password'
|| mb_substr($translated_path, -4) === 'pass'
|| mb_substr($translated_path, -4) === 'Pass')
) {
$type = 'password';
}
// TrustedProxies requires changes before displaying
if ($system_path == 'TrustedProxies') {
foreach ($value as $ip => &$v) {
if (!preg_match('/^-\d+$/', $ip)) {
$v = $ip . ': ' . $v;
}
}
}
$this->_setComments($system_path, $opts);
// send default value to form's JS
$js_line = '\'' . $translated_path . '\': ';
switch ($type) {
case 'text':
case 'short_text':
case 'number_text':
case 'password':
$js_line .= '\'' . Sanitize::escapeJsString($value_default) . '\'';
break;
case 'checkbox':
$js_line .= $value_default ? 'true' : 'false';
break;
case 'select':
$value_default_js = is_bool($value_default)
? (int) $value_default
: $value_default;
$js_line .= '[\'' . Sanitize::escapeJsString($value_default_js) . '\']';
break;
case 'list':
$js_line .= '\'' . Sanitize::escapeJsString(implode("\n", $value_default))
. '\'';
break;
}
$js_default[] = $js_line;
return FormDisplayTemplate::displayInput(
$translated_path, $name, $type, $value,
$description, $value_is_default, $opts
);
}
/**
* Displays errors
*
* @return string HTML for errors
*/
public function displayErrors()
{
$this->_validate();
if (count($this->_errors) == 0) {
return null;
}
$htmlOutput = '';
foreach ($this->_errors as $system_path => $error_list) {
if (isset($this->_systemPaths[$system_path])) {
$name = Descriptions::get($this->_systemPaths[$system_path]);
} else {
$name = Descriptions::get('Form_' . $system_path);
}
$htmlOutput .= FormDisplayTemplate::displayErrors($name, $error_list);
}
return $htmlOutput;
}
/**
* Reverts erroneous fields to their default values
*
* @return void
*/
public function fixErrors()
{
$this->_validate();
if (count($this->_errors) == 0) {
return;
}
$cf = $this->_configFile;
foreach (array_keys($this->_errors) as $work_path) {
if (!isset($this->_systemPaths[$work_path])) {
continue;
}
$canonical_path = $this->_systemPaths[$work_path];
$cf->set($work_path, $cf->getDefault($canonical_path));
}
}
/**
* Validates select field and casts $value to correct type
*
* @param string &$value Current value
* @param array $allowed List of allowed values
*
* @return bool
*/
private function _validateSelect(&$value, array $allowed)
{
$value_cmp = is_bool($value)
? (int) $value
: $value;
foreach ($allowed as $vk => $v) {
// equality comparison only if both values are numeric or not numeric
// (allows to skip 0 == 'string' equalling to true)
// or identity (for string-string)
if (($vk == $value && !(is_numeric($value_cmp) xor is_numeric($vk)))
|| $vk === $value
) {
// keep boolean value as boolean
if (!is_bool($value)) {
settype($value, gettype($vk));
}
return true;
}
}
return false;
}
/**
* Validates and saves form data to session
*
* @param array|string $forms array of form names
* @param bool $allow_partial_save allows for partial form saving on
* failed validation
*
* @return boolean true on success (no errors and all saved)
*/
public function save($forms, $allow_partial_save = true)
{
$result = true;
$forms = (array) $forms;
$values = array();
$to_save = array();
$is_setup_script = $GLOBALS['PMA_Config']->get('is_setup');
if ($is_setup_script) {
$this->_loadUserprefsInfo();
}
$this->_errors = array();
foreach ($forms as $form_name) {
/* @var $form Form */
if (isset($this->_forms[$form_name])) {
$form = $this->_forms[$form_name];
} else {
continue;
}
// get current server id
$change_index = $form->index === 0
? $this->_configFile->getServerCount() + 1
: false;
// grab POST values
foreach ($form->fields as $field => $system_path) {
$work_path = array_search($system_path, $this->_systemPaths);
$key = $this->_translatedPaths[$work_path];
$type = $form->getOptionType($field);
// skip groups
if ($type == 'group') {
continue;
}
// ensure the value is set
if (!isset($_POST[$key])) {
// checkboxes aren't set by browsers if they're off
if ($type == 'boolean') {
$_POST[$key] = false;
} else {
$this->_errors[$form->name][] = sprintf(
__('Missing data for %s'),
'<i>' . Descriptions::get($system_path) . '</i>'
);
$result = false;
continue;
}
}
// user preferences allow/disallow
if ($is_setup_script
&& isset($this->_userprefsKeys[$system_path])
) {
if (isset($this->_userprefsDisallow[$system_path])
&& isset($_POST[$key . '-userprefs-allow'])
) {
unset($this->_userprefsDisallow[$system_path]);
} elseif (!isset($_POST[$key . '-userprefs-allow'])) {
$this->_userprefsDisallow[$system_path] = true;
}
}
// cast variables to correct type
switch ($type) {
case 'double':
$_POST[$key] = Util::requestString($_POST[$key]);
settype($_POST[$key], 'float');
break;
case 'boolean':
case 'integer':
if ($_POST[$key] !== '') {
$_POST[$key] = Util::requestString($_POST[$key]);
settype($_POST[$key], $type);
}
break;
case 'select':
$successfully_validated = $this->_validateSelect(
$_POST[$key],
$form->getOptionValueList($system_path)
);
if (! $successfully_validated) {
$this->_errors[$work_path][] = __('Incorrect value!');
$result = false;
// "continue" for the $form->fields foreach-loop
continue 2;
}
break;
case 'string':
case 'short_string':
$_POST[$key] = Util::requestString($_POST[$key]);
break;
case 'array':
// eliminate empty values and ensure we have an array
$post_values = is_array($_POST[$key])
? $_POST[$key]
: explode("\n", $_POST[$key]);
$_POST[$key] = array();
$this->_fillPostArrayParameters($post_values, $key);
break;
}
// now we have value with proper type
$values[$system_path] = $_POST[$key];
if ($change_index !== false) {
$work_path = str_replace(
"Servers/$form->index/",
"Servers/$change_index/", $work_path
);
}
$to_save[$work_path] = $system_path;
}
}
// save forms
if (!$allow_partial_save && !empty($this->_errors)) {
// don't look for non-critical errors
$this->_validate();
return $result;
}
foreach ($to_save as $work_path => $path) {
// TrustedProxies requires changes before saving
if ($path == 'TrustedProxies') {
$proxies = array();
$i = 0;
foreach ($values[$path] as $value) {
$matches = array();
$match = preg_match(
"/^(.+):(?:[ ]?)(\\w+)$/", $value, $matches
);
if ($match) {
// correct 'IP: HTTP header' pair
$ip = trim($matches[1]);
$proxies[$ip] = trim($matches[2]);
} else {
// save also incorrect values
$proxies["-$i"] = $value;
$i++;
}
}
$values[$path] = $proxies;
}
$this->_configFile->set($work_path, $values[$path], $path);
}
if ($is_setup_script) {
$this->_configFile->set(
'UserprefsDisallow',
array_keys($this->_userprefsDisallow)
);
}
// don't look for non-critical errors
$this->_validate();
return $result;
}
/**
* Tells whether form validation failed
*
* @return boolean
*/
public function hasErrors()
{
return count($this->_errors) > 0;
}
/**
* Returns link to documentation
*
* @param string $path Path to documentation
*
* @return string
*/
public function getDocLink($path)
{
$test = mb_substr($path, 0, 6);
if ($test == 'Import' || $test == 'Export') {
return '';
}
return Util::getDocuLink(
'config',
'cfg_' . $this->_getOptName($path)
);
}
/**
* Changes path so it can be used in URLs
*
* @param string $path Path
*
* @return string
*/
private function _getOptName($path)
{
return str_replace(array('Servers/1/', '/'), array('Servers/', '_'), $path);
}
/**
* Fills out {@link userprefs_keys} and {@link userprefs_disallow}
*
* @return void
*/
private function _loadUserprefsInfo()
{
if ($this->_userprefsKeys !== null) {
return;
}
$this->_userprefsKeys = array_flip(UserFormList::getFields());
// read real config for user preferences display
$userprefs_disallow = $GLOBALS['PMA_Config']->get('is_setup')
? $this->_configFile->get('UserprefsDisallow', array())
: $GLOBALS['cfg']['UserprefsDisallow'];
$this->_userprefsDisallow = array_flip($userprefs_disallow);
}
/**
* Sets field comments and warnings based on current environment
*
* @param string $system_path Path to settings
* @param array &$opts Chosen options
*
* @return void
*/
private function _setComments($system_path, array &$opts)
{
// RecodingEngine - mark unavailable types
if ($system_path == 'RecodingEngine') {
$comment = '';
if (!function_exists('iconv')) {
$opts['values']['iconv'] .= ' (' . __('unavailable') . ')';
$comment = sprintf(
__('"%s" requires %s extension'), 'iconv', 'iconv'
);
}
if (!function_exists('recode_string')) {
$opts['values']['recode'] .= ' (' . __('unavailable') . ')';
$comment .= ($comment ? ", " : '') . sprintf(
__('"%s" requires %s extension'),
'recode', 'recode'
);
}
/* mbstring is always there thanks to polyfill */
$opts['comment'] = $comment;
$opts['comment_warning'] = true;
}
// ZipDump, GZipDump, BZipDump - check function availability
if ($system_path == 'ZipDump'
|| $system_path == 'GZipDump'
|| $system_path == 'BZipDump'
) {
$comment = '';
$funcs = array(
'ZipDump' => array('zip_open', 'gzcompress'),
'GZipDump' => array('gzopen', 'gzencode'),
'BZipDump' => array('bzopen', 'bzcompress'));
if (!function_exists($funcs[$system_path][0])) {
$comment = sprintf(
__(
'Compressed import will not work due to missing function %s.'
),
$funcs[$system_path][0]
);
}
if (!function_exists($funcs[$system_path][1])) {
$comment .= ($comment ? '; ' : '') . sprintf(
__(
'Compressed export will not work due to missing function %s.'
),
$funcs[$system_path][1]
);
}
$opts['comment'] = $comment;
$opts['comment_warning'] = true;
}
if (! $GLOBALS['PMA_Config']->get('is_setup')) {
if (($system_path == 'MaxDbList' || $system_path == 'MaxTableList'
|| $system_path == 'QueryHistoryMax')
) {
$opts['comment'] = sprintf(
__('maximum %s'), $GLOBALS['cfg'][$system_path]
);
}
}
}
/**
* Copy items of an array to $_POST variable
*
* @param array $post_values List of parameters
* @param string $key Array key
*
* @return void
*/
private function _fillPostArrayParameters(array $post_values, $key)
{
foreach ($post_values as $v) {
$v = Util::requestString($v);
if ($v !== '') {
$_POST[$key][] = $v;
}
}
}
}

