From caffe11457d48c43f1c828db7e6c123b296c3fda Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Lo=C3=AFc=20Chapeaux?= Date: Fri, 26 Apr 2002 14:43:18 +0000 Subject: [PATCH] Merge from branch --- ChangeLog | 65 +++++++++++++++++------------- lang/brazilian_portuguese.inc.php3 | 10 +++-- lang/norwegian.inc.php3 | 21 ++++++---- sql.php3 | 17 ++++++-- tbl_replace.php3 | 17 +++++++- 5 files changed, 85 insertions(+), 45 deletions(-) diff --git a/ChangeLog b/ChangeLog index 6562e8a78..205638d0e 100755 --- a/ChangeLog +++ b/ChangeLog @@ -5,6 +5,13 @@ phpMyAdmin - Changelog $Id$ $Source$ +2002-04-26 Loïc Chapeaux + * ## created 2.2.7 branch into the CVS tree ## + * lang/nowegian.inc.php: updated thanks to Sven-Erik Andersen. + * lang/brazilian_portuguese.inc.php3: updated thanks to Renato Lins. + * sql.php3; tbl_replace.php3: patch #547030 - file_exists $goto thanks to + Melvyn Sopacua . + 2002-04-26 Marc Delisle * tbl_qbe.php3: automatic joints from Relation table, thanks to Mike Beck (mike.beck at ibmiller.de) @@ -12,20 +19,20 @@ $Source$ * Documentation.html: example for automatic joints 2002-04-26 Alexander M. Turek - * libraries/common.lib.php3: fixed a controluser bug. - * libraries/display_tbl.lib.php3: fixed bug #547384 (Marker Color can't - equal Pointer Color) + * libraries/common.lib.php3: fixed a controluser bug. + * libraries/display_tbl.lib.php3: fixed bug #547384 (Marker Color can't + equal Pointer Color) 2002-04-25 Alexander M. Turek - * lang/italian.inc.php3: updated, thanks again to Pietro Danesi. + * lang/italian.inc.php3: updated, thanks again to Pietro Danesi. 2002-04-24 Marc Delisle * tbl_*.php3: $cfg system changes 2002-04-24 Alexander M. Turek - * libraries/*, lang/*: $cfg system changes. - * libraries/common.lib.php3, libraries/select_lang.php3, - libraries/config_import.lib.php3: Config file backwards compatibility. + * libraries/*, lang/*: $cfg system changes. + * libraries/common.lib.php3, libraries/select_lang.php3, + libraries/config_import.lib.php3: Config file backwards compatibility. 2002-04-24 Robin Johnson * *.php3 NOT tbl_*.php, Documentation.*: $cfg system changes. @@ -41,11 +48,11 @@ $Source$ thanks to Mike Beck (mike.beck at ibmiller.de) 2002-04-23 Alexander M. Turek - * libraries/common.lib.php3: fixed bug #547605 using Loïc's patch. - * tbl_printview.php3: Fixed a small bug, some php and XHTML 1.0 errors and - beautified the generated code. - * lang/german.inc.php3: Translated the new string. - * Documentation.html: Changed notes concerning php 4.2.0. + * libraries/common.lib.php3: fixed bug #547605 using Loïc's patch. + * tbl_printview.php3: Fixed a small bug, some php and XHTML 1.0 errors and + beautified the generated code. + * lang/german.inc.php3: Translated the new string. + * Documentation.html: Changed notes concerning php 4.2.0. 2002-04-22 Loïc Chapeaux * lang/slovak-win1250.inc.php3: completed, thanks to Peter Svec. @@ -54,14 +61,14 @@ $Source$ * lang/japanese* updates, thanks to Yukihiro Kawada 2002-04-22 Alexander M. Turek - * lang/russian-koi8.inc.php3: fixed a typo (bug #546981). - * lang/german.inc.php3: better syntax. - * db_details.php3, mult_submits.inx.php3, tbl_properties.php3: - Use TRUNCATE instead of DELETE when using MySQL 4. + * lang/russian-koi8.inc.php3: fixed a typo (bug #546981). + * lang/german.inc.php3: better syntax. + * db_details.php3, mult_submits.inx.php3, tbl_properties.php3: + Use TRUNCATE instead of DELETE when using MySQL 4. 