From afbb2a9dc2ff6f612e01f86e85788610e19a0338 Mon Sep 17 00:00:00 2001 From: Marc Delisle Date: Sat, 21 Jun 2008 15:01:27 +0000 Subject: [PATCH] protection against XSS when register_globals is on and .htaccess has no effect --- ChangeLog | 2 ++ libraries/auth/cookie.auth.lib.php | 4 ++-- libraries/charset_conversion.lib.php | 4 +++- libraries/check_user_privileges.lib.php | 3 +++ libraries/common.inc.php | 8 +++++--- libraries/database_interface.lib.php | 3 +++ libraries/db_common.inc.php | 3 +++ libraries/db_events.inc.php | 4 ++++ libraries/db_info.inc.php | 3 +++ libraries/db_links.inc.php | 3 +++ libraries/db_routines.inc.php | 4 ++++ libraries/db_table_exists.lib.php | 3 +++ libraries/dbg/setup.php | 3 +++ libraries/dbi/mysql.dbi.lib.php | 3 +++ libraries/dbi/mysqli.dbi.lib.php | 3 +++ libraries/display_change_password.lib.php | 3 +++ libraries/display_create_database.lib.php | 3 +++ libraries/display_create_table.lib.php | 3 +++ libraries/display_export.lib.php | 3 +++ libraries/display_import.lib.php | 3 +++ libraries/display_select_lang.lib.php | 3 +++ libraries/display_tbl_links.lib.php | 3 +++ libraries/export/codegen.php | 3 +++ libraries/export/csv.php | 3 +++ libraries/export/excel.php | 3 +++ libraries/export/htmlexcel.php | 3 +++ libraries/export/htmlword.php | 3 +++ libraries/export/latex.php | 3 +++ libraries/export/ods.php | 3 +++ libraries/export/odt.php | 3 +++ libraries/export/pdf.php | 3 +++ libraries/export/sql.php | 3 +++ libraries/export/texytext.php | 3 +++ libraries/export/xls.php | 3 +++ libraries/export/xml.php | 3 +++ libraries/export/yaml.php | 3 +++ libraries/footer.inc.php | 3 +++ libraries/grab_globals.lib.php | 3 +++ libraries/header.inc.php | 3 +++ libraries/header_http.inc.php | 3 +++ libraries/header_meta_style.inc.php | 3 +++ libraries/header_printview.inc.php | 3 +++ libraries/header_scripts.inc.php | 3 +++ libraries/iconv_wrapper.lib.php | 3 +++ libraries/import.lib.php | 3 +++ libraries/import/csv.php | 3 +++ libraries/import/docsql.php | 3 +++ libraries/import/ldi.php | 3 +++ libraries/import/sql.php | 3 +++ libraries/kanji-encoding.lib.php | 3 +++ libraries/mult_submits.inc.php | 3 +++ libraries/mysql_charsets.lib.php | 3 +++ libraries/navigation_header.inc.php | 3 +++ libraries/opendocument.lib.php | 3 +++ libraries/parse_analyze.lib.php | 3 +++ libraries/relation.lib.php | 3 +++ libraries/relation_cleanup.lib.php | 3 +++ libraries/select_lang.lib.php | 3 +++ libraries/server_common.inc.php | 3 +++ libraries/server_links.inc.php | 3 +++ libraries/session.inc.php | 3 +++ libraries/sql_query_form.lib.php | 3 +++ libraries/sqlparser.data.php | 3 +++ libraries/sqlparser.lib.php | 4 +++- libraries/sqlvalidator.class.php | 3 +++ libraries/sqlvalidator.lib.php | 3 +++ libraries/string.lib.php | 3 +++ libraries/tbl_common.php | 3 +++ libraries/tbl_info.inc.php | 3 +++ libraries/tbl_links.inc.php | 3 +++ libraries/tbl_properties.inc.php | 3 +++ libraries/tbl_replace_fields.inc.php | 3 +++ libraries/tbl_triggers.lib.php | 3 +++ 73 files changed, 221 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index 1a88deba9..3fdf3eb76 100644 --- a/ChangeLog +++ b/ChangeLog @@ -89,6 +89,8 @@ danbarry - bug #1981043 [export] HTML in exports getting corrupted, thanks to Jason Judge - jasonjudge - bug #1936761 [interface] BINARY not treated as BLOB: update/delete issues +- protection against XSS when register_globals is on and .htaccess has + no effect, thanks to Tim Starling - bug #1996943 [export] Firefox 3 and .sql.gz (corrupted); detect Gecko 1.9, thanks to Jürgen Wind - windkiel diff --git a/libraries/auth/cookie.auth.lib.php b/libraries/auth/cookie.auth.lib.php index c82829e35..343220629 100644 --- a/libraries/auth/cookie.auth.lib.php +++ b/libraries/auth/cookie.auth.lib.php @@ -8,8 +8,8 @@ * @version $Id$ */ -if (! defined('PMA_COMING_FROM_COMMON')) { - exit; +if (! defined('PHPMYADMIN')) { + exit; } require './libraries/auth/swekey/swekey.auth.lib.php'; diff --git a/libraries/charset_conversion.lib.php b/libraries/charset_conversion.lib.php index d276fdba6..d5d648fc4 100644 --- a/libraries/charset_conversion.lib.php +++ b/libraries/charset_conversion.lib.php @@ -5,7 +5,9 @@ * * @version $Id$ */ - +if (! defined('PHPMYADMIN')) { + exit; +} /** * Loads the recode or iconv extensions if any of it is not loaded yet diff --git a/libraries/check_user_privileges.lib.php b/libraries/check_user_privileges.lib.php index e672b4c17..228cdc226 100644 --- a/libraries/check_user_privileges.lib.php +++ b/libraries/check_user_privileges.lib.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/common.inc.php b/libraries/common.inc.php index 0ccee6621..7dd8bd13a 100644 --- a/libraries/common.inc.php +++ b/libraries/common.inc.php @@ -54,6 +54,11 @@ if (version_compare(phpversion(), '6', 'lt')) { @ini_set('magic_quotes_runtime', false); } +/** + * for verification in all procedural scripts under libraries + */ +define('PHPMYADMIN', true); + /** * core functions */ @@ -781,9 +786,6 @@ if (! defined('PMA_MINIMUM_COMMON')) { // Gets the authentication library that fits the $cfg['Server'] settings // and run authentication - // (for a quick check of path disclosure in auth/cookies:) - define('PMA_COMING_FROM_COMMON', true); - // to allow HTTP or http $cfg['Server']['auth_type'] = strtolower($cfg['Server']['auth_type']); if (! file_exists('./libraries/auth/' . $cfg['Server']['auth_type'] . '.auth.lib.php')) { diff --git a/libraries/database_interface.lib.php b/libraries/database_interface.lib.php index f5b1002b5..976d7da2a 100644 --- a/libraries/database_interface.lib.php +++ b/libraries/database_interface.lib.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/db_common.inc.php b/libraries/db_common.inc.php index af1307029..b44c15594 100644 --- a/libraries/db_common.inc.php +++ b/libraries/db_common.inc.php @@ -4,6 +4,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * Gets some core libraries diff --git a/libraries/db_events.inc.php b/libraries/db_events.inc.php index 0c1693e32..c3a4c8838 100644 --- a/libraries/db_events.inc.php +++ b/libraries/db_events.inc.php @@ -4,6 +4,10 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} + $url_query .= '&goto=db_structure.php'; $events = PMA_DBI_fetch_result('SELECT EVENT_NAME, EVENT_TYPE FROM information_schema.EVENTS WHERE EVENT_SCHEMA= \'' . PMA_sqlAddslashes($db,true) . '\';'); diff --git a/libraries/db_info.inc.php b/libraries/db_info.inc.php index f4a63f3fb..8ae3b7147 100644 --- a/libraries/db_info.inc.php +++ b/libraries/db_info.inc.php @@ -33,6 +33,9 @@ * @uses addslashes() * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * requirements diff --git a/libraries/db_links.inc.php b/libraries/db_links.inc.php index 1d8188cb4..725d35891 100644 --- a/libraries/db_links.inc.php +++ b/libraries/db_links.inc.php @@ -4,6 +4,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/db_routines.inc.php b/libraries/db_routines.inc.php index b4796e8d9..c64f5bb01 100644 --- a/libraries/db_routines.inc.php +++ b/libraries/db_routines.inc.php @@ -14,6 +14,10 @@ * Also, support DEFINER (like we do in export). * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} + $url_query .= '&goto=db_structure.php'; $routines = PMA_DBI_fetch_result('SELECT SPECIFIC_NAME,ROUTINE_NAME,ROUTINE_TYPE,DTD_IDENTIFIER FROM information_schema.ROUTINES WHERE ROUTINE_SCHEMA= \'' . PMA_sqlAddslashes($db,true) . '\';'); diff --git a/libraries/db_table_exists.lib.php b/libraries/db_table_exists.lib.php index 3e9c92085..66c30e9ed 100644 --- a/libraries/db_table_exists.lib.php +++ b/libraries/db_table_exists.lib.php @@ -6,6 +6,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/dbg/setup.php b/libraries/dbg/setup.php index ba374b1d5..13596663f 100644 --- a/libraries/dbg/setup.php +++ b/libraries/dbg/setup.php @@ -3,6 +3,9 @@ /** * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * checks for DBG extension and trys to load if not loaded diff --git a/libraries/dbi/mysql.dbi.lib.php b/libraries/dbi/mysql.dbi.lib.php index b1a781a5e..76e3b1055 100644 --- a/libraries/dbi/mysql.dbi.lib.php +++ b/libraries/dbi/mysql.dbi.lib.