493
phpMyAdmin/libraries/classes/Config/FormDisplayTemplate.php Executable file
View File

@@ -0,0 +1,493 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* Form templates
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config;
use PhpMyAdmin\Sanitize;
use PhpMyAdmin\Template;
use PhpMyAdmin\Url;
use PhpMyAdmin\Util;
/**
* PhpMyAdmin\Config\FormDisplayTemplate class
*
* @package PhpMyAdmin
*/
class FormDisplayTemplate
{
/**
* Displays top part of the form
*
* @param string $action default: $_SERVER['REQUEST_URI']
* @param string $method 'post' or 'get'
* @param array|null $hidden_fields array of form hidden fields (key: field name)
*
* @return string
*/
public static function displayFormTop($action = null, $method = 'post', $hidden_fields = null)
{
static $has_check_page_refresh = false;
if ($action === null) {
$action = $_SERVER['REQUEST_URI'];
}
if ($method != 'post') {
$method = 'get';
}
$htmlOutput = '<form method="' . $method . '" action="'
. htmlspecialchars($action) . '" class="config-form disableAjax">';
$htmlOutput .= '<input type="hidden" name="tab_hash" value="" />';
// we do validation on page refresh when browser remembers field values,
// add a field with known value which will be used for checks
if (! $has_check_page_refresh) {
$has_check_page_refresh = true;
$htmlOutput .= '<input type="hidden" name="check_page_refresh" '
. ' id="check_page_refresh" value="" />' . "\n";
}
$htmlOutput .= Url::getHiddenInputs('', '', 0, 'server') . "\n";
$htmlOutput .= Url::getHiddenFields((array)$hidden_fields);
return $htmlOutput;
}
/**
* Displays form tabs which are given by an array indexed by fieldset id
* ({@link self::displayFieldsetTop}), with values being tab titles.
*
* @param array $tabs tab names
*
* @return string
*/
public static function displayTabsTop(array $tabs)
{
$items = array();
foreach ($tabs as $tab_id => $tab_name) {
$items[] = array(
'content' => htmlspecialchars($tab_name),
'url' => array(
'href' => '#' . $tab_id,
),
);
}
$htmlOutput = Template::get('list/unordered')->render(
array(
'class' => 'tabs responsivetable',
'items' => $items,
)
);
$htmlOutput .= '<br />';
$htmlOutput .= '<div class="tabs_contents">';
return $htmlOutput;
}
/**
* Displays top part of a fieldset
*
* @param string $title title of fieldset
* @param string $description description shown on top of fieldset
* @param array|null $errors error messages to display
* @param array $attributes optional extra attributes of fieldset
*
* @return string
*/
public static function displayFieldsetTop(
$title = '',
$description = '',
$errors = null,
array $attributes = array()
) {
global $_FormDisplayGroup;
$_FormDisplayGroup = 0;
$attributes = array_merge(array('class' => 'optbox'), $attributes);
return Template::get('config/form_display/fieldset_top')->render([
'attributes' => $attributes,
'title' => $title,
'description' => $description,
'errors' => $errors,
]);
}
/**
* Displays input field
*
* $opts keys:
* o doc - (string) documentation link
* o errors - error array
* o setvalue - (string) shows button allowing to set predefined value
* o show_restore_default - (boolean) whether show "restore default" button
* o userprefs_allow - whether user preferences are enabled for this field
* (null - no support, true/false - enabled/disabled)
* o userprefs_comment - (string) field comment
* o values - key - value pairs for <select> fields
* o values_escaped - (boolean) tells whether values array is already escaped
* (defaults to false)
* o values_disabled - (array)list of disabled values (keys from values)
* o comment - (string) tooltip comment
* o comment_warning - (bool) whether this comments warns about something
*
* @param string $path config option path
* @param string $name config option name
* @param string $type type of config option
* @param mixed $value current value
* @param string $description verbose description
* @param bool $value_is_default whether value is default
* @param array|null $opts see above description
*
* @return string
*/
public static function displayInput($path, $name, $type, $value, $description = '',
$value_is_default = true, $opts = null
) {
global $_FormDisplayGroup;
static $icons; // An array of IMG tags used further below in the function
if (defined('TESTSUITE')) {
$icons = null;
}
$is_setup_script = $GLOBALS['PMA_Config']->get('is_setup');
if ($icons === null) { // if the static variables have not been initialised
$icons = array();
// Icon definitions:
// The same indexes will be used in the $icons array.
// The first element contains the filename and the second
// element is used for the "alt" and "title" attributes.
$icon_init = array(
'edit' => array('b_edit', ''),
'help' => array('b_help', __('Documentation')),
'reload' => array('s_reload', ''),
'tblops' => array('b_tblops', '')
);
if ($is_setup_script) {
// When called from the setup script, we don't have access to the
// sprite-aware getImage() function because the PMA_theme class
// has not been loaded, so we generate the img tags manually.
foreach ($icon_init as $k => $v) {
$title = '';
if (! empty($v[1])) {
$title = ' title="' . $v[1] . '"';
}
$icons[$k] = sprintf(
'<img alt="%s" src="%s"%s />',
$v[1],
"../themes/pmahomme/img/{$v[0]}.png",
$title
);
}
} else {
// In this case we just use getImage() because it's available
foreach ($icon_init as $k => $v) {
$icons[$k] = Util::getImage(
$v[0], $v[1]
);
}
}
}
$has_errors = isset($opts['errors']) && !empty($opts['errors']);
$option_is_disabled = ! $is_setup_script && isset($opts['userprefs_allow'])
&& ! $opts['userprefs_allow'];
$name_id = 'name="' . htmlspecialchars($path) . '" id="'
. htmlspecialchars($path) . '"';
$field_class = $type == 'checkbox' ? 'checkbox' : '';
if (! $value_is_default) {
$field_class .= ($field_class == '' ? '' : ' ')
. ($has_errors ? 'custom field-error' : 'custom');
}
$field_class = $field_class ? ' class="' . $field_class . '"' : '';
$tr_class = $_FormDisplayGroup > 0
? 'group-field group-field-' . $_FormDisplayGroup
: '';
if (isset($opts['setvalue']) && $opts['setvalue'] == ':group') {
unset($opts['setvalue']);
$_FormDisplayGroup++;
$tr_class = 'group-header-field group-header-' . $_FormDisplayGroup;
}
if ($option_is_disabled) {
$tr_class .= ($tr_class ? ' ' : '') . 'disabled-field';
}
$tr_class = $tr_class ? ' class="' . $tr_class . '"' : '';
$htmlOutput = '<tr' . $tr_class . '>';
$htmlOutput .= '<th>';
$htmlOutput .= '<label for="' . htmlspecialchars($path) . '">' . htmlspecialchars_decode($name)
. '</label>';
if (! empty($opts['doc'])) {
$htmlOutput .= '<span class="doc">';
$htmlOutput .= '<a href="' . $opts['doc']
. '" target="documentation">' . $icons['help'] . '</a>';
$htmlOutput .= "\n";
$htmlOutput .= '</span>';
}
if ($option_is_disabled) {
$htmlOutput .= '<span class="disabled-notice" title="';
$htmlOutput .= __(
'This setting is disabled, it will not be applied to your configuration.'
);
$htmlOutput .= '">' . __('Disabled') . "</span>";
}
if (!empty($description)) {
$htmlOutput .= '<small>' . $description . '</small>';
}
$htmlOutput .= '</th>';
$htmlOutput .= '<td>';
switch ($type) {
case 'text':
$htmlOutput .= '<input type="text" class="all85" ' . $name_id . $field_class
. ' value="' . htmlspecialchars($value) . '" />';
break;
case 'password':
$htmlOutput .= '<input type="password" class="all85" ' . $name_id . $field_class
. ' value="' . htmlspecialchars($value) . '" />';
break;
case 'short_text':
// As seen in the reporting server (#15042) we sometimes receive
// an array here. No clue about its origin nor content, so let's avoid
// a notice on htmlspecialchars().
if (! is_array($value)) {
$htmlOutput .= '<input type="text" size="25" ' . $name_id
. $field_class . ' value="' . htmlspecialchars($value)
. '" />';
}
break;
case 'number_text':
$htmlOutput .= '<input type="number" ' . $name_id . $field_class
. ' value="' . htmlspecialchars($value) . '" />';
break;
case 'checkbox':
$htmlOutput .= '<span' . $field_class . '><input type="checkbox" ' . $name_id
. ($value ? ' checked="checked"' : '') . ' /></span>';
break;
case 'select':
$htmlOutput .= '<select class="all85" ' . $name_id . $field_class . '>';
$escape = !(isset($opts['values_escaped']) && $opts['values_escaped']);
$values_disabled = isset($opts['values_disabled'])
? array_flip($opts['values_disabled']) : array();
foreach ($opts['values'] as $opt_value_key => $opt_value) {
// set names for boolean values
if (is_bool($opt_value)) {
$opt_value = mb_strtolower(
$opt_value ? __('Yes') : __('No')
);
}
// escape if necessary
if ($escape) {
$display = htmlspecialchars($opt_value);
$display_value = htmlspecialchars($opt_value_key);
} else {
$display = $opt_value;
$display_value = $opt_value_key;
}
// compare with selected value
// boolean values are cast to integers when used as array keys
$selected = is_bool($value)
? (int) $value === $opt_value_key
: $opt_value_key === $value;
$htmlOutput .= '<option value="' . $display_value . '"';
if ($selected) {
$htmlOutput .= ' selected="selected"';
}
if (isset($values_disabled[$opt_value_key])) {
$htmlOutput .= ' disabled="disabled"';
}
$htmlOutput .= '>' . $display . '</option>';
}
$htmlOutput .= '</select>';
break;
case 'list':
$htmlOutput .= '<textarea cols="35" rows="5" ' . $name_id . $field_class
. '>' . htmlspecialchars(implode("\n", $value)) . '</textarea>';
break;
}
if (isset($opts['comment']) && $opts['comment']) {
$class = 'field-comment-mark';
if (isset($opts['comment_warning']) && $opts['comment_warning']) {
$class .= ' field-comment-warning';
}
$htmlOutput .= '<span class="' . $class . '" title="'
. htmlspecialchars($opts['comment']) . '">i</span>';
}
if ($is_setup_script
&& isset($opts['userprefs_comment'])
&& $opts['userprefs_comment']
) {
$htmlOutput .= '<a class="userprefs-comment" title="'
. htmlspecialchars($opts['userprefs_comment']) . '">'
. $icons['tblops'] . '</a>';
}
if (isset($opts['setvalue']) && $opts['setvalue']) {
$htmlOutput .= '<a class="set-value hide" href="#'
. htmlspecialchars("$path={$opts['setvalue']}") . '" title="'
. sprintf(__('Set value: %s'), htmlspecialchars($opts['setvalue']))
. '">' . $icons['edit'] . '</a>';
}
if (isset($opts['show_restore_default']) && $opts['show_restore_default']) {
$htmlOutput .= '<a class="restore-default hide" href="#' . $path . '" title="'
. __('Restore default value') . '">' . $icons['reload'] . '</a>';
}
// this must match with displayErrors() in scripts/config.js
if ($has_errors) {
$htmlOutput .= "\n <dl class=\"inline_errors\">";
foreach ($opts['errors'] as $error) {
$htmlOutput .= '<dd>' . htmlspecialchars($error) . '</dd>';
}
$htmlOutput .= '</dl>';
}
$htmlOutput .= '</td>';
if ($is_setup_script && isset($opts['userprefs_allow'])) {
$htmlOutput .= '<td class="userprefs-allow" title="' .
__('Allow users to customize this value') . '">';
$htmlOutput .= '<input type="checkbox" name="' . $path
. '-userprefs-allow" ';
if ($opts['userprefs_allow']) {
$htmlOutput .= 'checked="checked"';
};
$htmlOutput .= '/>';
$htmlOutput .= '</td>';
} elseif ($is_setup_script) {
$htmlOutput .= '<td>&nbsp;</td>';
}
$htmlOutput .= '</tr>';
return $htmlOutput;
}
/**
* Display group header
*
* @param string $headerText Text of header
*
* @return string|void
*/
public static function displayGroupHeader($headerText)
{
global $_FormDisplayGroup;
$_FormDisplayGroup++;
if (! $headerText) {
return null;
}
$colspan = $GLOBALS['PMA_Config']->get('is_setup') ? 3 : 2;
return Template::get('config/form_display/group_header')->render([
'group' => $_FormDisplayGroup,
'colspan' => $colspan,
'header_text' => $headerText,
]);
}
/**
* Display group footer
*
* @return void
*/
public static function displayGroupFooter()
{
global $_FormDisplayGroup;
$_FormDisplayGroup--;
}
/**
* Displays bottom part of a fieldset
*
* @param bool $showButtons Whether show submit and reset button
*
* @return string
*/
public static function displayFieldsetBottom($showButtons = true)
{
return Template::get('config/form_display/fieldset_bottom')->render([
'show_buttons' => $showButtons,
'is_setup' => $GLOBALS['PMA_Config']->get('is_setup'),
]);
}
/**
* Closes form tabs
*
* @return string
*/
public static function displayTabsBottom()
{
return Template::get('config/form_display/tabs_bottom')->render();
}
/**
* Displays bottom part of the form
*
* @return string
*/
public static function displayFormBottom()
{
return Template::get('config/form_display/form_bottom')->render();
}
/**
* Appends JS validation code to $js_array
*
* @param string $field_id ID of field to validate
* @param string|array $validators validators callback
* @param array &$js_array will be updated with javascript code
*
* @return void
*/
public static function addJsValidate($field_id, $validators, array &$js_array)
{
foreach ((array)$validators as $validator) {
$validator = (array)$validator;
$v_name = array_shift($validator);
$v_name = "PMA_" . $v_name;
$v_args = array();
foreach ($validator as $arg) {
$v_args[] = Sanitize::escapeJsString($arg);
}
$v_args = $v_args ? ", ['" . implode("', '", $v_args) . "']" : '';
$js_array[] = "validateField('$field_id', '$v_name', true$v_args)";
}
}
/**
* Displays JavaScript code
*
* @param array $js_array lines of javascript code
*
* @return string
*/
public static function displayJavascript(array $js_array)
{
if (empty($js_array)) {
return null;
}
return Template::get('javascript/display')->render(
array('js_array' => $js_array,)
);
}
/**
* Displays error list
*
* @param string $name Name of item with errors
* @param array $errorList List of errors to show
*
* @return string HTML for errors
*/
public static function displayErrors($name, array $errorList)
{
return Template::get('config/form_display/errors')->render([
'name' => $name,
'error_list' => $errorList,
]);
}
}