2002-04-21 Alexander M. Turek - * main.php3: Restarted work on patch #538740 (get users priv. with - SHOW GRANTS). + * main.php3: Restarted work on patch #538740 (get users priv. with + SHOW GRANTS). 2002-04-21 Loïc Chapeaux * libraries/auth/http.auth.lib.php3: tried a fix to allow the use of http @@ -112,10 +119,10 @@ $Source$ * libraries/common.lib.php3, line 128: improved compatibility with older config files. * libraries/display, line 1291: improved fix against bug #542524 (Wrong - interval is displayed). - * lang/portuguese.inc.php3: updated thanks to - Lopo Pizarro . - * Documentation.html, line 1330-1331: extended a bit a faq entry. + interval is displayed). + * lang/portuguese.inc.php3: updated thanks to + Lopo Pizarro . + * Documentation.html, line 1330-1331: extended a bit a faq entry. 2002-04-15 Marc Delisle * config.inc.php3: put the most popular column types first in the list, @@ -154,7 +161,7 @@ $Source$ 2002-04-11 Alexander M. Turek * libraries/display_tbl.lib.php3, line 1293: fixed bug #542524 (Wrong - interval is displayed). Thanks to Matthias Schniedermeyer for his report. + interval is displayed). Thanks to Matthias Schniedermeyer for his report. 2002-04-11 Marc Delisle * header.inc.php3, bug #540718, merge css patch thanks to Loïc @@ -165,12 +172,12 @@ $Source$ 2002-04-10 Alexander M. Turek * config.inc.php3, line 73: removed the "experimental" warning for the "cfgLeftFrameLight" setting. - * db_details.php3, header.inc.php3, left.php3, main.php3, tbl_change.php3, - tbl_indexes.php3, tbl_properties.php3, tbl_qbe.php3, tbl_select.php3, - user_details.php3, user_password.php3, libraries/display_tbl.lib.php3, - libraries/auth/cookie.auth.lib.php3: Better fix bugs #539756 / #540718 - * left.php3, libraries/auth/cookie.auth.lib.php3: Fixed design for NN 4.x. - * Documentation.*: Added myself. + * db_details.php3, header.inc.php3, left.php3, main.php3, tbl_change.php3, + tbl_indexes.php3, tbl_properties.php3, tbl_qbe.php3, tbl_select.php3, + user_details.php3, user_password.php3, libraries/display_tbl.lib.php3, + libraries/auth/cookie.auth.lib.php3: Better fix bugs #539756 / #540718 + * left.php3, libraries/auth/cookie.auth.lib.php3: Fixed design for NN 4.x. + * Documentation.*: Added myself. 2002-04-10 Marc Delisle * lang/chinese* update thanks to Siu Sun (siusun) diff --git a/lang/brazilian_portuguese.inc.php3 b/lang/brazilian_portuguese.inc.php3 index 51348301d..e67dafe35 100644 --- a/lang/brazilian_portuguese.inc.php3 +++ b/lang/brazilian_portuguese.inc.php3 @@ -1,6 +1,10 @@ + */ + $charset = 'iso-8859-1'; $text_dir = 'ltr'; $left_font_family = 'verdana, arial, helvetica, geneva, sans-serif'; @@ -51,6 +55,7 @@ $strAttr = 'Atributos'; $strBack = 'Voltar'; $strBinary = ' Binário '; $strBinaryDoNotEdit = ' Binário - não edite '; +$strBookmarkDeleted = 'O bookmark foi removido.'; $strBookmarkLabel = 'Nome'; $strBookmarkQuery = 'Procura de SQL salva'; $strBookmarkThis = 'Salvar essa procura de SQL'; @@ -63,6 +68,7 @@ $strCantRenameIdxToPrimary = 'N $strCardinality = 'Cardinalidade'; $strCarriage = 'Caracter de retorno: \\r'; $strChange = 'Muda'; +$strChangePassword = 'Mude a senha'; $strCheckAll = 'Marcar All'; $strCheckDbPriv = 'Verifica Privilégios do Banco de Dados'; $strCheckTable = 'Verifica tabela'; @@ -222,6 +228,7 @@ $strPasswordEmpty = 'A senhas est $strPasswordNotSame = 'As senhas não são a mesma!'; $strPHPVersion = 