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * MySQL client API diff --git a/libraries/dbi/mysqli.dbi.lib.php b/libraries/dbi/mysqli.dbi.lib.php index 8afbfae25..002e1f3e7 100644 --- a/libraries/dbi/mysqli.dbi.lib.php +++ b/libraries/dbi/mysqli.dbi.lib.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} // MySQL client API if (!defined('PMA_MYSQL_CLIENT_API')) { diff --git a/libraries/display_change_password.lib.php b/libraries/display_change_password.lib.php index bdba76f09..3ebff87f2 100644 --- a/libraries/display_change_password.lib.php +++ b/libraries/display_change_password.lib.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} // loic1: autocomplete feature of IE kills the "onchange" event handler and it // must be replaced by the "onpropertychange" one in this case diff --git a/libraries/display_create_database.lib.php b/libraries/display_create_database.lib.php index 5dcc1f776..48ae1bb56 100644 --- a/libraries/display_create_database.lib.php +++ b/libraries/display_create_database.lib.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/display_create_table.lib.php b/libraries/display_create_table.lib.php index 2f7206603..d76a70cf8 100644 --- a/libraries/display_create_table.lib.php +++ b/libraries/display_create_table.lib.php @@ -24,6 +24,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/display_export.lib.php b/libraries/display_export.lib.php index 8706c0705..a80f42fa6 100644 --- a/libraries/display_export.lib.php +++ b/libraries/display_export.lib.php @@ -4,6 +4,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/display_import.lib.php b/libraries/display_import.lib.php index a0c233392..3ab9c00f4 100644 --- a/libraries/display_import.lib.php +++ b/libraries/display_import.lib.php @@ -4,6 +4,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/display_select_lang.lib.php b/libraries/display_select_lang.lib.php index e0d35cb65..1685f5053 100644 --- a/libraries/display_select_lang.lib.php +++ b/libraries/display_select_lang.lib.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * Sorts available languages by their true english names diff --git a/libraries/display_tbl_links.lib.php b/libraries/display_tbl_links.lib.php index 85264e309..9888b37e3 100644 --- a/libraries/display_tbl_links.lib.php +++ b/libraries/display_tbl_links.lib.php @@ -9,6 +9,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/export/codegen.php b/libraries/export/codegen.php index 72ef5650d..7a4873960 100644 --- a/libraries/export/codegen.php +++ b/libraries/export/codegen.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} // this gets executed twice so avoid a notice if (! defined('CG_FORMAT_NHIBERNATE_CS')) { diff --git a/libraries/export/csv.php b/libraries/export/csv.php index 0c6f525e5..b1f5a6ef4 100644 --- a/libraries/export/csv.php +++ b/libraries/export/csv.php @@ -3,6 +3,9 @@ /** * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * Set of functions used to build CSV dumps of tables diff --git a/libraries/export/excel.php b/libraries/export/excel.php index efa859871..5df0b3fe3 100644 --- a/libraries/export/excel.php +++ b/libraries/export/excel.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/export/htmlexcel.php b/libraries/export/htmlexcel.php index b380cd52e..5edc684b4 100644 --- a/libraries/export/htmlexcel.php +++ b/libraries/export/htmlexcel.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/export/htmlword.php b/libraries/export/htmlword.php index b5784e8cd..064ed81fb 100644 --- a/libraries/export/htmlword.php +++ b/libraries/export/htmlword.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/export/latex.php b/libraries/export/latex.php index 1f09aedf3..f410d3676 100644 --- a/libraries/export/latex.php +++ b/libraries/export/latex.