85
phpMyAdmin/libraries/classes/Config/Forms/BaseForm.php Executable file
View File

@@ -0,0 +1,85 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* Base class for preferences.
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms;
use PhpMyAdmin\Config\ConfigFile;
use PhpMyAdmin\Config\FormDisplay;
/**
* Base form for user preferences
*/
abstract class BaseForm extends FormDisplay
{
/**
* Constructor
*
* @param ConfigFile $cf Config file instance
* @param int|null $server_id 0 if new server, validation; >= 1 if editing a server
*/
public function __construct(ConfigFile $cf, $server_id = null)
{
parent::__construct($cf);
foreach (static::getForms() as $form_name => $form) {
$this->registerForm($form_name, $form, $server_id);
}
}
/**
* List of available forms, each form is described as an array of fields to display.
* Fields MUST have their counterparts in the $cfg array.
*
* To define form field, use the notation below:
* $forms['Form group']['Form name'] = array('Option/path');
*
* You can assign default values set by special button ("set value: ..."), eg.:
* 'Servers/1/pmadb' => 'phpmyadmin'
*
* To group options, use:
* ':group:' . __('group name') // just define a group
* or
* 'option' => ':group' // group starting from this option
* End group blocks with:
* ':group:end'
*
* @todo This should be abstract, but that does not work in PHP 5
*
* @return array
*/
public static function getForms()
{
return array();
}
/**
* Returns list of fields used in the form.
*
* @return string[]
*/
public static function getFields()
{
$names = [];
foreach (static::getForms() as $form) {
foreach ($form as $k => $v) {
$names[] = is_int($k) ? $v : $k;
}
}
return $names;
}
/**
* Returns name of the form
*
* @todo This should be abstract, but that does not work in PHP 5
*
* @return string
*/
public static function getName()
{
return '';
}
}

127
phpMyAdmin/libraries/classes/Config/Forms/BaseFormList.php Executable file
View File

@@ -0,0 +1,127 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms;
use PhpMyAdmin\Config\ConfigFile;
class BaseFormList
{
/**
* List of all forms
*/
protected static $all = array();
protected static $ns = 'PhpMyAdmin\\Config\\Forms\\';
private $_forms;
public static function getAll()
{
return static::$all;
}
public static function isValid($name)
{
return in_array($name, static::$all);
}
public static function get($name)
{
if (static::isValid($name)) {
return static::$ns . $name . 'Form';
}
return null;
}
/**
* Constructor
*
* @param ConfigFile $cf Config file instance
*/
public function __construct(ConfigFile $cf)
{
$this->_forms = array();
foreach (static::$all as $form) {
$class = static::get($form);
$this->_forms[] = new $class($cf);
}
}
/**
* Processes forms, returns true on successful save
*
* @param bool $allow_partial_save allows for partial form saving
* on failed validation
* @param bool $check_form_submit whether check for $_POST['submit_save']
*
* @return boolean whether processing was successful
*/
public function process($allow_partial_save = true, $check_form_submit = true)
{
$ret = true;
foreach ($this->_forms as $form) {
$ret = $ret && $form->process($allow_partial_save, $check_form_submit);
}
return $ret;
}
/**
* Displays errors
*
* @return string HTML for errors
*/
public function displayErrors()
{
$ret = '';
foreach ($this->_forms as $form) {
$ret .= $form->displayErrors();
}
return $ret;
}
/**
* Reverts erroneous fields to their default values
*
* @return void
*/
public function fixErrors()
{
foreach ($this->_forms as $form) {
$form->fixErrors();
}
}
/**
* Tells whether form validation failed
*
* @return boolean
*/
public function hasErrors()
{
$ret = false;
foreach ($this->_forms as $form) {
$ret = $ret || $form->hasErrors();
}
return $ret;
}
/**
* Returns list of fields used in the form.
*
* @return string[]
*/
public static function getFields()
{
$names = [];
foreach (static::$all as $form) {
$class = static::get($form);
$names = array_merge($names, $class::getFields());
}
return $names;
}
}

21
phpMyAdmin/libraries/classes/Config/Forms/Page/BrowseForm.php Executable file
View File

@@ -0,0 +1,21 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\Page;
use PhpMyAdmin\Config\Forms\BaseForm;
use PhpMyAdmin\Config\Forms\User\MainForm;
class BrowseForm extends BaseForm
{
public static function getForms()
{
return [
'Browse' => MainForm::getForms()['Browse']
];
}
}

22
phpMyAdmin/libraries/classes/Config/Forms/Page/DbStructureForm.php Executable file
View File

@@ -0,0 +1,22 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\Page;
use PhpMyAdmin\Config\Forms\BaseForm;
use PhpMyAdmin\Config\Forms\User\MainForm;
class DbStructureForm extends BaseForm
{
public static function getForms()
{
return [
'DbStructure' => MainForm::getForms()['DbStructure']
];
}
}

23
phpMyAdmin/libraries/classes/Config/Forms/Page/EditForm.php Executable file
View File

@@ -0,0 +1,23 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\Page;
use PhpMyAdmin\Config\Forms\BaseForm;
use PhpMyAdmin\Config\Forms\User\MainForm;
use PhpMyAdmin\Config\Forms\User\FeaturesForm;
class EditForm extends BaseForm
{
public static function getForms()
{
return [
'Edit' => MainForm::getForms()['Edit'],
'Text_fields' => FeaturesForm::getForms()['Text_fields'],
];
}
}

12
phpMyAdmin/libraries/classes/Config/Forms/Page/ExportForm.php Executable file
View File

@@ -0,0 +1,12 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\Page;
class ExportForm extends \PhpMyAdmin\Config\Forms\User\ExportForm
{
}

12
phpMyAdmin/libraries/classes/Config/Forms/Page/ImportForm.php Executable file
View File

@@ -0,0 +1,12 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\Page;
class ImportForm extends \PhpMyAdmin\Config\Forms\User\ImportForm
{
}

12
phpMyAdmin/libraries/classes/Config/Forms/Page/NaviForm.php Executable file
View File

@@ -0,0 +1,12 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\Page;
class NaviForm extends \PhpMyAdmin\Config\Forms\User\NaviForm
{
}

25
phpMyAdmin/libraries/classes/Config/Forms/Page/PageFormList.php Executable file
View File

@@ -0,0 +1,25 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* Page preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\Page;
use PhpMyAdmin\Config\Forms\BaseFormList;
class PageFormList extends BaseFormList
{
protected static $all = array(
'Browse',
'DbStructure',
'Edit',
'Export',
'Import',
'Navi',
'Sql',
'TableStructure',
);
protected static $ns = '\\PhpMyAdmin\\Config\\Forms\\Page\\';
}

12
phpMyAdmin/libraries/classes/Config/Forms/Page/SqlForm.php Executable file
View File

