splitted common.lib.php into common.inc.php, core.lib.php and common.lib.php

2007-03-20 14:16:18 +00:00
parent 505a4c35e7
commit d0facc3d4f
79 changed files with 3373 additions and 3362 deletions
--- a/browse_foreigners.php
+++ b/browse_foreigners.php
@@ -9,7 +9,7 @@
 /**
 * Gets a core script and starts output buffering work
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 PMA_checkParameters(array('db', 'table', 'field'));

--- a/calendar.php
+++ b/calendar.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');
 require_once('./libraries/header_http.inc.php');
 $page_title = $strCalendar;
 require('./libraries/header_meta_style.inc.php');
--- a/chk_rel.php
+++ b/chk_rel.php
@@ -8,7 +8,7 @@
 /**
 * Gets some core libraries
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');
 require_once('./libraries/db_common.inc.php');
 require_once('./libraries/relation.lib.php');

--- a/db_create.php
+++ b/db_create.php
@@ -8,7 +8,7 @@
 /**
 * Gets some core libraries
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');
 $js_to_run = 'functions.js';
 require_once('./libraries/header.inc.php');
 require_once('./libraries/mysql_charsets.lib.php');
--- a/db_datadict.php
+++ b/db_datadict.php
@@ -8,7 +8,7 @@
 /**
 * Gets the variables sent or posted to this script, then displays headers
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 if (!isset($selected_tbl)) {
    require_once('./libraries/header.inc.php');
--- a/db_export.php
+++ b/db_export.php
@@ -13,7 +13,7 @@
 /**
 * Gets some core libraries
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 $sub_part  = '_export';
 require_once('./libraries/db_common.inc.php');
--- a/db_import.php
+++ b/db_import.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 /**
 * Gets tables informations and displays top links
--- a/db_operations.php
+++ b/db_operations.php
@@ -15,7 +15,7 @@
 /**
 * requirements
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';
 require_once './libraries/Table.class.php';
 require_once './libraries/mysql_charsets.lib.php';

--- a/db_printview.php
+++ b/db_printview.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';

 /**
 * Gets the variables sent or posted to this script, then displays headers
--- a/db_qbe.php
+++ b/db_qbe.php
@@ -9,7 +9,7 @@
 /**
 * requirements
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';
 require_once './libraries/Table.class.php';
 require_once './libraries/relation.lib.php';

--- a/db_search.php
+++ b/db_search.php
@@ -52,7 +52,7 @@
 /**
 *
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';

 /**
 * Gets some core libraries and send headers
--- a/db_sql.php
+++ b/db_sql.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 /**
 * Runs common work
--- a/db_structure.php
+++ b/db_structure.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';
 require_once './libraries/Table.class.php';

 /**
--- a/export.php
+++ b/export.php
@@ -8,7 +8,7 @@
 /**
 * Get the variables sent or posted to this script and a core script
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';
 require_once './libraries/zip.lib.php';
 require_once './libraries/plugin_interface.lib.php';

--- a/import.php
+++ b/import.php
@@ -9,7 +9,7 @@
 /**
 * Get the variables sent or posted to this script and a core script
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');
 $js_to_run = 'functions.js';

 // default values
--- a/index.php
+++ b/index.php
@@ -4,8 +4,6 @@
 * forms frameset
 *
 * @version $Id$
- * @uses    libraries/common.lib.php        global fnctions
- * @uses    libraries/relation.lib.php      table relations
 * @uses    $GLOBALS['strNoFrames']
 * @uses    $GLOBALS['cfg']['QueryHistoryDB']
 * @uses    $GLOBALS['cfg']['Server']['user']
@@ -13,8 +11,8 @@
 * @uses    $GLOBALS['cfg']['DefaultTabDatabase']   as src for the mainframe
 * @uses    $GLOBALS['cfg']['NaviWidth']            for navi frame width
 * @uses    $GLOBALS['collation_connection']    from $_REQUEST (grab_globals.lib.php)
- *                                              or common.lib.php
- * @uses    $GLOBALS['available_languages'] from common.lib.php (select_lang.lib.php)
+ *                                              or common.inc.php
+ * @uses    $GLOBALS['available_languages'] from common.inc.php (select_lang.lib.php)
 * @uses    $GLOBALS['db']
 * @uses    $GLOBALS['charset']
 * @uses    $GLOBALS['lang']
@@ -33,7 +31,7 @@
 /**
 * Gets core libraries and defines some variables
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';

 /**
 * Includes the ThemeManager if it hasn't been included yet
--- a/libraries/Config.class.php
+++ b/libraries/Config.class.php
@@ -420,7 +420,7 @@ class PMA_Config
        // Now, a collation information could come from REQUEST
        // (an example of this: the collation selector in main.php)
        // so the following handles the setting of collation_connection
-        // and later, in common.lib.php, the cookie will be set
+        // and later, in common.inc.php, the cookie will be set
        // according to this.
        $this->checkCollationConnection();

--- a/libraries/check_user_privileges.lib.php
+++ b/libraries/check_user_privileges.lib.php
@@ -2,7 +2,7 @@
 /* vim: set expandtab sw=4 ts=4 sts=4: */
 /**
 * Get user's global privileges and some db-specific privileges
- * ($controllink and $userlink are links to MySQL defined in the "common.lib.php" library)
+ * ($controllink and $userlink are links to MySQL defined in the "common.inc.php" library)
 * Note: if no controluser is defined, $controllink contains $userlink
 *
 * @version $Id$
--- a/libraries/common.inc.php
+++ b/libraries/common.inc.php
@@ -0,0 +1,869 @@
+<?php
+/* vim: set expandtab sw=4 ts=4 sts=4: */
+/**
+ * Misc stuff and REQUIRED by ALL the scripts.