'Versão do PHP'; $strPmaDocumentation = 'Documentação do phpMyAdmin '; +$strPmaUriError = 'A diretiva $cfg[\'PmaAbsoluteUri\'] Deve ser setada'; $strPos1 = 'Início'; $strPrevious = 'Anterior'; $strPrimary = 'Primária'; @@ -345,8 +352,5 @@ $strYes = 'Sim'; $strZip = '"compactado com zip"'; // To translate -$strBookmarkDeleted = 'The bookmark has been deleted.'; -$strChangePassword = 'Change password'; //to translate -$strPmaUriError = 'The $cfg[\'PmaAbsoluteUri\'] directive MUST be set in your configuration file!'; $strLinksTo = 'Links to'; //to translate ?> diff --git a/lang/norwegian.inc.php3 b/lang/norwegian.inc.php3 index c4890d637..4e85d12d7 100644 --- a/lang/norwegian.inc.php3 +++ b/lang/norwegian.inc.php3 @@ -1,6 +1,10 @@ + */ + $charset = 'iso-8859-1'; $text_dir = 'ltr'; $left_font_family = 'verdana, arial, helvetica, geneva, sans-serif'; @@ -57,7 +61,7 @@ $strBookmarkQuery = 'Lagret SQL-sp $strBookmarkThis = 'Lagre denne SQL-spørringen'; $strBookmarkView = 'Bare se'; $strBrowse = 'Se på'; -$strBzip = '"bzipped"'; +$strBzip = 'Komprimert (bz2)'; $strCantLoadMySQL = 'kan ikke starte MySQL modulen,
vennligst kontroller PHP konfigureringen.'; $strCantRenameIdxToPrimary = 'Kan ikke endre indeks til PRIMARY!'; @@ -65,7 +69,7 @@ $strCardinality = 'Kardinalitet'; $strCarriage = 'Linjeskift (Mac): \\r'; $strChange = 'Endre'; $strChangePassword = 'Endre passord'; -$strCheckAll = 'Kontroller alle'; +$strCheckAll = 'Merk alle'; $strCheckDbPriv = 'Kontroller database privilegier'; $strCheckTable = 'Kontroller tabell'; $strColumn = 'Kolonne'; @@ -116,6 +120,7 @@ $strEnd = 'Slutt'; $strEnglishPrivileges = ' OBS: MySQL privilegie navn er på engelsk '; $strError = 'Feil'; $strExtra = 'Ekstra'; +$strExtendedInserts = 'Utvidete innlegg'; $strField = 'Felt'; $strFieldHasBeenDropped = 'Feltet %s har blitt slettet'; @@ -134,7 +139,7 @@ $strFunction = 'Funksjon'; $strGenTime = 'Generert den'; $strGo = 'Utfør'; $strGrants = 'Rettigheter'; -$strGzip = '"gzipped"'; +$strGzip = 'Komprimert (gz)'; $strHasBeenAltered = 'er endret.'; $strHasBeenCreated = 'er opprettet.'; @@ -231,11 +236,11 @@ $strPrimaryKey = 'Prim $strPrimaryKeyHasBeenDropped = 'Primær-nøkkelen har blitt slettet'; $strPrimaryKeyName = 'Navnet til primærnøkkelen må være... PRIMARY!'; $strPrimaryKeyWarning = '("PRIMARY" være navnet til og bare til en primærnøkkel!)'; -$strPrintView = 'Forhåndsvisning'; +$strPrintView = 'Utskriftsvennlig forhåndsvisning'; $strPrivileges = 'Privilegier'; $strProperties = 'Egenskaper'; -$strQBE = 'Spørring ved eksempel'; +$strQBE = 'Spørring ved eksempel (Query by Example)'; $strQBEDel = 'Slett'; $strQBEIns = 'Sett inn'; $strQueryOnDb = 'SQL-spørring i database %s:'; @@ -275,7 +280,7 @@ $strSelectADb = 'Vennligst velg en database'; $strSelectAll = 'Velg alle'; $strSelectFields = 'Velg felt (minst ett):'; $strSelectNumRows = 'i spørring'; -$strSend = 'Last ned og lagre som fil'; +$strSend = 'Last ned som fil'; $strServerChoice = 'Server valg'; $strServerVersion = 'Server versjon'; $strSetEnumVal = 'Hvis felttypen er "enum" eller "set", skriv inn verdien med dette formatet: \'a\',\'b\',\'c\'...