@@ -0,0 +1,12 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\Page;
class SqlForm extends \PhpMyAdmin\Config\Forms\User\SqlForm
{
}

22
phpMyAdmin/libraries/classes/Config/Forms/Page/TableStructureForm.php Executable file
View File

@@ -0,0 +1,22 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\Page;
use PhpMyAdmin\Config\Forms\BaseForm;
use PhpMyAdmin\Config\Forms\User\MainForm;
class TableStructureForm extends BaseForm
{
public static function getForms()
{
return [
'TableStructure' => MainForm::getForms()['TableStructure']
];
}
}

23
phpMyAdmin/libraries/classes/Config/Forms/Setup/ConfigForm.php Executable file
View File

@@ -0,0 +1,23 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\Setup;
use PhpMyAdmin\Config\Forms\BaseForm;
class ConfigForm extends BaseForm
{
public static function getForms()
{
return array(
'Config' => array(
'DefaultLang',
'ServerDefault'
),
);
}
}

12
phpMyAdmin/libraries/classes/Config/Forms/Setup/ExportForm.php Executable file
View File

@@ -0,0 +1,12 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\Setup;
class ExportForm extends \PhpMyAdmin\Config\Forms\User\ExportForm
{
}

63
phpMyAdmin/libraries/classes/Config/Forms/Setup/FeaturesForm.php Executable file
View File

@@ -0,0 +1,63 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\Setup;
class FeaturesForm extends \PhpMyAdmin\Config\Forms\User\FeaturesForm
{
public static function getForms()
{
$result = parent::getForms();
/* Remove only_db/hide_db, we have proper Server form in setup */
$result['Databases'] = array_diff(
$result['Databases'],
['Servers/1/only_db', 'Servers/1/hide_db']
);
/* Following are not available to user */
$result['Import_export'] = array(
'UploadDir',
'SaveDir',
'RecodingEngine' => ':group',
'IconvExtraParams',
':group:end',
'ZipDump',
'GZipDump',
'BZipDump',
'CompressOnFly'
);
$result['Security'] = array(
'blowfish_secret',
'CheckConfigurationPermissions',
'TrustedProxies',
'AllowUserDropDatabase',
'AllowArbitraryServer',
'ArbitraryServerRegexp',
'LoginCookieRecall',
'LoginCookieStore',
'LoginCookieDeleteAll',
'CaptchaLoginPublicKey',
'CaptchaLoginPrivateKey'
);
$result['Developer'] = array(
'UserprefsDeveloperTab',
'DBG/sql',
);
$result['Other_core_settings'] = array(
'OBGzip',
'PersistentConnections',
'ExecTimeLimit',
'MemoryLimit',
'UseDbSearch',
'ProxyUrl',
'ProxyUser',
'ProxyPass',
'AllowThirdPartyFraming',
'ZeroConf',
);
return $result;
}
}

12
phpMyAdmin/libraries/classes/Config/Forms/Setup/ImportForm.php Executable file
View File

@@ -0,0 +1,12 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\Setup;
class ImportForm extends \PhpMyAdmin\Config\Forms\User\ImportForm
{
}

20
phpMyAdmin/libraries/classes/Config/Forms/Setup/MainForm.php Executable file
View File

@@ -0,0 +1,20 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\Setup;
class MainForm extends \PhpMyAdmin\Config\Forms\User\MainForm
{
public static function getForms()
{
$result = parent::getForms();
/* Following are not available to user */
$result['Startup'][] = 'ShowPhpInfo';
$result['Startup'][] = 'ShowChgPassword';
return $result;
}
}

12
phpMyAdmin/libraries/classes/Config/Forms/Setup/NaviForm.php Executable file
View File

@@ -0,0 +1,12 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\Setup;
class NaviForm extends \PhpMyAdmin\Config\Forms\User\NaviForm
{
}

81
phpMyAdmin/libraries/classes/Config/Forms/Setup/ServersForm.php Executable file
View File

@@ -0,0 +1,81 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\Setup;
use PhpMyAdmin\Config\Forms\BaseForm;
class ServersForm extends BaseForm
{
public static function getForms()
{
return array(
'Server' => array('Servers' => array(1 => array(
'verbose',
'host',
'port',
'socket',
'ssl',
'compress'))),
'Server_auth' => array('Servers' => array(1 => array(
'auth_type',
':group:' . __('Config authentication'),
'user',
'password',
':group:end',
':group:' . __('HTTP authentication'),
'auth_http_realm',
':group:end',
':group:' . __('Signon authentication'),
'SignonSession',
'SignonURL',
'LogoutURL'))),
'Server_config' => array('Servers' => array(1 => array(
'only_db',
'hide_db',
'AllowRoot',
'AllowNoPassword',
'DisableIS',
'AllowDeny/order',
'AllowDeny/rules',
'SessionTimeZone'))),
'Server_pmadb' => array('Servers' => array(1 => array(
'pmadb' => 'phpmyadmin',
'controlhost',
'controlport',
'controluser',
'controlpass',
'bookmarktable' => 'pma__bookmark',
'relation' => 'pma__relation',
'userconfig' => 'pma__userconfig',
'users' => 'pma__users',
'usergroups' => 'pma__usergroups',
'navigationhiding' => 'pma__navigationhiding',
'table_info' => 'pma__table_info',
'column_info' => 'pma__column_info',
'history' => 'pma__history',
'recent' => 'pma__recent',
'favorite' => 'pma__favorite',
'table_uiprefs' => 'pma__table_uiprefs',
'tracking' => 'pma__tracking',
'table_coords' => 'pma__table_coords',
'pdf_pages' => 'pma__pdf_pages',
'savedsearches' => 'pma__savedsearches',
'central_columns' => 'pma__central_columns',
'designer_settings' => 'pma__designer_settings',
'export_templates' => 'pma__export_templates',
'MaxTableUiprefs' => 100))),
'Server_tracking' => array('Servers' => array(1 => array(
'tracking_version_auto_create',
'tracking_default_statements',
'tracking_add_drop_view',
'tracking_add_drop_table',
'tracking_add_drop_database',
))),
);
}
}

25
phpMyAdmin/libraries/classes/Config/Forms/Setup/SetupFormList.php Executable file
View File

@@ -0,0 +1,25 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* Setup preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\Setup;
use PhpMyAdmin\Config\Forms\BaseFormList;
class SetupFormList extends BaseFormList
{
protected static $all = array(
'Config',
'Export',
'Features',
'Import',
'Main',
'Navi',
'Servers',
'Sql',
);
protected static $ns = '\\PhpMyAdmin\\Config\\Forms\\Setup\\';
}

19
phpMyAdmin/libraries/classes/Config/Forms/Setup/SqlForm.php Executable file
View File

@@ -0,0 +1,19 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\Setup;
class SqlForm extends \PhpMyAdmin\Config\Forms\User\SqlForm
{
public static function getForms()
{
$result = parent::getForms();
/* Following are not available to user */
$result['Sql_queries'][] = 'QueryHistoryDB';
return $result;
}
}

142
phpMyAdmin/libraries/classes/Config/Forms/User/ExportForm.php Executable file
View File

@@ -0,0 +1,142 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\User;
use PhpMyAdmin\Config\Forms\BaseForm;
class ExportForm extends BaseForm
{
public static function getForms()
{
return array(
'Export_defaults' => array(
'Export/method',
':group:' . __('Quick'),
'Export/quick_export_onserver',
'Export/quick_export_onserver_overwrite',
':group:end',
':group:' . __('Custom'),
'Export/format',
'Export/compression',
'Export/charset',
'Export/lock_tables',
'Export/as_separate_files',
'Export/asfile' => ':group',
'Export/onserver',
'Export/onserver_overwrite',
':group:end',
'Export/file_template_table',
'Export/file_template_database',
'Export/file_template_server'
),
'Sql' => array(
'Export/sql_include_comments' => ':group',
'Export/sql_dates',
'Export/sql_relation',
'Export/sql_mime',
':group:end',
'Export/sql_use_transaction',
'Export/sql_disable_fk',
'Export/sql_views_as_tables',
'Export/sql_metadata',
'Export/sql_compatibility',
'Export/sql_structure_or_data',
':group:' . __('Structure'),
'Export/sql_drop_database',
'Export/sql_create_database',
'Export/sql_drop_table',
'Export/sql_create_table' => ':group',
'Export/sql_if_not_exists',
'Export/sql_auto_increment',
':group:end',
'Export/sql_create_view',
'Export/sql_procedure_function',
'Export/sql_create_trigger',
'Export/sql_backquotes',
':group:end',
':group:' . __('Data'),
'Export/sql_delayed',
'Export/sql_ignore',
'Export/sql_type',
'Export/sql_insert_syntax',
'Export/sql_max_query_size',
'Export/sql_hex_for_binary',
'Export/sql_utc_time'
),
'CodeGen' => array(
'Export/codegen_format'
),
'Csv' => array(
':group:' . __('CSV'),
'Export/csv_separator',
'Export/csv_enclosed',
'Export/csv_escaped',
'Export/csv_terminated',
'Export/csv_null',
'Export/csv_removeCRLF',
'Export/csv_columns',
':group:end',
':group:' . __('CSV for MS Excel'),
'Export/excel_null',
'Export/excel_removeCRLF',
'Export/excel_columns',
'Export/excel_edition'
),
'Latex' => array(
'Export/latex_caption',
'Export/latex_structure_or_data',
':group:' . __('Structure'),
'Export/latex_structure_caption',
'Export/latex_structure_continued_caption',
'Export/latex_structure_label',
'Export/latex_relation',
'Export/latex_comments',
'Export/latex_mime',
':group:end',
':group:' . __('Data'),
'Export/latex_columns',
'Export/latex_data_caption',
'Export/latex_data_continued_caption',
'Export/latex_data_label',
'Export/latex_null'
),
'Microsoft_Office' => array(
':group:' . __('Microsoft Word 2000'),
'Export/htmlword_structure_or_data',
'Export/htmlword_null',
'Export/htmlword_columns'),
'Open_Document' => array(
':group:' . __('OpenDocument Spreadsheet'),
'Export/ods_columns',
'Export/ods_null',
':group:end',
':group:' . __('OpenDocument Text'),
'Export/odt_structure_or_data',
':group:' . __('Structure'),
'Export/odt_relation',
'Export/odt_comments',
'Export/odt_mime',
':group:end',
':group:' . __('Data'),
'Export/odt_columns',
'Export/odt_null'
),
'Texy' => array(
'Export/texytext_structure_or_data',
':group:' . __('Data'),
'Export/texytext_null',
'Export/texytext_columns'
),
);
}
public static function getName()
{
return __('Export');
}
}

84
phpMyAdmin/libraries/classes/Config/Forms/User/FeaturesForm.php Executable file
View File