+ * MUST be included by every script
+ *
+ * Among other things, it contains the advanced authentication work.
+ *
+ * Order of sections for common.inc.php:
+ *
+ * the include of libraries/defines_mysql.lib.php must be after the connection
+ * to db to get the MySql version
+ *
+ * the authentication libraries must be before the connection to db
+ *
+ * ... so the required order is:
+ *
+ * LABEL_variables_init
+ *  - init some variables always needed
+ * LABEL_parsing_config_file
+ *  - parsing of the config file
+ * LABEL_loading_language_file
+ *  - loading language file
+ * LABEL_theme_setup
+ *  - setting up themes
+ *
+ * - load of mysql extension (if necessary) label_loading_mysql
+ * - loading of an authentication library label_
+ * - db connection
+ * - authentication work
+ * - load of the libraries/defines_mysql.lib.php library to get the MySQL
+ *   release number
+ *
+ * @version $Id$
+ */
+
+/**
+ * For now, avoid warnings of E_STRICT mode
+ * (this must be done before function definitions)
+ */
+if (defined('E_STRICT')) {
+    $old_error_reporting = error_reporting(0);
+    if ($old_error_reporting & E_STRICT) {
+        error_reporting($old_error_reporting ^ E_STRICT);
+    } else {
+        error_reporting($old_error_reporting);
+    }
+    unset($old_error_reporting);
+}
+
+/**
+ * Avoid object cloning errors
+ */
+@ini_set('zend.ze1_compatibility_mode', false);
+
+/**
+ * Avoid problems with magic_quotes_runtime
+ */
+@ini_set('magic_quotes_runtime', false);
+
+/**
+ * core functions
+ */
+require_once './libraries/core.lib.php';
+
+/**
+ * Input sanitizing
+ */
+require_once './libraries/sanitizing.lib.php';
+
+/**
+ * the PMA_Theme class
+ */
+require_once './libraries/Theme.class.php';
+
+/**
+ * the PMA_Theme_Manager class
+ */
+require_once './libraries/Theme_Manager.class.php';
+
+/**
+ * the PMA_Config class
+ */
+require_once './libraries/Config.class.php';
+
+/**
+ * the PMA_Table class
+ */
+require_once './libraries/Table.class.php';
+
+if (!defined('PMA_MINIMUM_COMMON')) {
+    /**
+     * common functions
+     */
+    require_once './libraries/common.lib.php';
+
+    /**
+     * Java script escaping.
+     */
+    require_once './libraries/js_escape.lib.php';
+
+    /**
+     * Include URL/hidden inputs generating.
+     */
+    require_once './libraries/url_generating.lib.php';
+}
+
+/******************************************************************************/
+/* start procedural code                       label_start_procedural         */
+
+/**
+ * protect against older PHP versions' bug about GLOBALS overwrite
+ * (no need to localize this message :))
+ * but what if script.php?GLOBALS[admin]=1&GLOBALS[_REQUEST]=1 ???
+ */
+if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])
+  || isset($_SERVER['GLOBALS']) || isset($_COOKIE['GLOBALS'])
+  || isset($_ENV['GLOBALS'])) {
+    die('GLOBALS overwrite attempt');
+}
+
+/**
+ * protect against possible exploits - there is no need to have so much vars
+ */
+if (count($_REQUEST) > 1000) {
+    die('possible exploit');
+}
+
+/**
+ * Check for numeric keys
+ * (if register_globals is on, numeric key can be found in $GLOBALS)
+ */
+foreach ($GLOBALS as $key => $dummy) {
+    if (is_numeric($key)) {
+        die('numeric key detected');
+    }
+}
+
+/**
+ * just to be sure there was no import (registering) before here
+ * we empty the global space
+ */
+$variables_whitelist = array (
+    'GLOBALS',
+    '_SERVER',
+    '_GET',
+    '_POST',
+    '_REQUEST',
+    '_FILES',
+    '_ENV',
+    '_COOKIE',
+    '_SESSION',
+);
+
+foreach (get_defined_vars() as $key => $value) {
+    if (! in_array($key, $variables_whitelist)) {
+        unset($$key);
+    }
+}
+unset($key, $value, $variables_whitelist);
+
+
+/**
+ * Subforms - some functions need to be called by form, cause of the limited url
+ * length, but if this functions inside another form you cannot just open a new
+ * form - so phpMyAdmin uses 'arrays' inside this form
+ *
+ * <code>
+ * <form ...>
+ * ... main form elments ...
+ * <intput type="hidden" name="subform[action1][id]" value="1" />
+ * ... other subform data ...
+ * <intput type="submit" name="usesubform[action1]" value="do action1" />
+ * ... other subforms ...
+ * <intput type="hidden" name="subform[actionX][id]" value="X" />
+ * ... other subform data ...
+ * <intput type="submit" name="usesubform[actionX]" value="do actionX" />
+ * ... main form elments ...