Hvis du skulle trenge å ha en skråstrek ("\") eller en enkel apostrof ("\'") blant disse verdiene, skriv en skråstrek foran (eks. \'\\\\xyz\' eller \'a\\\'b\').'; @@ -319,7 +324,7 @@ $strTheTerminator = 'Tegn som angir slutt p $strTotal = 'totalt'; $strType = 'Type'; -$strUncheckAll = 'Fjern avmerking'; +$strUncheckAll = 'Fjern merking'; $strUnique = 'Unik'; $strUnselectAll = 'Fjern alle valgte'; $strUpdatePrivMessage = 'Du har oppdatert privilegiene til %s.'; @@ -344,7 +349,7 @@ $strWrongUser = 'Ugyldig brukernavn/passord. Ingen tilgang.'; $strYes = 'Ja'; -$strZip = '"komprimert (zip)"'; +$strZip = 'Komprimert (zip)'; // To translate $strLinksTo = 'Links to'; //to translate diff --git a/sql.php3 b/sql.php3 index 41a223844..475dc6eae 100755 --- a/sql.php3 +++ b/sql.php3 @@ -12,8 +12,19 @@ require('./libraries/common.lib.php3'); /** * Defines the url to return to in case of error in a sql statement */ +// Security checkings +if (!empty($goto)) { + $is_gotofile = ereg_replace('^([^?]+).*$', '\\1', $goto); + if (!@file_exists('./' . $is_gotofile)) { + unset($goto); + } else { + $is_gotofile = ($is_gotofile == $goto); + } +} // end if (security checkings) + if (empty($goto)) { - $goto = (empty($table)) ? 'db_details.php3' : 'tbl_properties.php3'; + $goto = (empty($table)) ? 'db_details.php3' : 'tbl_properties.php3'; + $is_gotofile = TRUE; } if (!isset($err_url)) { $err_url = $goto @@ -110,7 +121,7 @@ if (isset($btnDrop) && $btnDrop == $strNo) { if (!empty($back)) { $goto = $back; } - if (@file_exists('./' . $goto)) { + if ($is_gotofile) { if ($goto == 'db_details.php3' && !empty($table)) { unset($table); } @@ -319,7 +330,7 @@ else { $message = $strEmptyResultSet; } - if (@file_exists('./' . $goto)) { + if ($is_gotofile) { $goto = ereg_replace('\.\.*', '.', $goto); // Checks for a valid target script if (isset($table) && $table == '') { diff --git a/tbl_replace.php3 b/tbl_replace.php3 index 0eb5db401..e8d494156 100755 --- a/tbl_replace.php3 +++ b/tbl_replace.php3 @@ -16,6 +16,7 @@ require('./libraries/common.lib.php3'); if (isset($sql_query)) { $sql_query = urldecode($sql_query); } +$is_gotofile = FALSE; if (isset($after_insert) && $after_insert == 'new_insert') { $goto = 'tbl_change.php3' . '?lang=' . $lang @@ -39,7 +40,17 @@ if (isset($after_insert) && $after_insert == 'new_insert') { . '&disp_direction=' . $disp_direction . '&repeat_cells=' . $repeat_cells . '&sql_query=' . urlencode($sql_query); +} else if (!empty($goto)) { + // Security checkings + $is_gotofile = ereg_replace('^([^?]+).*$', '\\1', $goto); + if (!@file_exists('./' . $is_gotofile)) { + $goto = (empty($table)) ? 'db_details.php3' : 'tbl_properties.php3'; + $is_gotofile = TRUE; + } else { + $is_gotofile = ($is_gotofile == $goto); + } } + // Defines the url to return in case of failure of the query if (isset($err_url)) { $err_url = urldecode($err_url); @@ -47,11 +58,13 @@ if (isset($err_url)) { $err_url = str_replace('&', '&', $goto) . (empty($primary_key) ? '' : '&primary_key=' . $primary_key); } + // Resets tables defined in the configuration file reset($fields); if (isset($funcs)) { reset($funcs); } + // Misc if (get_magic_quotes_gpc()) { $submit_type = stripslashes($submit_type); @@ -140,7 +153,7 @@ if (isset($primary_key) && ($submit_type != $strInsertAsNewRow)) { // No change -> move back to the calling script else { $message = $strNoModification; - if (@file_exists('./' . $goto)) { + if ($is_gotofile) { $js_to_run = 'functions.js'; include('./header.inc.php3'); include('./' . ereg_replace('\.\.*', '.', $goto)); @@ -240,7 +253,7 @@ if (!$result) { } else { $message = $strModifications; } - if (@file_exists('./' . $goto)) { + if ($is_gotofile) { if ($goto == 'db_details.php3' && !empty($table)) { unset($table); }