@@ -0,0 +1,84 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\User;
use PhpMyAdmin\Config\Forms\BaseForm;
class FeaturesForm extends BaseForm
{
public static function getForms()
{
$result = array(
'General' => array(
'VersionCheck',
'NaturalOrder',
'InitialSlidersState',
'SkipLockedTables',
'DisableMultiTableMaintenance',
'ShowHint',
'SendErrorReports',
'ConsoleEnterExecutes',
'DisableShortcutKeys',
'FontSize',
),
'Databases' => array(
'Servers/1/only_db', // saves to Server/only_db
'Servers/1/hide_db', // saves to Server/hide_db
'MaxDbList',
'MaxTableList',
'DefaultConnectionCollation',
),
'Text_fields' => array(
'CharEditing',
'MinSizeForInputField',
'MaxSizeForInputField',
'CharTextareaCols',
'CharTextareaRows',
'TextareaCols',
'TextareaRows',
'LongtextDoubleTextarea'
),
'Page_titles' => array(
'TitleDefault',
'TitleTable',
'TitleDatabase',
'TitleServer'
),
'Warnings' => array(
'PmaNoRelation_DisableWarning',
'SuhosinDisableWarning',
'LoginCookieValidityDisableWarning',
'ReservedWordDisableWarning'
),
'Console' => array(
'Console/Mode',
'Console/StartHistory',
'Console/AlwaysExpand',
'Console/CurrentQuery',
'Console/EnterExecutes',
'Console/DarkTheme',
'Console/Height',
'Console/GroupQueries',
'Console/OrderBy',
'Console/Order',
),
);
// skip Developer form if no setting is available
if ($GLOBALS['cfg']['UserprefsDeveloperTab']) {
$result['Developer'] = array(
'DBG/sql'
);
}
return $result;
}
public static function getName()
{
return __('Features');
}
}

60
phpMyAdmin/libraries/classes/Config/Forms/User/ImportForm.php Executable file
View File

@@ -0,0 +1,60 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\User;
use PhpMyAdmin\Config\Forms\BaseForm;
class ImportForm extends BaseForm
{
public static function getForms()
{
return array(
'Import_defaults' => array(
'Import/format',
'Import/charset',
'Import/allow_interrupt',
'Import/skip_queries'
),
'Sql' => array(
'Import/sql_compatibility',
'Import/sql_no_auto_value_on_zero',
'Import/sql_read_as_multibytes'
),
'Csv' => array(
':group:' . __('CSV'),
'Import/csv_replace',
'Import/csv_ignore',
'Import/csv_terminated',
'Import/csv_enclosed',
'Import/csv_escaped',
'Import/csv_col_names',
':group:end',
':group:' . __('CSV using LOAD DATA'),
'Import/ldi_replace',
'Import/ldi_ignore',
'Import/ldi_terminated',
'Import/ldi_enclosed',
'Import/ldi_escaped',
'Import/ldi_local_option'
),
'Open_Document' => array(
':group:' . __('OpenDocument Spreadsheet'),
'Import/ods_col_names',
'Import/ods_empty_rows',
'Import/ods_recognize_percentages',
'Import/ods_recognize_currency'
),
);
}
public static function getName()
{
return __('Import');
}
}

86
phpMyAdmin/libraries/classes/Config/Forms/User/MainForm.php Executable file
View File

@@ -0,0 +1,86 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\User;
use PhpMyAdmin\Config\Forms\BaseForm;
class MainForm extends BaseForm
{
public static function getForms()
{
return array(
'Startup' => array(
'ShowCreateDb',
'ShowStats',
'ShowServerInfo'
),
'DbStructure' => array(
'ShowDbStructureCharset',
'ShowDbStructureComment',
'ShowDbStructureCreation',
'ShowDbStructureLastUpdate',
'ShowDbStructureLastCheck'
),
'TableStructure' => array(
'HideStructureActions',
'ShowColumnComments',
':group:' . __('Default transformations'),
'DefaultTransformations/Hex',
'DefaultTransformations/Substring',
'DefaultTransformations/Bool2Text',
'DefaultTransformations/External',
'DefaultTransformations/PreApPend',
'DefaultTransformations/DateFormat',
'DefaultTransformations/Inline',
'DefaultTransformations/TextImageLink',
'DefaultTransformations/TextLink',
':group:end'
),
'Browse' => array(
'TableNavigationLinksMode',
'ActionLinksMode',
'ShowAll',
'MaxRows',
'Order',
'BrowsePointerEnable',
'BrowseMarkerEnable',
'GridEditing',
'SaveCellsAtOnce',
'RepeatCells',
'LimitChars',
'RowActionLinks',
'RowActionLinksWithoutUnique',
'TablePrimaryKeyOrder',
'RememberSorting',
'RelationalDisplay'
),
'Edit' => array(
'ProtectBinary',
'ShowFunctionFields',
'ShowFieldTypesInDataEditView',
'InsertRows',
'ForeignKeyDropdownOrder',
'ForeignKeyMaxLimit'
),
'Tabs' => array(
'TabsMode',
'DefaultTabServer',
'DefaultTabDatabase',
'DefaultTabTable'
),
'DisplayRelationalSchema' => array(
'PDFDefaultPageSize'
),
);
}
public static function getName()
{
return __('Main panel');
}
}

61
phpMyAdmin/libraries/classes/Config/Forms/User/NaviForm.php Executable file
View File

@@ -0,0 +1,61 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\User;
use PhpMyAdmin\Config\Forms\BaseForm;
class NaviForm extends BaseForm
{
public static function getForms()
{
return array(
'Navi_panel' => array(
'ShowDatabasesNavigationAsTree',
'NavigationLinkWithMainPanel',
'NavigationDisplayLogo',
'NavigationLogoLink',
'NavigationLogoLinkWindow',
'NavigationTreePointerEnable',
'FirstLevelNavigationItems',
'NavigationTreeDisplayItemFilterMinimum',
'NumRecentTables',
'NumFavoriteTables',
'NavigationWidth',
),
'Navi_tree' => array(
'MaxNavigationItems',
'NavigationTreeEnableGrouping',
'NavigationTreeEnableExpansion',
'NavigationTreeShowTables',
'NavigationTreeShowViews',
'NavigationTreeShowFunctions',
'NavigationTreeShowProcedures',
'NavigationTreeShowEvents'
),
'Navi_servers' => array(
'NavigationDisplayServers',
'DisplayServersList',
),
'Navi_databases' => array(
'NavigationTreeDisplayDbFilterMinimum',
'NavigationTreeDbSeparator'
),
'Navi_tables' => array(
'NavigationTreeDefaultTabTable',
'NavigationTreeDefaultTabTable2',
'NavigationTreeTableSeparator',
'NavigationTreeTableLevel',
),
);
}
public static function getName()
{
return __('Navigation panel');
}
}

42
phpMyAdmin/libraries/classes/Config/Forms/User/SqlForm.php Executable file
View File

@@ -0,0 +1,42 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\User;
use PhpMyAdmin\Config\Forms\BaseForm;
class SqlForm extends BaseForm
{
public static function getForms()
{
return array(
'Sql_queries' => array(
'ShowSQL',
'Confirm',
'QueryHistoryMax',
'IgnoreMultiSubmitErrors',
'MaxCharactersInDisplayedSQL',
'RetainQueryBox',
'CodemirrorEnable',
'LintEnable',
'EnableAutocompleteForTablesAndColumns',
'DefaultForeignKeyChecks',
),
'Sql_box' => array(
'SQLQuery/Edit',
'SQLQuery/Explain',
'SQLQuery/ShowAsPHP',
'SQLQuery/Refresh',
),
);
}
public static function getName()
{
return __('SQL queries');
}
}

23
phpMyAdmin/libraries/classes/Config/Forms/User/UserFormList.php Executable file
View File

@@ -0,0 +1,23 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* User preferences form
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config\Forms\User;
use PhpMyAdmin\Config\Forms\BaseFormList;
class UserFormList extends BaseFormList
{
protected static $all = array(
'Features',
'Sql',
'Navi',
'Main',
'Import',
'Export',
);
protected static $ns = '\\PhpMyAdmin\\Config\\Forms\\User\\';
}

231
phpMyAdmin/libraries/classes/Config/PageSettings.php Executable file
View File

@@ -0,0 +1,231 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* Page-related settings
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config;
use PhpMyAdmin\Config\ConfigFile;
use PhpMyAdmin\Config\FormDisplay;
use PhpMyAdmin\Config\Forms\Page\PageFormList;
use PhpMyAdmin\Core;
use PhpMyAdmin\Message;
use PhpMyAdmin\Response;
use PhpMyAdmin\UserPreferences;
/**
* Page-related settings
*
* @package PhpMyAdmin
*/
class PageSettings
{
/**
* Contains id of the form element
* @var string
*/
private $_elemId = 'page_settings_modal';
/**
* Name of the group to show
* @var string
*/
private $_groupName = '';
/**
* Contains HTML of errors
* @var string
*/
private $_errorHTML = '';
/**
* Contains HTML of settings
* @var string
*/
private $_HTML = '';
/**
* @var UserPreferences
*/
private $userPreferences;
/**
* Constructor
*
* @param string $formGroupName The name of config form group to display
* @param string $elemId Id of the div containing settings
*/
public function __construct($formGroupName, $elemId = null)
{
$this->userPreferences = new UserPreferences();
$form_class = PageFormList::get($formGroupName);
if (is_null($form_class)) {
return;
}
if (isset($_REQUEST['printview']) && $_REQUEST['printview'] == '1') {
return;
}
if (!empty($elemId)) {
$this->_elemId = $elemId;
}
$this->_groupName = $formGroupName;
$cf = new ConfigFile($GLOBALS['PMA_Config']->base_settings);
$this->userPreferences->pageInit($cf);
$form_display = new $form_class($cf);
// Process form
$error = null;
if (isset($_POST['submit_save'])
&& $_POST['submit_save'] == $formGroupName
) {
$this->_processPageSettings($form_display, $cf, $error);
}
// Display forms
$this->_HTML = $this->_getPageSettingsDisplay($form_display, $error);
}
/**
* Process response to form
*
* @param FormDisplay &$form_display Form
* @param ConfigFile &$cf Configuration file
* @param Message|null &$error Error message
*
* @return void
*/
private function _processPageSettings(&$form_display, &$cf, &$error)
{
if ($form_display->process(false) && !$form_display->hasErrors()) {
// save settings
$result = $this->userPreferences->save($cf->getConfigArray());
if ($result === true) {
// reload page
$response = Response::getInstance();
Core::sendHeaderLocation(
$response->getFooter()->getSelfUrl('unencoded')
);
exit();
} else {
$error = $result;
}
}
}
/**
* Store errors in _errorHTML
*
* @param FormDisplay &$form_display Form
* @param Message|null &$error Error message
*
* @return void
*/
private function _storeError(&$form_display, &$error)
{
$retval = '';
if ($error) {
$retval .= $error->getDisplay();
}
if ($form_display->hasErrors()) {
// form has errors
$retval .= '<div class="error config-form">'
. '<b>' . __(
'Cannot save settings, submitted configuration form contains '
. 'errors!'
) . '</b>'
. $form_display->displayErrors()
. '</div>';
}
$this->_errorHTML = $retval;
}
/**
* Display page-related settings
*
* @param FormDisplay &$form_display Form
* @param Message &$error Error message
*
* @return string
*/
private function _getPageSettingsDisplay(&$form_display, &$error)
{
$response = Response::getInstance();
$retval = '';
$this->_storeError($form_display, $error);
$retval .= '<div id="' . $this->_elemId . '">';
$retval .= '<div class="page_settings">';
$retval .= $form_display->getDisplay(
true,
true,
false,
$response->getFooter()->getSelfUrl(),
array(
'submit_save' => $this->_groupName
)
);
$retval .= '</div>';
$retval .= '</div>';
return $retval;
}
/**
* Get HTML output
*
* @return string
*/
public function getHTML()
{
return $this->_HTML;
}
/**
* Get error HTML output
*
* @return string
*/
public function getErrorHTML()
{
return $this->_errorHTML;
}
/**
* Group to show for Page-related settings
* @param string $formGroupName The name of config form group to display
* @return PageSettings
*/
public static function showGroup($formGroupName)
{
$object = new PageSettings($formGroupName);
$response = Response::getInstance();
$response->addHTML($object->getErrorHTML());
$response->addHTML($object->getHTML());
return $object;
}
/**
* Get HTML for navigation settings
* @return string
*/
public static function getNaviSettings()
{
$object = new PageSettings('Navi', 'pma_navigation_settings');
$response = Response::getInstance();
$response->addHTML($object->getErrorHTML());
return $object->getHTML();
}
}