+ * <intput type="submit" name="main_action" value="submit form" />
+ * </form>
+ * </code
+ *
+ * so we now check if a subform is submitted
+ */
+$__redirect = null;
+if (isset($_POST['usesubform'])) {
+    // if a subform is present and should be used
+    // the rest of the form is deprecated
+    $subform_id = key($_POST['usesubform']);
+    $subform    = $_POST['subform'][$subform_id];
+    $_POST      = $subform;
+    $_REQUEST   = $subform;
+    /**
+     * some subforms need another page than the main form, so we will just
+     * include this page at the end of this script - we use $__redirect to
+     * track this
+     */
+    if (isset($_POST['redirect'])
+      && $_POST['redirect'] != basename(PMA_getenv('PHP_SELF'))) {
+        $__redirect = $_POST['redirect'];
+        unset($_POST['redirect']);
+    }
+    unset($subform_id, $subform);
+}
+// end check if a subform is submitted
+
+// remove quotes added by php
+if (get_magic_quotes_gpc()) {
+    PMA_arrayWalkRecursive($_GET, 'stripslashes', true);
+    PMA_arrayWalkRecursive($_POST, 'stripslashes', true);
+    PMA_arrayWalkRecursive($_COOKIE, 'stripslashes', true);
+    PMA_arrayWalkRecursive($_REQUEST, 'stripslashes', true);
+}
+
+/**
+ * clean cookies on new install or upgrade
+ * when changing something with increment the cookie version
+ */
+$pma_cookie_version = 4;
+if (isset($_COOKIE)
+ && (! isset($_COOKIE['pmaCookieVer'])
+  || $_COOKIE['pmaCookieVer'] < $pma_cookie_version)) {
+    // delete all cookies
+    foreach($_COOKIE as $cookie_name => $tmp) {
+        PMA_removeCookie($cookie_name);
+    }
+    $_COOKIE = array();
+    PMA_setCookie('pmaCookieVer', $pma_cookie_version);
+}
+
+/**
+ * include deprecated grab_globals only if required
+ */
+if (empty($__redirect) && !defined('PMA_NO_VARIABLES_IMPORT')) {
+    require './libraries/grab_globals.lib.php';
+}
+
+/**
+ * include session handling after the globals, to prevent overwriting
+ */
+require_once './libraries/session.inc.php';
+
+/**
+ * init some variables LABEL_variables_init
+ */
+
+/**
+ * holds errors
+ * @global array $GLOBALS['PMA_errors']
+ */
+$GLOBALS['PMA_errors'] = array();
+
+/**
+ * holds params to be passed to next page
+ * @global array $GLOBALS['url_params']
+ */
+$GLOBALS['url_params'] = array();
+
+/**
+ * the whitelist for $GLOBALS['goto']
+ * @global array $goto_whitelist
+ */
+$goto_whitelist = array(
+    //'browse_foreigners.php',
+    //'calendar.php',
+    //'changelog.php',
+    //'chk_rel.php',
+    'db_create.php',
+    'db_datadict.php',
+    'db_sql.php',
+    'db_export.php',
+    'db_importdocsql.php',
+    'db_qbe.php',
+    'db_structure.php',
+    'db_import.php',
+    'db_operations.php',
+    'db_printview.php',
+    'db_search.php',
+    //'Documentation.html',
+    //'error.php',
+    'export.php',
+    'import.php',
+    //'index.php',
+    //'navigation.php',
+    //'license.php',
+    'main.php',
+    'pdf_pages.php',
+    'pdf_schema.php',
+    //'phpinfo.php',
+    'querywindow.php',
+    //'readme.php',
+    'server_binlog.php',
+    'server_collations.php',
+    'server_databases.php',
+    'server_engines.php',
+    'server_export.php',
+    'server_import.php',
+    'server_privileges.php',
+    'server_processlist.php',
+    'server_sql.php',
+    'server_status.php',
+    'server_variables.php',
+    'sql.php',
+    'tbl_addfield.php',
+    'tbl_alter.php',
+    'tbl_change.php',
+    'tbl_create.php',
+    'tbl_import.php',
+    'tbl_indexes.php',
+    'tbl_move_copy.php',
+    'tbl_printview.php',
+    'tbl_sql.php',
+    'tbl_export.php',
+    'tbl_operations.php',
+    'tbl_structure.php',
+    'tbl_relation.php',
+    'tbl_replace.php',
+    'tbl_row_action.php',
+    'tbl_select.php',
+    //'themes.php',
+    'transformation_overview.php',
+    'transformation_wrapper.php',
+    'translators.html',
+    'user_password.php',
+);
+
+/**
+ * check $__redirect against whitelist
+ */
+if (! PMA_checkPageValidity($__redirect, $goto_whitelist)) {
+    $__redirect = null;
+}
+
+/**
+ * holds page that should be displayed
+ * @global string $GLOBALS['goto']
+ */
+$GLOBALS['goto'] = '';
+// Security fix: disallow accessing serious server files via "?goto="
+if (PMA_checkPageValidity($_REQUEST['goto'], $goto_whitelist)) {
+    $GLOBALS['goto'] = $_REQUEST['goto'];
+    $GLOBALS['url_params']['goto'] = $_REQUEST['goto'];
+} else {
+    unset($_REQUEST['goto'], $_GET['goto'], $_POST['goto'], $_COOKIE['goto']);
+}
+
+/**
+ * returning page
+ * @global string $GLOBALS['back']
+ */
+if (PMA_checkPageValidity($_REQUEST['back'], $goto_whitelist)) {
+    $GLOBALS['back'] = $_REQUEST['back'];
+} else {
+    unset($_REQUEST['back'], $_GET['back'], $_POST['back'], $_COOKIE['back']);
+}
+
+/**
+ * Check whether user supplied token is valid, if not remove any possibly
+ * dangerous stuff from request.