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/export/ods.php b/libraries/export/ods.php index 09ba82505..51cf28eca 100644 --- a/libraries/export/ods.php +++ b/libraries/export/ods.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/export/odt.php b/libraries/export/odt.php index 6fd6fa935..16620051a 100644 --- a/libraries/export/odt.php +++ b/libraries/export/odt.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/export/pdf.php b/libraries/export/pdf.php index f2a73f0fa..7d8055e24 100644 --- a/libraries/export/pdf.php +++ b/libraries/export/pdf.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/export/sql.php b/libraries/export/sql.php index 5441549f7..647c2ce27 100644 --- a/libraries/export/sql.php +++ b/libraries/export/sql.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/export/texytext.php b/libraries/export/texytext.php index 46ff35a2e..6db4d71f5 100644 --- a/libraries/export/texytext.php +++ b/libraries/export/texytext.php @@ -3,6 +3,9 @@ /** * Sample export to Texy! text. */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/export/xls.php b/libraries/export/xls.php index c9ec6ca5b..7f7ef27e6 100644 --- a/libraries/export/xls.php +++ b/libraries/export/xls.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/export/xml.php b/libraries/export/xml.php index 9f3da1021..bc99eb006 100644 --- a/libraries/export/xml.php +++ b/libraries/export/xml.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/export/yaml.php b/libraries/export/yaml.php index 7c5cab478..a44ceecb0 100644 --- a/libraries/export/yaml.php +++ b/libraries/export/yaml.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/footer.inc.php b/libraries/footer.inc.php index 458db2b11..58865da1a 100644 --- a/libraries/footer.inc.php +++ b/libraries/footer.inc.php @@ -43,6 +43,9 @@ * @uses file_exists() * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * for PMA_setHistory() diff --git a/libraries/grab_globals.lib.php b/libraries/grab_globals.lib.php index a681c52ce..aaaa53db4 100644 --- a/libraries/grab_globals.lib.php +++ b/libraries/grab_globals.lib.php @@ -8,6 +8,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * copy values from one array to another, usally from a superglobal into $GLOBALS diff --git a/libraries/header.inc.php b/libraries/header.inc.php index 00a38bb52..52dc94193 100644 --- a/libraries/header.inc.php +++ b/libraries/header.inc.php @@ -4,6 +4,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/header_http.inc.php b/libraries/header_http.inc.php index ab1207638..a75c3488e 100644 --- a/libraries/header_http.inc.php +++ b/libraries/header_http.inc.php @@ -4,6 +4,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/header_meta_style.inc.php b/libraries/header_meta_style.inc.php index 976e081f4..c2b4a009e 100644 --- a/libraries/header_meta_style.inc.php +++ b/libraries/header_meta_style.inc.php @@ -4,6 +4,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/header_printview.inc.php b/libraries/header_printview.inc.php index e86668bba..c955db4c3 100644 --- a/libraries/header_printview.inc.php +++ b/libraries/header_printview.inc.php @@ -4,6 +4,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * Gets a core script and starts output buffering work diff --git a/libraries/header_scripts.inc.php b/libraries/header_scripts.inc.php index 076edb464..ae237aba7 100644 --- a/libraries/header_scripts.inc.php +++ b/libraries/header_scripts.inc.php @@ -4,6 +4,9 @@ * * @version $Id: header.inc.php 10719 2007-10-04 15:03:44Z cybot_tm $ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/iconv_wrapper.lib.php b/libraries/iconv_wrapper.lib.php index 6104e82d4..26566e728 100644 --- a/libraries/iconv_wrapper.lib.php +++ b/libraries/iconv_wrapper.lib.php @@ -4,6 +4,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/import.lib.php b/libraries/import.lib.php index 6ee2c32e0..e2f562967 100644 --- a/libraries/import.lib.php +++ b/libraries/import.lib.