560
phpMyAdmin/libraries/classes/Config/ServerConfigChecks.php Executable file
View File

@@ -0,0 +1,560 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* Server config checks management
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config;
use PhpMyAdmin\Config\ConfigFile;
use PhpMyAdmin\Config\Descriptions;
use PhpMyAdmin\Core;
use PhpMyAdmin\Sanitize;
use PhpMyAdmin\Setup\Index as SetupIndex;
use PhpMyAdmin\Url;
use PhpMyAdmin\Util;
/**
* Performs various compatibility, security and consistency checks on current config
*
* Outputs results to message list, must be called between SetupIndex::messagesBegin()
* and SetupIndex::messagesEnd()
*
* @package PhpMyAdmin
*/
class ServerConfigChecks
{
/**
* @var ConfigFile configurations being checked
*/
protected $cfg;
/**
* Constructor.
*
* @param ConfigFile $cfg Configuration
*/
public function __construct(ConfigFile $cfg)
{
$this->cfg = $cfg;
}
/**
* Perform config checks
*
* @return void
*/
public function performConfigChecks()
{
$blowfishSecret = $this->cfg->get('blowfish_secret');
$blowfishSecretSet = false;
$cookieAuthUsed = false;
list($cookieAuthUsed, $blowfishSecret, $blowfishSecretSet)
= $this->performConfigChecksServers(
$cookieAuthUsed, $blowfishSecret, $blowfishSecretSet
);
$this->performConfigChecksCookieAuthUsed(
$cookieAuthUsed, $blowfishSecretSet,
$blowfishSecret
);
//
// $cfg['AllowArbitraryServer']
// should be disabled
//
if ($this->cfg->getValue('AllowArbitraryServer')) {
$sAllowArbitraryServerWarn = sprintf(
__(
'This %soption%s should be disabled as it allows attackers to '
. 'bruteforce login to any MySQL server. If you feel this is necessary, '
. 'use %srestrict login to MySQL server%s or %strusted proxies list%s. '
. 'However, IP-based protection with trusted proxies list may not be '
. 'reliable if your IP belongs to an ISP where thousands of users, '
. 'including you, are connected to.'
),
'[a@' . Url::getCommon(array('page' => 'form', 'formset' => 'Features')) . '#tab_Security]',
'[/a]',
'[a@' . Url::getCommon(array('page' => 'form', 'formset' => 'Features')) . '#tab_Security]',
'[/a]',
'[a@' . Url::getCommon(array('page' => 'form', 'formset' => 'Features')) . '#tab_Security]',
'[/a]'
);
SetupIndex::messagesSet(
'notice',
'AllowArbitraryServer',
Descriptions::get('AllowArbitraryServer'),
Sanitize::sanitize($sAllowArbitraryServerWarn)
);
}
$this->performConfigChecksLoginCookie();
$sDirectoryNotice = __(
'This value should be double checked to ensure that this directory is '
. 'neither world accessible nor readable or writable by other users on '
. 'your server.'
);
//
// $cfg['SaveDir']
// should not be world-accessible
//
if ($this->cfg->getValue('SaveDir') != '') {
SetupIndex::messagesSet(
'notice',
'SaveDir',
Descriptions::get('SaveDir'),
Sanitize::sanitize($sDirectoryNotice)
);
}
//
// $cfg['TempDir']
// should not be world-accessible
//
if ($this->cfg->getValue('TempDir') != '') {
SetupIndex::messagesSet(
'notice',
'TempDir',
Descriptions::get('TempDir'),
Sanitize::sanitize($sDirectoryNotice)
);
}
$this->performConfigChecksZips();
}
/**
* Check config of servers
*
* @param boolean $cookieAuthUsed Cookie auth is used
* @param string $blowfishSecret Blowfish secret
* @param boolean $blowfishSecretSet Blowfish secret set
*
* @return array
*/
protected function performConfigChecksServers(
$cookieAuthUsed, $blowfishSecret,
$blowfishSecretSet
) {
$serverCnt = $this->cfg->getServerCount();
for ($i = 1; $i <= $serverCnt; $i++) {
$cookieAuthServer
= ($this->cfg->getValue("Servers/$i/auth_type") == 'cookie');
$cookieAuthUsed |= $cookieAuthServer;
$serverName = $this->performConfigChecksServersGetServerName(
$this->cfg->getServerName($i), $i
);
$serverName = htmlspecialchars($serverName);
list($blowfishSecret, $blowfishSecretSet)
= $this->performConfigChecksServersSetBlowfishSecret(
$blowfishSecret, $cookieAuthServer, $blowfishSecretSet
);
//
// $cfg['Servers'][$i]['ssl']
// should be enabled if possible
//
if (!$this->cfg->getValue("Servers/$i/ssl")) {
$title = Descriptions::get('Servers/1/ssl') . " ($serverName)";
SetupIndex::messagesSet(
'notice',
"Servers/$i/ssl",
$title,
__(
'You should use SSL connections if your database server '
. 'supports it.'
)
);
}
$sSecurityInfoMsg = Sanitize::sanitize(sprintf(
__(
'If you feel this is necessary, use additional protection settings - '
. '%1$shost authentication%2$s settings and %3$strusted proxies list%4%s. '
. 'However, IP-based protection may not be reliable if your IP belongs '
. 'to an ISP where thousands of users, including you, are connected to.'
),
'[a@' . Url::getCommon(array('page' => 'servers', 'mode' => 'edit', 'id' => $i)) . '#tab_Server_config]',
'[/a]',
'[a@' . Url::getCommon(array('page' => 'form', 'formset' => 'Features')) . '#tab_Security]',
'[/a]'
));
//
// $cfg['Servers'][$i]['auth_type']
// warn about full user credentials if 'auth_type' is 'config'
//
if ($this->cfg->getValue("Servers/$i/auth_type") == 'config'
&& $this->cfg->getValue("Servers/$i/user") != ''
&& $this->cfg->getValue("Servers/$i/password") != ''
) {
$title = Descriptions::get('Servers/1/auth_type')
. " ($serverName)";
SetupIndex::messagesSet(
'notice',
"Servers/$i/auth_type",
$title,
Sanitize::sanitize(sprintf(
__(
'You set the [kbd]config[/kbd] authentication type and included '
. 'username and password for auto-login, which is not a desirable '
. 'option for live hosts. Anyone who knows or guesses your phpMyAdmin '
. 'URL can directly access your phpMyAdmin panel. Set %1$sauthentication '
. 'type%2$s to [kbd]cookie[/kbd] or [kbd]http[/kbd].'
),
'[a@' . Url::getCommon(array('page' => 'servers', 'mode' => 'edit', 'id' => $i)) . '#tab_Server]',
'[/a]'
))
. ' ' . $sSecurityInfoMsg
);
}
//
// $cfg['Servers'][$i]['AllowRoot']
// $cfg['Servers'][$i]['AllowNoPassword']
// serious security flaw
//
if ($this->cfg->getValue("Servers/$i/AllowRoot")
&& $this->cfg->getValue("Servers/$i/AllowNoPassword")
) {
$title = Descriptions::get('Servers/1/AllowNoPassword')
. " ($serverName)";
SetupIndex::messagesSet(
'notice',
"Servers/$i/AllowNoPassword",
$title,
__('You allow for connecting to the server without a password.')
. ' ' . $sSecurityInfoMsg
);
}
}
return array($cookieAuthUsed, $blowfishSecret, $blowfishSecretSet);
}
/**
* Set blowfish secret
*
* @param string $blowfishSecret Blowfish secret
* @param boolean $cookieAuthServer Cookie auth is used
* @param boolean $blowfishSecretSet Blowfish secret set
*
* @return array
*/
protected function performConfigChecksServersSetBlowfishSecret(
$blowfishSecret, $cookieAuthServer, $blowfishSecretSet
) {
if ($cookieAuthServer && $blowfishSecret === null) {
$blowfishSecretSet = true;
$this->cfg->set('blowfish_secret', Util::generateRandom(32));
}
return array($blowfishSecret, $blowfishSecretSet);
}
/**
* Define server name
*
* @param string $serverName Server name
* @param int $serverId Server id
*
* @return string Server name
*/