+ *
+ * remember that some objects in the session with session_start and __wakeup()
+ * could access this variables before we reach this point
+ * f.e. PMA_Config: fontsize
+ *
+ * @todo variables should be handled by their respective owners (objects)
+ * f.e. lang, server, convcharset, collation_connection in PMA_Config
+ */
+if ((isset($_REQUEST['token']) && !is_string($_REQUEST['token'])) || empty($_REQUEST['token']) || $_SESSION[' PMA_token '] != $_REQUEST['token']) {
+    /**
+     *  List of parameters which are allowed from unsafe source
+     */
+    $allow_list = array(
+        'db', 'table', 'lang', 'server', 'convcharset', 'collation_connection', 'target',
+        /* Session ID */
+        'phpMyAdmin',
+        /* Cookie preferences */
+        'pma_lang', 'pma_charset', 'pma_collation_connection',
+        /* Possible login form */
+        'pma_servername', 'pma_username', 'pma_password',
+    );
+    /**
+     * Require cleanup functions
+     */
+    require_once('./libraries/cleanup.lib.php');
+    /**
+     * Do actual cleanup
+     */
+    PMA_remove_request_vars($allow_list);
+
+}
+
+
+/**
+ * @global string $convcharset
+ * @see select_lang.lib.php
+ */
+if (isset($_REQUEST['convcharset'])) {
+    $convcharset = strip_tags($_REQUEST['convcharset']);
+}
+
+/**
+ * current selected database
+ * @global string $GLOBALS['db']
+ */
+$GLOBALS['db'] = '';
+if (isset($_REQUEST['db']) && is_string($_REQUEST['db'])) {
+    // can we strip tags from this?
+    // only \ and / is not allowed in db names for MySQL
+    $GLOBALS['db'] = $_REQUEST['db'];
+    $GLOBALS['url_params']['db'] = $GLOBALS['db'];
+}
+
+/**
+ * current selected table
+ * @global string $GLOBALS['table']
+ */
+$GLOBALS['table'] = '';
+if (isset($_REQUEST['table']) && is_string($_REQUEST['table'])) {
+    // can we strip tags from this?
+    // only \ and / is not allowed in table names for MySQL
+    $GLOBALS['table'] = $_REQUEST['table'];
+    $GLOBALS['url_params']['table'] = $GLOBALS['table'];
+}
+
+/**
+ * sql query to be executed
+ * @global string $GLOBALS['sql_query']
+ */
+if (isset($_REQUEST['sql_query']) && is_string($_REQUEST['sql_query'])) {
+    $GLOBALS['sql_query'] = $_REQUEST['sql_query'];
+}
+
+//$_REQUEST['set_theme'] // checked later in this file LABEL_theme_setup
+//$_REQUEST['server']; // checked later in this file
+//$_REQUEST['lang'];   // checked by LABEL_loading_language_file
+
+
+
+/******************************************************************************/
+/* parsing config file                         LABEL_parsing_config_file      */
+
+if (empty($_SESSION['PMA_Config'])) {
+    /**
+     * We really need this one!
+     */
+    if (! function_exists('preg_replace')) {
+        PMA_fatalError('strCantLoad', 'pcre');
+    }
+
+    /**
+     * @global PMA_Config $_SESSION['PMA_Config']
+     */
+    $_SESSION['PMA_Config'] = new PMA_Config('./config.inc.php');
+
+} elseif (version_compare(phpversion(), '5', 'lt')) {
+    /**
+     * @todo move all __wakeup() functionality into session.inc.php
+     */
+    $_SESSION['PMA_Config']->__wakeup();
+}
+
+if (!defined('PMA_MINIMUM_COMMON')) {
+    $_SESSION['PMA_Config']->checkPmaAbsoluteUri();
+}
+
+/**
+ * BC - enable backward compatibility
+ * exports all config settings into $GLOBALS ($GLOBALS['cfg'])
+ */
+$_SESSION['PMA_Config']->enableBc();
+
+
+/**
+ * check https connection
+ */
+if ($_SESSION['PMA_Config']->get('ForceSSL')
+  && !$_SESSION['PMA_Config']->get('is_https')) {
+    PMA_sendHeaderLocation(
+        preg_replace('/^http/', 'https',
+            $_SESSION['PMA_Config']->get('PmaAbsoluteUri'))
+        . PMA_generate_common_url($_GET));
+    exit;
+}
+
+
+/******************************************************************************/
+/* loading language file                       LABEL_loading_language_file    */
+
+/**
+ * Added messages while developing:
+ */
+if (file_exists('./lang/added_messages.php')) {
+    include './lang/added_messages.php';
+}
+
+/**
+ * Includes the language file if it hasn't been included yet
+ */
+require './libraries/language.lib.php';
+
+
+/**
+ * check for errors occured while loading config
+ * this check is done here after loading lang files to present errors in locale
+ */
+if ($_SESSION['PMA_Config']->error_config_file) {
+    $GLOBALS['PMA_errors'][] = $strConfigFileError
+        . '<br /><br />'
+        . ($_SESSION['PMA_Config']->getSource() == './config.inc.php' ?
+        '<a href="show_config_errors.php"'
+        .' target="_blank">' . $_SESSION['PMA_Config']->getSource() . '</a>'
+        :
+        '<a href="' . $_SESSION['PMA_Config']->getSource() . '"'
+        .' target="_blank">' . $_SESSION['PMA_Config']->getSource() . '</a>');
+}
+if ($_SESSION['PMA_Config']->error_config_default_file) {
+    $GLOBALS['PMA_errors'][] = sprintf($strConfigDefaultFileError,
+        $_SESSION['PMA_Config']->default_source);
+}
+if ($_SESSION['PMA_Config']->error_pma_uri) {
+    $GLOBALS['PMA_errors'][] = sprintf($strPmaUriError);
+}
+
+/**
+ * current server
+ * @global integer $GLOBALS['server']
+ */
+$GLOBALS['server'] = 0;
+
+/**
+ * Servers array fixups.
+ * $default_server comes from PMA_Config::enableBc()
+ * @todo merge into PMA_Config
+ */
+// Do we have some server?
