From 81f94f98517e04341ee38b426b275e678be28fc2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lo=C3=AFc=20Chapeaux?= <lolo@phpheaven.net>
Date: Fri, 16 Nov 2001 14:07:24 +0000
Subject: [PATCH] fixed a bug with headers that may be sent after output

---
 db_details.php3 | 19 ++++++++++--------
 read_dump.php3  | 52 ++++++++++++++++++++++++++++++++++++++++++++++---
 sql.php3        | 44 +++++++++++++++++++++++++++++------------
 3 files changed, 92 insertions(+), 23 deletions(-)

diff --git a/db_details.php3 b/db_details.php3
index ebd260071..f9fafe7ce 100755
--- a/db_details.php3
+++ b/db_details.php3
@@ -26,14 +26,17 @@ $err_url   = 'db_details.php3'
  * Ensures the database exists (else move to the "parent" script) and diplays
  * headers
  */
-// Not a valid db name -> back to the welcome page
-if (!empty($db)) {
-    $is_db = @mysql_select_db($db);
-}
-if (empty($db) || !$is_db) {
-    header('Location: ' . $cfgPmaAbsoluteUri . 'main.php3?lang=' . $lang . '&server=' . $server . (isset($message) ? '&message=' . urlencode($message) : '') . '&reload=1');
-    exit();
-}
+if (!isset($is_db) || !$is_db) {
+    // Not a valid db name -> back to the welcome page
+    if (!empty($db)) {
+        $is_db = @mysql_select_db($db);
+    }
+    if (empty($db) || !$is_db) {
+        header('Location: ' . $cfgPmaAbsoluteUri . 'main.php3?lang=' . $lang . '&server=' . $server . (isset($message) ? '&message=' . urlencode($message) : '') . '&reload=1');
+        exit();
+    }
+} // end if (ensures db exists)
+
 // Displays headers
 if (!isset($message)) {
     $js_to_run = 'functions.js';
diff --git a/read_dump.php3 b/read_dump.php3
index 1e9a305a1..681912dd7 100644
--- a/read_dump.php3
+++ b/read_dump.php3
@@ -276,13 +276,52 @@ if ($sql_query != '') {
 
 
 /**
- * Go back to the calling script
+ * MySQL error
  */
-$js_to_run = 'functions.js';
-require('./header.inc.php3');
 if (isset($my_die)) {
+    $js_to_run = 'functions.js';
+    include('./header.inc.php3');
     mysql_die('', $my_die, '', $err_url);
 }
+
+
+/**
+ * Go back to the calling script
+ */
+// Checks for a valid target script
+if (isset($table) && $table == '') {
+    unset($table);
+}
+if (isset($db) && $db == '') {
+    unset($db);
+}
+$is_db = $is_table = FALSE;
+if ($goto == 'tbl_properties.php3') {
+    if (!isset($table)) {
+        $goto     = 'db_details.php3';
+    } else {
+        $is_table = @mysql_query('SHOW TABLES LIKE \'' . sql_addslashes($table, TRUE) . '\'');
+        if (!@mysql_numrows($is_table)) {
+            $goto = 'db_details.php3';
+            unset($table);
+        }
+    } // end if... else...
+}
+if ($goto == 'db_details.php3') {
+    if (isset($table)) {
+        unset($table);
+    }
+    if (!isset($db)) {
+        $goto     = 'main.php3';
+    } else {
+        $is_db    = @mysql_select_db($db);
+        if (!$is_db) {
+            $goto = 'main.php3';
+            unset($db);
+        }
+    } // end if... else...
+}
+// Defines the message to be displayed
 if (!empty($id_bookmark) && $action_bookmark == 2) {
     $message   = $strBookmarkDeleted;
 } else if (!isset($sql_query_cpy)) {
@@ -292,5 +331,12 @@ if (!empty($id_bookmark) && $action_bookmark == 2) {
 } else {
     $message   = $strSuccess;
 }
+// Loads to target script
+if ($goto == 'db_details.php3' || $goto == 'tbl_properties.php3') {
+    $js_to_run = 'functions.js';
+}
+if ($goto != 'main.php3') {
+    include('./header.inc.php3');
+}
 require('./' . $goto);
 ?>
diff --git a/sql.php3 b/sql.php3
index 62a64ca5b..54e1bddbf 100755
--- a/sql.php3
+++ b/sql.php3
@@ -263,17 +263,6 @@ else {
 
     // No rows returned -> move back to the calling page
     if ($num_rows < 1 || $is_affected) {
-        if (isset($strYes)) {
-            if (isset($table)
-                && (eregi('DROP[[:space:]]+(IF EXISTS[[:space:]]+)?TABLE[[:space:]]+`?' . $table . '`?[[:space:]]*$', $sql_query))) {
-                unset($table);
-            }
-            if (isset($db)
-                && (eregi('DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE[[:space:]]+`?' . $db . '`?[[:space:]]*$', $sql_query))) {
-                unset($db);
-            }
-        }
-
         if ($is_delete) {
             $message = $strDeletedRows . '&nbsp;' . $num_rows;
         } else if ($is_insert) {
@@ -288,9 +277,40 @@ else {
 
         if (file_exists('./' . $goto)) {
             $goto = ereg_replace('\.\.*', '.', $goto);
-            if ($goto == 'db_details.php3' && !empty($table)) {
+            // Checks for a valid target script
+            if (isset($table) && $table == '') {
                 unset($table);
             }
+            if (isset($db) && $db == '') {
+                unset($db);
+            }
+            $is_db = $is_table = FALSE;
+            if ($goto == 'tbl_properties.php3') {
+                if (!isset($table)) {
+                    $goto     = 'db_details.php3';
+                } else {
+                    $is_table = @mysql_query('SHOW TABLES LIKE \'' . sql_addslashes($table, TRUE) . '\'');
+                    if (!@mysql_numrows($is_table)) {
+                        $goto = 'db_details.php3';
+                        unset($table);
+                    }
+                } // end if... else...
+            }
+            if ($goto == 'db_details.php3') {
+                if (isset($table)) {
+                    unset($table);
+                }
+                if (!isset($db)) {
+                    $goto     = 'main.php3';
+                } else {
+                    $is_db    = @mysql_select_db($db);
+                    if (!$is_db) {
+                        $goto = 'main.php3';
+                        unset($db);
+                    }
+                } // end if... else...
+            }
+            // Loads to target script
             if ($goto == 'db_details.php3' || $goto == 'tbl_properties.php3') {
                 $js_to_run = 'functions.js';
             }