protected function performConfigChecksServersGetServerName(
$serverName, $serverId
) {
if ($serverName == 'localhost') {
$serverName .= " [$serverId]";
return $serverName;
}
return $serverName;
}
/**
* Perform config checks for zip part.
*
* @return void
*/
protected function performConfigChecksZips() {
$this->performConfigChecksServerGZipdump();
$this->performConfigChecksServerBZipdump();
$this->performConfigChecksServersZipdump();
}
/**
* Perform config checks for zip part.
*
* @return void
*/
protected function performConfigChecksServersZipdump() {
//
// $cfg['ZipDump']
// requires zip_open in import
//
if ($this->cfg->getValue('ZipDump') && !$this->functionExists('zip_open')) {
SetupIndex::messagesSet(
'error',
'ZipDump_import',
Descriptions::get('ZipDump'),
Sanitize::sanitize(sprintf(
__(
'%sZip decompression%s requires functions (%s) which are unavailable '
. 'on this system.'
),
'[a@' . Url::getCommon(array('page' => 'form', 'formset' => 'Features')) . '#tab_Import_export]',
'[/a]',
'zip_open'
))
);
}
//
// $cfg['ZipDump']
// requires gzcompress in export
//
if ($this->cfg->getValue('ZipDump') && !$this->functionExists('gzcompress')) {
SetupIndex::messagesSet(
'error',
'ZipDump_export',
Descriptions::get('ZipDump'),
Sanitize::sanitize(sprintf(
__(
'%sZip compression%s requires functions (%s) which are unavailable on '
. 'this system.'
),
'[a@' . Url::getCommon(array('page' => 'form', 'formset' => 'Features')) . '#tab_Import_export]',
'[/a]',
'gzcompress'
))
);
}
}
/**
* Check config of servers
*
* @param boolean $cookieAuthUsed Cookie auth is used
* @param boolean $blowfishSecretSet Blowfish secret set
* @param string $blowfishSecret Blowfish secret
*
* @return array
*/
protected function performConfigChecksCookieAuthUsed(
$cookieAuthUsed, $blowfishSecretSet,
$blowfishSecret
) {
//
// $cfg['blowfish_secret']
// it's required for 'cookie' authentication
//
if ($cookieAuthUsed) {
if ($blowfishSecretSet) {
// 'cookie' auth used, blowfish_secret was generated
SetupIndex::messagesSet(
'notice',
'blowfish_secret_created',
Descriptions::get('blowfish_secret'),
Sanitize::sanitize(__(
'You didn\'t have blowfish secret set and have enabled '
. '[kbd]cookie[/kbd] authentication, so a key was automatically '
. 'generated for you. It is used to encrypt cookies; you don\'t need to '
. 'remember it.'
))
);
} else {
$blowfishWarnings = array();
// check length
if (strlen($blowfishSecret) < 32) {
// too short key
$blowfishWarnings[] = __(
'Key is too short, it should have at least 32 characters.'
);
}
// check used characters
$hasDigits = (bool)preg_match('/\d/', $blowfishSecret);
$hasChars = (bool)preg_match('/\S/', $blowfishSecret);
$hasNonword = (bool)preg_match('/\W/', $blowfishSecret);
if (!$hasDigits || !$hasChars || !$hasNonword) {
$blowfishWarnings[] = Sanitize::sanitize(
__(
'Key should contain letters, numbers [em]and[/em] '
. 'special characters.'
)
);
}
if (!empty($blowfishWarnings)) {
SetupIndex::messagesSet(
'error',
'blowfish_warnings' . count($blowfishWarnings),
Descriptions::get('blowfish_secret'),
implode('<br />', $blowfishWarnings)
);
}
}
}
}
/**
* Check configuration for login cookie
*
* @return void
*/
protected function performConfigChecksLoginCookie() {
//
// $cfg['LoginCookieValidity']
// value greater than session.gc_maxlifetime will cause
// random session invalidation after that time
$loginCookieValidity = $this->cfg->getValue('LoginCookieValidity');
if ($loginCookieValidity > ini_get('session.gc_maxlifetime')
) {
SetupIndex::messagesSet(
'error',
'LoginCookieValidity',
Descriptions::get('LoginCookieValidity'),
Sanitize::sanitize(sprintf(
__(
'%1$sLogin cookie validity%2$s greater than %3$ssession.gc_maxlifetime%4$s may '
. 'cause random session invalidation (currently session.gc_maxlifetime '
. 'is %5$d).'
),
'[a@' . Url::getCommon(array('page' => 'form', 'formset' => 'Features')) . '#tab_Security]',
'[/a]',
'[a@' . Core::getPHPDocLink('session.configuration.php#ini.session.gc-maxlifetime') . ']',
'[/a]',
ini_get('session.gc_maxlifetime')
))
);
}
//
// $cfg['LoginCookieValidity']
// should be at most 1800 (30 min)
//
if ($loginCookieValidity > 1800) {
SetupIndex::messagesSet(
'notice',
'LoginCookieValidity',
Descriptions::get('LoginCookieValidity'),
Sanitize::sanitize(sprintf(
__(
'%sLogin cookie validity%s should be set to 1800 seconds (30 minutes) '
. 'at most. Values larger than 1800 may pose a security risk such as '
. 'impersonation.'
),
'[a@' . Url::getCommon(array('page' => 'form', 'formset' => 'Features')) . '#tab_Security]',
'[/a]'
))
);
}
//
// $cfg['LoginCookieValidity']
// $cfg['LoginCookieStore']
// LoginCookieValidity must be less or equal to LoginCookieStore
//
if (($this->cfg->getValue('LoginCookieStore') != 0)
&& ($loginCookieValidity > $this->cfg->getValue('LoginCookieStore'))
) {
SetupIndex::messagesSet(
'error',
'LoginCookieValidity',
Descriptions::get('LoginCookieValidity'),
Sanitize::sanitize(sprintf(
__(
'If using [kbd]cookie[/kbd] authentication and %sLogin cookie store%s '
. 'is not 0, %sLogin cookie validity%s must be set to a value less or '
. 'equal to it.'
),
'[a@' . Url::getCommon(array('page' => 'form', 'formset' => 'Features')) . '#tab_Security]',
'[/a]',
'[a@' . Url::getCommon(array('page' => 'form', 'formset' => 'Features')) . '#tab_Security]',
'[/a]'
))
);
}
}
/**
* Check GZipDump configuration
*
* @return void
*/
protected function performConfigChecksServerBZipdump()
{
//
// $cfg['BZipDump']
// requires bzip2 functions
//
if ($this->cfg->getValue('BZipDump')
&& (!$this->functionExists('bzopen') || !$this->functionExists('bzcompress'))
) {
$functions = $this->functionExists('bzopen')
? '' :
'bzopen';
$functions .= $this->functionExists('bzcompress')
? ''
: ($functions ? ', ' : '') . 'bzcompress';
SetupIndex::messagesSet(
'error',
'BZipDump',
Descriptions::get('BZipDump'),
Sanitize::sanitize(
sprintf(
__(
'%1$sBzip2 compression and decompression%2$s requires functions (%3$s) which '
. 'are unavailable on this system.'
),
'[a@' . Url::getCommon(array('page' => 'form', 'formset' => 'Features')) . '#tab_Import_export]',
'[/a]',
$functions
)
)
);
}
}
/**
* Check GZipDump configuration
*
* @return void
*/
protected function performConfigChecksServerGZipdump()
{
//
// $cfg['GZipDump']
// requires zlib functions
//
if ($this->cfg->getValue('GZipDump')
&& (!$this->functionExists('gzopen') || !$this->functionExists('gzencode'))
) {
SetupIndex::messagesSet(
'error',
'GZipDump',
Descriptions::get('GZipDump'),
Sanitize::sanitize(sprintf(
__(
'%1$sGZip compression and decompression%2$s requires functions (%3$s) which '
. 'are unavailable on this system.'
),
'[a@' . Url::getCommon(array('page' => 'form', 'formset' => 'Features')) . '#tab_Import_export]',
'[/a]',
'gzencode'
))
);
}
}
/**
* Wrapper around function_exists to allow mock in test
*
* @param string $name Function name
*
* @return boolean
*/
protected function functionExists($name)
{
return function_exists($name);
}
}