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * We need to know something about user diff --git a/libraries/import/csv.php b/libraries/import/csv.php index c84da1f64..5c958e05e 100644 --- a/libraries/import/csv.php +++ b/libraries/import/csv.php @@ -6,6 +6,9 @@ * @todo add an option for handling NULL values * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/import/docsql.php b/libraries/import/docsql.php index 6b8d46c0f..5c051f6f9 100644 --- a/libraries/import/docsql.php +++ b/libraries/import/docsql.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} require_once './libraries/relation.lib.php'; $cfgRelation = PMA_getRelationsParam(); diff --git a/libraries/import/ldi.php b/libraries/import/ldi.php index e7f19e6f9..5931da4f3 100644 --- a/libraries/import/ldi.php +++ b/libraries/import/ldi.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/import/sql.php b/libraries/import/sql.php index 12be55348..d8b4ac35e 100644 --- a/libraries/import/sql.php +++ b/libraries/import/sql.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/kanji-encoding.lib.php b/libraries/kanji-encoding.lib.php index 2e5b9f83f..f9e58b266 100644 --- a/libraries/kanji-encoding.lib.php +++ b/libraries/kanji-encoding.lib.php @@ -11,6 +11,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * Gets the php internal encoding codes and sets the available encoding diff --git a/libraries/mult_submits.inc.php b/libraries/mult_submits.inc.php index 2e9b8274d..54334d965 100644 --- a/libraries/mult_submits.inc.php +++ b/libraries/mult_submits.inc.php @@ -4,6 +4,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * Prepares the work and runs some other scripts if required diff --git a/libraries/mysql_charsets.lib.php b/libraries/mysql_charsets.lib.php index fd62987e6..518b92a4f 100644 --- a/libraries/mysql_charsets.lib.php +++ b/libraries/mysql_charsets.lib.php @@ -4,6 +4,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/navigation_header.inc.php b/libraries/navigation_header.inc.php index 6a8748e9d..fbe649ce9 100644 --- a/libraries/navigation_header.inc.php +++ b/libraries/navigation_header.inc.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/opendocument.lib.php b/libraries/opendocument.lib.php index 116655607..dfa27ffc8 100644 --- a/libraries/opendocument.lib.php +++ b/libraries/opendocument.lib.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/parse_analyze.lib.php b/libraries/parse_analyze.lib.php index 7885b253b..ad05fb0d3 100644 --- a/libraries/parse_analyze.lib.php +++ b/libraries/parse_analyze.lib.php @@ -4,6 +4,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/relation.lib.php b/libraries/relation.lib.php index d4bcc5b5b..b2678db1e 100644 --- a/libraries/relation.lib.php +++ b/libraries/relation.lib.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/relation_cleanup.lib.php b/libraries/relation_cleanup.lib.php index f2a8d0f22..391fd6af7 100644 --- a/libraries/relation_cleanup.lib.php +++ b/libraries/relation_cleanup.lib.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/select_lang.lib.php b/libraries/select_lang.lib.php index 3ac1f0507..f7f24ba82 100644 --- a/libraries/select_lang.lib.php +++ b/libraries/select_lang.lib.php @@ -5,6 +5,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * tries to find the language to use diff --git a/libraries/server_common.inc.php b/libraries/server_common.inc.php index b1ed96c0a..07005ffe2 100644 --- a/libraries/server_common.inc.php +++ b/libraries/server_common.inc.php @@ -9,6 +9,9 @@ * @uses $userlink * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * Gets some core libraries diff --git a/libraries/server_links.inc.php b/libraries/server_links.inc.php index dc825abbf..2aff2acc3 100644 --- a/libraries/server_links.inc.php +++ b/libraries/server_links.inc.php @@ -4,6 +4,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * Check parameters diff --git a/libraries/session.inc.php b/libraries/session.inc.php index 