+if (!isset($cfg['Servers']) || count($cfg['Servers']) == 0) {
+    // No server => create one with defaults
+    $cfg['Servers'] = array(1 => $default_server);
+} else {
+    // We have server(s) => apply default config
+    $new_servers = array();
+
+    foreach ($cfg['Servers'] as $server_index => $each_server) {
+
+        // Detect wrong configuration
+        if (!is_int($server_index) || $server_index < 1) {
+            $GLOBALS['PMA_errors'][] = sprintf($strInvalidServerIndex, $server_index);
+        }
+
+        $each_server = array_merge($default_server, $each_server);
+
+        // Don't use servers with no hostname
+        if ($each_server['connect_type'] == 'tcp' && empty($each_server['host'])) {
+            $GLOBALS['PMA_errors'][] = sprintf($strInvalidServerHostname, $server_index);
+        }
+
+        // Final solution to bug #582890
+        // If we are using a socket connection
+        // and there is nothing in the verbose server name
+        // or the host field, then generate a name for the server
+        // in the form of "Server 2", localized of course!
+        if ($each_server['connect_type'] == 'socket' && empty($each_server['host']) && empty($each_server['verbose'])) {
+            $each_server['verbose'] = $GLOBALS['strServer'] . $server_index;
+        }
+
+        $new_servers[$server_index] = $each_server;
+    }
+    $cfg['Servers'] = $new_servers;
+    unset($new_servers, $server_index, $each_server);
+}
+
+// Cleanup
+unset($default_server);
+
+
+/******************************************************************************/
+/* setup themes                                          LABEL_theme_setup    */
+
+/**
+ * @global PMA_Theme_Manager $_SESSION['PMA_Theme_Manager']
+ */
+if (! isset($_SESSION['PMA_Theme_Manager'])) {
+    $_SESSION['PMA_Theme_Manager'] = new PMA_Theme_Manager;
+} else {
+    /**
+     * @todo move all __wakeup() functionality into session.inc.php
+     */
+    $_SESSION['PMA_Theme_Manager']->checkConfig();
+}
+
+// for the theme per server feature
+if (isset($_REQUEST['server']) && !isset($_REQUEST['set_theme'])) {
+    $GLOBALS['server'] = $_REQUEST['server'];
+    $tmp = $_SESSION['PMA_Theme_Manager']->getThemeCookie();
+    if (empty($tmp)) {
+        $tmp = $_SESSION['PMA_Theme_Manager']->theme_default;
+    }
+    $_SESSION['PMA_Theme_Manager']->setActiveTheme($tmp);
+    unset($tmp);
+}
+/**
+ * @todo move into PMA_Theme_Manager::__wakeup()
+ */
+if (isset($_REQUEST['set_theme'])) {
+    // if user selected a theme
+    $_SESSION['PMA_Theme_Manager']->setActiveTheme($_REQUEST['set_theme']);
+}
+
+/**
+ * the theme object
+ * @global PMA_Theme $_SESSION['PMA_Theme']
+ */
+$_SESSION['PMA_Theme'] = $_SESSION['PMA_Theme_Manager']->theme;
+
+// BC
+/**
+ * the active theme
+ * @global string $GLOBALS['theme']
+ */
+$GLOBALS['theme']           = $_SESSION['PMA_Theme']->getName();
+/**
+ * the theme path
+ * @global string $GLOBALS['pmaThemePath']
+ */
+$GLOBALS['pmaThemePath']    = $_SESSION['PMA_Theme']->getPath();
+/**
+ * the theme image path
+ * @global string $GLOBALS['pmaThemeImage']
+ */
+$GLOBALS['pmaThemeImage']   = $_SESSION['PMA_Theme']->getImgPath();
+
+/**
+ * load layout file if exists
+ */
+if (@file_exists($_SESSION['PMA_Theme']->getLayoutFile())) {
+    include $_SESSION['PMA_Theme']->getLayoutFile();
+    /**
+     * @todo remove if all themes are update use Navi instead of Left as frame name
+     */
+    if (! isset($GLOBALS['cfg']['NaviWidth'])
+     && isset($GLOBALS['cfg']['LeftWidth'])) {
+        $GLOBALS['cfg']['NaviWidth'] = $GLOBALS['cfg']['LeftWidth'];
+    }
+}
+
+if (! defined('PMA_MINIMUM_COMMON')) {
+    /**
+     * Charset conversion.
+     */
+    require_once './libraries/charset_conversion.lib.php';
+
+    /**
+     * String handling
+     */
+    require_once './libraries/string.lib.php';
+
+    /**
+     * Lookup server by name
+     * by Arnold - Helder Hosting
+     * (see FAQ 4.8)
+     */
+    if (! empty($_REQUEST['server']) && is_string($_REQUEST['server']) && ! ctype_digit($_REQUEST['server'])) {
+        foreach ($cfg['Servers'] as $i => $server) {
+            if ($server['host'] == $_REQUEST['server']) {
+                $_REQUEST['server'] = $i;
+                break;
+            }
+        }
+        if (is_string($_REQUEST['server'])) {
+            unset($_REQUEST['server']);
+        }
+        unset($i);
+    }
+
+    /**
+     * If no server is selected, make sure that $cfg['Server'] is empty (so
+     * that nothing will work), and skip server authentication.
+     * We do NOT exit here, but continue on without logging into any server.
+     * This way, the welcome page will still come up (with no server info) and
+     * present a choice of servers in the case that there are multiple servers
+     * and '$cfg['ServerDefault'] = 0' is set.