589
phpMyAdmin/libraries/classes/Config/Validator.php Executable file
View File

@@ -0,0 +1,589 @@
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* Form validation for configuration editor
*
* @package PhpMyAdmin
*/
namespace PhpMyAdmin\Config;
use PhpMyAdmin\Config\ConfigFile;
use PhpMyAdmin\Core;
use PhpMyAdmin\DatabaseInterface;
use PhpMyAdmin\Util;
/**
* Validation class for various validation functions
*
* Validation function takes two argument: id for which it is called
* and array of fields' values (usually values for entire formset, as defined
* in forms.inc.php).
* The function must always return an array with an error (or error array)
* assigned to a form element (formset name or field path). Even if there are
* no errors, key must be set with an empty value.
*
* Validation functions are assigned in $cfg_db['_validators'] (config.values.php).
*
* @package PhpMyAdmin
*/
class Validator
{
/**
* Returns validator list
*
* @param ConfigFile $cf Config file instance
*
* @return array
*/
public static function getValidators(ConfigFile $cf)
{
static $validators = null;
if ($validators !== null) {
return $validators;
}
$validators = $cf->getDbEntry('_validators', array());
if ($GLOBALS['PMA_Config']->get('is_setup')) {
return $validators;
}
// not in setup script: load additional validators for user
// preferences we need original config values not overwritten
// by user preferences, creating a new PhpMyAdmin\Config instance is a
// better idea than hacking into its code
$uvs = $cf->getDbEntry('_userValidators', array());
foreach ($uvs as $field => $uv_list) {
$uv_list = (array)$uv_list;
foreach ($uv_list as &$uv) {
if (!is_array($uv)) {
continue;
}
for ($i = 1, $nb = count($uv); $i < $nb; $i++) {
if (mb_substr($uv[$i], 0, 6) == 'value:') {
$uv[$i] = Core::arrayRead(
mb_substr($uv[$i], 6),
$GLOBALS['PMA_Config']->base_settings
);
}
}
}
$validators[$field] = isset($validators[$field])
? array_merge((array)$validators[$field], $uv_list)
: $uv_list;
}
return $validators;
}
/**
* Runs validation $validator_id on values $values and returns error list.
*
* Return values:
* o array, keys - field path or formset id, values - array of errors
* when $isPostSource is true values is an empty array to allow for error list
* cleanup in HTML document
* o false - when no validators match name(s) given by $validator_id
*
* @param ConfigFile $cf Config file instance
* @param string|array $validator_id ID of validator(s) to run
* @param array &$values Values to validate
* @param bool $isPostSource tells whether $values are directly from
* POST request
*
* @return bool|array
*/
public static function validate(
ConfigFile $cf, $validator_id, array &$values, $isPostSource
) {
// find validators
$validator_id = (array) $validator_id;
$validators = static::getValidators($cf);
$vids = array();
foreach ($validator_id as &$vid) {
$vid = $cf->getCanonicalPath($vid);
if (isset($validators[$vid])) {
$vids[] = $vid;
}
}
if (empty($vids)) {
return false;
}
// create argument list with canonical paths and remember path mapping
$arguments = array();
$key_map = array();
foreach ($values as $k => $v) {
$k2 = $isPostSource ? str_replace('-', '/', $k) : $k;
$k2 = mb_strpos($k2, '/')
? $cf->getCanonicalPath($k2)
: $k2;
$key_map[$k2] = $k;
$arguments[$k2] = $v;
}
// validate
$result = array();
foreach ($vids as $vid) {
// call appropriate validation functions
foreach ((array)$validators[$vid] as $validator) {
$vdef = (array) $validator;
$vname = array_shift($vdef);
$vname = 'PhpMyAdmin\Config\Validator::' . $vname;
$args = array_merge(array($vid, &$arguments), $vdef);
$r = call_user_func_array($vname, $args);
// merge results
if (!is_array($r)) {
continue;
}
foreach ($r as $key => $error_list) {
// skip empty values if $isPostSource is false
if (! $isPostSource && empty($error_list)) {
continue;
}
if (! isset($result[$key])) {
$result[$key] = array();
}
$result[$key] = array_merge(
$result[$key], (array)$error_list
);
}
}
}
// restore original paths
$new_result = array();
foreach ($result as $k => $v) {
$k2 = isset($key_map[$k]) ? $key_map[$k] : $k;
if (is_array($v)) {
$new_result[$k2] = array_map('htmlspecialchars', $v);
} else {
$new_result[$k2] = htmlspecialchars($v);
}
}
return empty($new_result) ? true : $new_result;
}
/**
* Test database connection
*
* @param string $host host name
* @param string $port tcp port to use
* @param string $socket socket to use
* @param string $user username to use
* @param string $pass password to use
* @param string $error_key key to use in return array
*
* @return bool|array
*/
public static function testDBConnection(
$host,
$port,
$socket,
$user,
$pass = null,
$error_key = 'Server'
) {
if ($GLOBALS['cfg']['DBG']['demo']) {
// Connection test disabled on the demo server!
return true;
}
$error = null;
$host = Core::sanitizeMySQLHost($host);
if (function_exists('error_clear_last')) {
/* PHP 7 only code */
error_clear_last();
}
if (DatabaseInterface::checkDbExtension('mysqli')) {
$socket = empty($socket) ? null : $socket;
$port = empty($port) ? null : $port;
$extension = 'mysqli';
} else {
$socket = empty($socket) ? null : ':' . ($socket[0] == '/' ? '' : '/') . $socket;
$port = empty($port) ? null : ':' . $port;
$extension = 'mysql';
}
if ($extension == 'mysql') {
$conn = @mysql_connect($host . $port . $socket, $user, $pass);
if (! $conn) {
$error = __('Could not connect to the database server!');
} else {
mysql_close($conn);
}
} else {
$conn = @mysqli_connect($host, $user, $pass, null, $port, $socket);
if (! $conn) {
$error = __('Could not connect to the database server!');
} else {
mysqli_close($conn);
}
}
if (! is_null($error)) {
$error .= ' - ' . error_get_last();
}
return is_null($error) ? true : array($error_key => $error);
}
/**
* Validate server config
*
* @param string $path path to config, not used
* keep this parameter since the method is invoked using
* reflection along with other similar methods
* @param array $values config values
*
* @return array
*/
public static function validateServer($path, array $values)
{
$result = array(
'Server' => '',
'Servers/1/user' => '',
'Servers/1/SignonSession' => '',
'Servers/1/SignonURL' => ''
);
$error = false;
if (empty($values['Servers/1/auth_type'])) {
$values['Servers/1/auth_type'] = '';
$result['Servers/1/auth_type'] = __('Invalid authentication type!');
$error = true;
}
if ($values['Servers/1/auth_type'] == 'config'
&& empty($values['Servers/1/user'])
) {
$result['Servers/1/user'] = __(
'Empty username while using [kbd]config[/kbd] authentication method!'
);
$error = true;
}
if ($values['Servers/1/auth_type'] == 'signon'
&& empty($values['Servers/1/SignonSession'])
) {
$result['Servers/1/SignonSession'] = __(
'Empty signon session name '
. 'while using [kbd]signon[/kbd] authentication method!'
);
$error = true;
}
if ($values['Servers/1/auth_type'] == 'signon'
&& empty($values['Servers/1/SignonURL'])
) {
$result['Servers/1/SignonURL'] = __(
'Empty signon URL while using [kbd]signon[/kbd] authentication '
. 'method!'
);
$error = true;
}
if (! $error && $values['Servers/1/auth_type'] == 'config') {
$password = '';
if (! empty($values['Servers/1/password'])) {
$password = $values['Servers/1/password'];
}
$test = static::testDBConnection(
empty($values['Servers/1/host']) ? '' : $values['Servers/1/host'],
empty($values['Servers/1/port']) ? '' : $values['Servers/1/port'],
empty($values['Servers/1/socket']) ? '' : $values['Servers/1/socket'],
empty($values['Servers/1/user']) ? '' : $values['Servers/1/user'],
$password,
'Server'
);
if ($test !== true) {
$result = array_merge($result, $test);
}
}
return $result;
}
/**
* Validate pmadb config
*
* @param string $path path to config, not used
* keep this parameter since the method is invoked using
* reflection along with other similar methods
* @param array $values config values
*
* @return array
*/
public static function validatePMAStorage($path, array $values)
{
$result = array(
'Server_pmadb' => '',
'Servers/1/controluser' => '',
'Servers/1/controlpass' => ''
);
$error = false;
if (empty($values['Servers/1/pmadb'])) {
return $result;
}
$result = array();
if (empty($values['Servers/1/controluser'])) {
$result['Servers/1/controluser'] = __(
'Empty phpMyAdmin control user while using phpMyAdmin configuration '
. 'storage!'
);
$error = true;
}
if (empty($values['Servers/1/controlpass'])) {
$result['Servers/1/controlpass'] = __(
'Empty phpMyAdmin control user password while using phpMyAdmin '
. 'configuration storage!'
);
$error = true;
}
if (! $error) {
$test = static::testDBConnection(
empty($values['Servers/1/host']) ? '' : $values['Servers/1/host'],
empty($values['Servers/1/port']) ? '' : $values['Servers/1/port'],
empty($values['Servers/1/socket']) ? '' : $values['Servers/1/socket'],
empty($values['Servers/1/controluser']) ? '' : $values['Servers/1/controluser'],
empty($values['Servers/1/controlpass']) ? '' : $values['Servers/1/controlpass'],
'Server_pmadb'
);
if ($test !== true) {
$result = array_merge($result, $test);
}
}
return $result;
}
/**
* Validates regular expression
*
* @param string $path path to config
* @param array $values config values
*
* @return array
*/
public static function validateRegex($path, array $values)
{
$result = array($path => '');
if (empty($values[$path])) {
return $result;
}
if (function_exists('error_clear_last')) {
/* PHP 7 only code */
error_clear_last();
$last_error = null;
} else {
// As fallback we trigger another error to ensure
// that preg error will be different
@strpos();
$last_error = error_get_last();
}
$matches = array();
// in libraries/ListDatabase.php _checkHideDatabase(),
// a '/' is used as the delimiter for hide_db
@preg_match('/' . Util::requestString($values[$path]) . '/', '', $matches);
$current_error = error_get_last();
if ($current_error !== $last_error) {
$error = preg_replace('/^preg_match\(\): /', '', $current_error['message']);
return array($path => $error);
}
return $result;
}
/**
* Validates TrustedProxies field
*
* @param string $path path to config
* @param array $values config values
*
* @return array
*/
public static function validateTrustedProxies($path, array $values)
{
$result = array($path => array());
if (empty($values[$path])) {
return $result;
}
if (is_array($values[$path]) || is_object($values[$path])) {
// value already processed by FormDisplay::save
$lines = array();
foreach ($values[$path] as $ip => $v) {
$v = Util::requestString($v);
$lines[] = preg_match('/^-\d+$/', $ip)
? $v
: $ip . ': ' . $v;
}
} else {
// AJAX validation
$lines = explode("\n", $values[$path]);
}
foreach ($lines as $line) {
$line = trim($line);
$matches = array();
// we catch anything that may (or may not) be an IP
if (!preg_match("/^(.+):(?:[ ]?)\\w+$/", $line, $matches)) {
$result[$path][] = __('Incorrect value:') . ' '
. htmlspecialchars($line);
continue;
}
// now let's check whether we really have an IP address
if (filter_var($matches[1], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) === false
&& filter_var($matches[1], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) === false
) {
$ip = htmlspecialchars(trim($matches[1]));
$result[$path][] = sprintf(__('Incorrect IP address: %s'), $ip);
continue;
}
}
return $result;
}
/**
* Tests integer value
*
* @param string $path path to config
* @param array $values config values
* @param bool $allow_neg allow negative values
* @param bool $allow_zero allow zero
* @param int $max_value max allowed value
* @param string $error_string error message string
*
* @return string empty string if test is successful
*/
public static function validateNumber(
$path,
array $values,
$allow_neg,
$allow_zero,
$max_value,
$error_string
) {
if (empty($values[$path])) {
return '';
}
$value = Util::requestString($values[$path]);
if (intval($value) != $value
|| (! $allow_neg && $value < 0)
|| (! $allow_zero && $value == 0)
|| $value > $max_value
) {
return $error_string;
}
return '';
}
/**
* Validates port number
*
* @param string $path path to config
* @param array $values config values
*
* @return array
*/
public static function validatePortNumber($path, array $values)
{
return array(
$path => static::validateNumber(
$path,
$values,
false,
false,
65535,
__('Not a valid port number!')
)
);
}
/**
* Validates positive number
*
* @param string $path path to config
* @param array $values config values
*
* @return array
*/
public static function validatePositiveNumber($path, array $values)
{
return array(
$path => static::validateNumber(
$path,
$values,
false,
false,
PHP_INT_MAX,
__('Not a positive number!')
)
);
}
/**
* Validates non-negative number
*
* @param string $path path to config
* @param array $values config values
*
* @return array
*/
public static function validateNonNegativeNumber($path, array $values)
{
return array(
$path => static::validateNumber(
$path,
$values,
false,
true,
PHP_INT_MAX,
__('Not a non-negative number!')
)
);
}
/**
* Validates value according to given regular expression
* Pattern and modifiers must be a valid for PCRE <b>and</b> JavaScript RegExp
*
* @param string $path path to config
* @param array $values config values
* @param string $regex regular expression to match
*
* @return array
*/
public static function validateByRegex($path, array $values, $regex)
{
if (!isset($values[$path])) {
return '';
}
$result = preg_match($regex, Util::requestString($values[$path]));
return array($path => ($result ? '' : __('Incorrect value!')));
}
/**
* Validates upper bound for numeric inputs
*
* @param string $path path to config
* @param array $values config values
* @param int $max_value maximal allowed value
*
* @return array
*/
public static function validateUpperBound($path, array $values, $max_value)
{
$result = $values[$path] <= $max_value;
return array($path => ($result ? ''
: sprintf(__('Value must be less than or equal to %s!'), $max_value)));
}
}