1caf68e4c..2ac024ee1 100644 --- a/libraries/session.inc.php +++ b/libraries/session.inc.php @@ -11,6 +11,9 @@ * @uses session_start() * @uses ini_set() */ +if (! defined('PHPMYADMIN')) { + exit; +} // verify if PHP supports session, die if it does not diff --git a/libraries/sql_query_form.lib.php b/libraries/sql_query_form.lib.php index d8fa4c487..c114efac7 100644 --- a/libraries/sql_query_form.lib.php +++ b/libraries/sql_query_form.lib.php @@ -10,6 +10,9 @@ * @usedby tbl_structure.php * @usedby querywindow.php */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/sqlparser.data.php b/libraries/sqlparser.data.php index dc1513485..8cf77f6d9 100644 --- a/libraries/sqlparser.data.php +++ b/libraries/sqlparser.data.php @@ -21,6 +21,9 @@ * * @version$Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * @global array MySQL function names diff --git a/libraries/sqlparser.lib.php b/libraries/sqlparser.lib.php index 4588e19e4..62f853d93 100644 --- a/libraries/sqlparser.lib.php +++ b/libraries/sqlparser.lib.php @@ -29,7 +29,9 @@ * * @version $Id$ */ - +if (! defined('PHPMYADMIN')) { + exit; +} /** * Minimum inclusion? (i.e. for the stylesheet builder) diff --git a/libraries/sqlvalidator.class.php b/libraries/sqlvalidator.class.php index 547d33d0e..24e9c05d4 100644 --- a/libraries/sqlvalidator.class.php +++ b/libraries/sqlvalidator.class.php @@ -27,6 +27,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} @include_once 'SOAP/Client.php'; diff --git a/libraries/sqlvalidator.lib.php b/libraries/sqlvalidator.lib.php index a2d61e154..4c75f3d0e 100644 --- a/libraries/sqlvalidator.lib.php +++ b/libraries/sqlvalidator.lib.php @@ -29,6 +29,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * We need the PEAR libraries, so do a minimum version check first diff --git a/libraries/string.lib.php b/libraries/string.lib.php index 8d153eb49..65aae5805 100644 --- a/libraries/string.lib.php +++ b/libraries/string.lib.php @@ -21,6 +21,9 @@ * @uses defined() * @todo a .lib filename should not have code in main(), split or rename file */ +if (! defined('PHPMYADMIN')) { + exit; +} /* Try to load mbstring */ if (!@extension_loaded('mbstring')) { diff --git a/libraries/tbl_common.php b/libraries/tbl_common.php index 70279eca5..d8b901941 100644 --- a/libraries/tbl_common.php +++ b/libraries/tbl_common.php @@ -4,6 +4,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * Gets some core libraries diff --git a/libraries/tbl_info.inc.php b/libraries/tbl_info.inc.php index 8fea9d818..11f91c1f9 100644 --- a/libraries/tbl_info.inc.php +++ b/libraries/tbl_info.inc.php @@ -8,6 +8,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * diff --git a/libraries/tbl_links.inc.php b/libraries/tbl_links.inc.php index 8e7b85e74..362ba08ff 100644 --- a/libraries/tbl_links.inc.php +++ b/libraries/tbl_links.inc.php @@ -4,6 +4,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * Check parameters diff --git a/libraries/tbl_properties.inc.php b/libraries/tbl_properties.inc.php index 185e18554..41c31a367 100644 --- a/libraries/tbl_properties.inc.php +++ b/libraries/tbl_properties.inc.php @@ -6,6 +6,9 @@ * included by tbl_addfield.php, -_alter.php, -_create.php * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * Check parameters diff --git a/libraries/tbl_replace_fields.inc.php b/libraries/tbl_replace_fields.inc.php index 06fdfc057..64a9d1b34 100644 --- a/libraries/tbl_replace_fields.inc.php +++ b/libraries/tbl_replace_fields.inc.php @@ -29,6 +29,9 @@ * @uses PMA_NO_VARIABLES_IMPORT * @uses PMA_sqlAddslashes() */ +if (! defined('PHPMYADMIN')) { + exit; +} /** * do not import request variable into global scope diff --git a/libraries/tbl_triggers.lib.php b/libraries/tbl_triggers.lib.php index af6f0b235..659cc2c40 100644 --- a/libraries/tbl_triggers.lib.php +++ b/libraries/tbl_triggers.lib.php @@ -4,6 +4,9 @@ * * @version $Id$ */ +if (! defined('PHPMYADMIN')) { + exit; +} $url_query .= '&goto=tbl_structure.php';