+     */
+
+    if (isset($_REQUEST['server']) && (is_string($_REQUEST['server']) || is_numeric($_REQUEST['server'])) && ! empty($_REQUEST['server']) && ! empty($cfg['Servers'][$_REQUEST['server']])) {
+        $GLOBALS['server'] = $_REQUEST['server'];
+        $cfg['Server'] = $cfg['Servers'][$GLOBALS['server']];
+    } else {
+        if (!empty($cfg['Servers'][$cfg['ServerDefault']])) {
+            $GLOBALS['server'] = $cfg['ServerDefault'];
+            $cfg['Server'] = $cfg['Servers'][$GLOBALS['server']];
+        } else {
+            $GLOBALS['server'] = 0;
+            $cfg['Server'] = array();
+        }
+    }
+    $GLOBALS['url_params']['server'] = $GLOBALS['server'];
+
+    if (! empty($cfg['Server'])) {
+
+        /**
+         * Loads the proper database interface for this server
+         */
+        require_once './libraries/database_interface.lib.php';
+
+        // Gets the authentication library that fits the $cfg['Server'] settings
+        // and run authentication
+
+        // (for a quick check of path disclosure in auth/cookies:)
+        $coming_from_common = true;
+
+        // to allow HTTP or http
+        $cfg['Server']['auth_type'] = strtolower($cfg['Server']['auth_type']);
+        if (! file_exists('./libraries/auth/' . $cfg['Server']['auth_type'] . '.auth.lib.php')) {
+            PMA_fatalError($strInvalidAuthMethod . ' ' . $cfg['Server']['auth_type']);
+        }
+        /**
+         * the required auth type plugin
+         */
+        require_once './libraries/auth/' . $cfg['Server']['auth_type'] . '.auth.lib.php';
+
+        if (!PMA_auth_check()) {
+            PMA_auth();
+        } else {
+            PMA_auth_set_user();
+        }
+
+        // Check IP-based Allow/Deny rules as soon as possible to reject the
+        // user
+        // Based on mod_access in Apache:
+        // http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/aaa/mod_access.c?rev=1.37&content-type=text/vnd.viewcvs-markup
+        // Look at: "static int check_dir_access(request_rec *r)"
+        // Robbat2 - May 10, 2002
+        if (isset($cfg['Server']['AllowDeny'])
+          && isset($cfg['Server']['AllowDeny']['order'])) {
+
+            /**
+             * ip based access library
+             */
+            require_once './libraries/ip_allow_deny.lib.php';
+
+            $allowDeny_forbidden         = false; // default
+            if ($cfg['Server']['AllowDeny']['order'] == 'allow,deny') {
+                $allowDeny_forbidden     = true;
+                if (PMA_allowDeny('allow')) {
+                    $allowDeny_forbidden = false;
+                }
+                if (PMA_allowDeny('deny')) {
+                    $allowDeny_forbidden = true;
+                }
+            } elseif ($cfg['Server']['AllowDeny']['order'] == 'deny,allow') {
+                if (PMA_allowDeny('deny')) {
+                    $allowDeny_forbidden = true;
+                }
+                if (PMA_allowDeny('allow')) {
+                    $allowDeny_forbidden = false;
+                }
+            } elseif ($cfg['Server']['AllowDeny']['order'] == 'explicit') {
+                if (PMA_allowDeny('allow')
+                  && !PMA_allowDeny('deny')) {
+                    $allowDeny_forbidden = false;
+                } else {
+                    $allowDeny_forbidden = true;
+                }
+            } // end if ... elseif ... elseif
+
+            // Ejects the user if banished
+            if ($allowDeny_forbidden) {
+               PMA_auth_fails();
+            }
+            unset($allowDeny_forbidden); //Clean up after you!
+        } // end if
+
+        // is root allowed?
+        if (!$cfg['Server']['AllowRoot'] && $cfg['Server']['user'] == 'root') {
+            $allowDeny_forbidden = true;
+            PMA_auth_fails();
+            unset($allowDeny_forbidden); //Clean up after you!
+        }
+
+        $bkp_track_err = @ini_set('track_errors', 1);
+
+        // Try to connect MySQL with the control user profile (will be used to
+        // get the privileges list for the current user but the true user link
+        // must be open after this one so it would be default one for all the
+        // scripts)
+        $controllink = false;
+        if ($cfg['Server']['controluser'] != '') {
+            $controllink = PMA_DBI_connect($cfg['Server']['controluser'],
+                $cfg['Server']['controlpass'], true);
+        }
+        if (! $controllink) {
+            $controllink = PMA_DBI_connect($cfg['Server']['user'],
+                $cfg['Server']['password'], true);
+        } // end if ... else
+
+        // Pass #1 of DB-Config to read in master level DB-Config will go here
+        // Robbat2 - May 11, 2002
+
+        // Connects to the server (validates user's login)
+        $userlink = PMA_DBI_connect($cfg['Server']['user'],
+            $cfg['Server']['password'], false);
+
+        // Pass #2 of DB-Config to read in user level DB-Config will go here
+        // Robbat2 - May 11, 2002
+
+        @ini_set('track_errors', $bkp_track_err);
+        unset($bkp_track_err);
+
+        /**
+         * If we auto switched to utf-8 we need to reread messages here
+         */
+        if (defined('PMA_LANG_RELOAD')) {
+            require './libraries/language.lib.php';
+        }
+
+        /**
+         * SQL Parser code
+         */
+        require_once './libraries/sqlparser.lib.php';
+
+        /**
+         * SQL Validator interface code
+         */
+        require_once './libraries/sqlvalidator.lib.php';
+
+        /**
+         * the PMA_List_Database class
+         */
+        require_once './libraries/PMA_List_Database.class.php';
+        $PMA_List_Database = new PMA_List_Database($userlink, $controllink);
+
+    } // end server connecting
+
+    /**
+     * Kanji encoding convert feature appended by Y.Kawada (2002/2/20)
+     */
+    if (@function_exists('mb_convert_encoding')
+        && strpos(' ' . $lang, 'ja-')
+        && file_exists('./libraries/kanji-encoding.lib.php')) {
+        require_once './libraries/kanji-encoding.lib.php';
+        /**
+         * enable multibyte string support
+         */
+        define('PMA_MULTIBYTE_ENCODING', 1);
+    } // end if
+
+    /**
+     * save some settings in cookies
+     * @todo should be done in PMA_Config
+     */
+    PMA_setCookie('pma_lang', $GLOBALS['lang']);
+    PMA_setCookie('pma_charset', $GLOBALS['convcharset']);
+    PMA_setCookie('pma_collation_connection', $GLOBALS['collation_connection']);
+
+    $_SESSION['PMA_Theme_Manager']->setThemeCookie();
+} // end if !defined('PMA_MINIMUM_COMMON')
+
+if (!empty($__redirect) && in_array($__redirect, $goto_whitelist)) {
+    // to handle bug #1388167
+    if (isset($_GET['is_js_confirmed'])) {
+        $is_js_confirmed = 1;
+    }
+    /**
+     * include subform target page
+     */
+    require $__redirect;
+    exit();
+}
+?>
--- a/libraries/common.lib.php
+++ b/libraries/common.lib.php
--- a/libraries/core.lib.php
+++ b/libraries/core.lib.php
@@ -0,0 +1,449 @@
+<?php
+/* vim: set expandtab sw=4 ts=4 sts=4: */
+/**
+ * Core functions used all over the scripts.
+ *
+ * @version $Id$
+ */
+
+/**
+ * Removes insecure parts in a path; used before include() or
+ * require() when a part of the path comes from an insecure source
+ * like a cookie or form.
+ *
+ * @param    string  The path to check
+ *
+ * @return   string  The secured path
+ *
+ * @access  public
+ * @author  Marc Delisle (lem9@users.sourceforge.net)
+ */
+function PMA_securePath($path)
+{
+    // change .. to .
+    $path = preg_replace('@\.\.*@', '.', $path);
+
+    return $path;
+} // end function
+
+/**
+ * displays the given error message on phpMyAdmin error page in foreign language,
+ * ends script execution and closes session
+ *
+ * @todo    use detected argument separator (PMA_Config)
+ * @uses    $GLOBALS['session_name']
+ * @uses    $GLOBALS['text_dir']
+ * @uses    $GLOBALS['strError']
+ * @uses    $GLOBALS['available_languages']
+ * @uses    $GLOBALS['lang']
+ * @uses    PMA_removeCookie()
+ * @uses    select_lang.lib.php
+ * @uses    $_COOKIE
+ * @uses    substr()
+ * @uses    header()
+ * @uses    urlencode()
+ * @param string    $error_message the error message or named error message
+ */
+function PMA_fatalError($error_message, $message_args = null)
+{
+    if (! isset($GLOBALS['available_languages'])) {
+        $GLOBALS['cfg'] = array('DefaultLang'           => 'en-iso-8859-1',
+                     'AllowAnywhereRecoding' => false);
+        // Loads the language file
+        require_once './libraries/select_lang.lib.php';
+        if (isset($strError)) {
+            $GLOBALS['strError'] = $strError;
+        }
+        if (isset($text_dir)) {
+            $GLOBALS['text_dir'] = $text_dir;
+        }
+    }
+
+    if (substr($error_message, 0, 3) === 'str') {
+        if (isset($$error_message)) {
+            $error_message = $$error_message;
+        } elseif (isset($GLOBALS[$error_message])) {
+            $error_message = $GLOBALS[$error_message];
+        }
+    }
+
+    if (is_string($message_args)) {
+        $error_message = sprintf($error_message, $message_args);
+    } elseif (is_array($message_args)) {
+        $error_message = vsprintf($error_message, $message_args);
+    }
+    $error_message = strtr($error_message, array('<br />' => '[br]'));
+
+    // Displays the error message
+    // (do not use &amp; for parameters sent by header)
+    header('Location: error.php'
+            . '?lang='  . urlencode($GLOBALS['available_languages'][$GLOBALS['lang']][2])
+            . '&dir='   . urlencode($GLOBALS['text_dir'])
+            . '&type='  . urlencode($GLOBALS['strError'])
+            . '&error=' . urlencode($error_message));
+
+    // on fatal errors it cannot hurt to always delete the current session
+    if (isset($GLOBALS['session_name']) && isset($_COOKIE[$GLOBALS['session_name']])) {
+        PMA_removeCookie($GLOBALS['session_name']);
+    }
+
+    exit;
+}
+
+/**
+ * returns count of tables in given db
+ *
+ * @uses    PMA_DBI_try_query()
+ * @uses    PMA_backquote()
+ * @uses    PMA_DBI_QUERY_STORE()
+ * @uses    PMA_DBI_num_rows()
+ * @uses    PMA_DBI_free_result()
+ * @param   string  $db database to count tables for
+ * @return  integer count of tables in $db
+ */
+function PMA_getTableCount($db)
+{
+    $tables = PMA_DBI_try_query(
+        'SHOW TABLES FROM ' . PMA_backquote($db) . ';',
+        null, PMA_DBI_QUERY_STORE);
+    if ($tables) {
+        $num_tables = PMA_DBI_num_rows($tables);
+        PMA_DBI_free_result($tables);
+    } else {
+        $num_tables = 0;
+    }
+
+    return $num_tables;
+}
+
+/**
+ * Converts numbers like 10M into bytes
+ * Used with permission from Moodle (http://moodle.org) by Martin Dougiamas
+ * (renamed with PMA prefix to avoid double definition when embedded
+ * in Moodle)
+ *
+ * @uses    each()
+ * @uses    strlen()
+ * @uses    substr()
+ * @param   string  $size
+ * @return  integer $size
+ */
+function PMA_get_real_size($size = 0)
+{
+    if (! $size) {
+        return 0;
+    }
+
+    $scan['gb'] = 1073741824; //1024 * 1024 * 1024;
+    $scan['g']  = 1073741824; //1024 * 1024 * 1024;
+    $scan['mb'] = 1048576;
+    $scan['m']  = 1048576;
+    $scan['kb'] =    1024;
+    $scan['k']  =    1024;
+    $scan['b']  =       1;
+
+    foreach ($scan as $unit => $factor) {
+        if (strlen($size) > strlen($unit)
+         && strtolower(substr($size, strlen($size) - strlen($unit))) == $unit) {
+            return substr($size, 0, strlen($size) - strlen($unit)) * $factor;
+        }
+    }
+
+    return $size;
+} // end function PMA_get_real_size()
+
+/**
+ * loads php module
+ *
+ * @uses    PHP_OS
+ * @uses    extension_loaded()
+ * @uses    ini_get()
+ * @uses    function_exists()
+ * @uses    ob_start()
+ * @uses    phpinfo()
+ * @uses    strip_tags()
+ * @uses    ob_get_contents()
+ * @uses    ob_end_clean()
+ * @uses    preg_match()
+ * @uses    strtoupper()
+ * @uses    substr()
+ * @uses    dl()
+ * @param   string  $module name if module to load
+ * @return  boolean success loading module
+ */
+function PMA_dl($module)
+{
+    static $dl_allowed = null;
+
+    if (extension_loaded($module)) {
+        return true;
+    }
+
+    if (null === $dl_allowed) {
+        if (!@ini_get('safe_mode')
+          && @ini_get('enable_dl')
+          && @function_exists('dl')) {
+            ob_start();
+            phpinfo(INFO_GENERAL); /* Only general info */
+            $a = strip_tags(ob_get_contents());
+            ob_end_clean();
+            if (preg_match('@Thread Safety[[:space:]]*enabled@', $a)) {
+                if (preg_match('@Server API[[:space:]]*\(CGI\|CLI\)@', $a)) {
+                    $dl_allowed = true;
+                } else {
+                    $dl_allowed = false;
+                }
+            } else {
+                $dl_allowed = true;
+            }
+        } else {
+            $dl_allowed = false;
+        }
+    }
+
+    if (!$dl_allowed) {
+        return false;
+    }
+
+    /* Once we require PHP >= 4.3, we might use PHP_SHLIB_SUFFIX here */
+    if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
+        $module_file = 'php_' . $module . '.dll';
+    } elseif (PHP_OS=='HP-UX') {
+        $module_file = $module . '.sl';
+    } else {
+        $module_file = $module . '.so';
+    }
+
+    return @dl($module_file);
+}
+
+/**
+ * merges array recursive like array_merge_recursive() but keyed-values are
+ * always overwritten.
+ *
+ * array PMA_array_merge_recursive(array $array1[, array $array2[, array ...]])
+ *
+ * @see     http://php.net/array_merge
+ * @see     http://php.net/array_merge_recursive
+ * @uses    func_num_args()
+ * @uses    func_get_arg()
+ * @uses    is_array()
+ * @uses    call_user_func_array()
+ * @param   array   array to merge
+ * @param   array   array to merge
+ * @param   array   ...
+ * @return  array   merged array
+ */
+function PMA_array_merge_recursive()
+{
+    switch(func_num_args()) {
+        case 0 :
+            return false;
+            break;
+        case 1 :
+            // when does that happen?
+            return func_get_arg(0);
+            break;
+        case 2 :
+            $args = func_get_args();
+            if (!is_array($args[0]) || !is_array($args[1])) {
+                return $args[1];
+            }
+            foreach ($args[1] as $key2 => $value2) {
+                if (isset($args[0][$key2]) && !is_int($key2)) {
+                    $args[0][$key2] = PMA_array_merge_recursive($args[0][$key2],
+                        $value2);
+                } else {
+                    // we erase the parent array, otherwise we cannot override a directive that
+                    // contains array elements, like this:
+                    // (in config.default.php) $cfg['ForeignKeyDropdownOrder'] = array('id-content','content-id');
+                    // (in config.inc.php) $cfg['ForeignKeyDropdownOrder'] = array('content-id');
+                    if (is_int($key2) && $key2 == 0) {
+                        unset($args[0]);
+                    }
+                    $args[0][$key2] = $value2;
+                }
+            }
+            return $args[0];
+            break;
+        default :
+            $args = func_get_args();
+            $args[1] = PMA_array_merge_recursive($args[0], $args[1]);
+            array_shift($args);
+            return call_user_func_array('PMA_array_merge_recursive', $args);
+            break;
+    }
+}
+
+/**
+ * calls $function vor every element in $array recursively
+ *
+ * this function is protected against deep recursion attack CVE-2006-1549,
+ * 1000 seems to be more than enough
+ *
+ * @see http://www.php-security.org/MOPB/MOPB-02-2007.html
+ * @see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1549
+ *
+ * @uses    PMA_arrayWalkRecursive()
+ * @uses    is_array()
+ * @uses    is_string()
+ * @param   array   $array      array to walk
+ * @param   string  $function   function to call for every array element
+ */
+function PMA_arrayWalkRecursive(&$array, $function, $apply_to_keys_also = false)
+{
+    static $recursive_counter = 0;
+    if (++$recursive_counter > 1000) {
+        die('possible deep recursion attack');
+    }
+    foreach ($array as $key => $value) {
+        if (is_array($value)) {
+            PMA_arrayWalkRecursive($array[$key], $function, $apply_to_keys_also);
+        } else {
+            $array[$key] = $function($value);
+        }
+
+        if ($apply_to_keys_also && is_string($key)) {
+            $new_key = $function($key);
+            if ($new_key != $key) {
+                $array[$new_key] = $array[$key];
+                unset($array[$key]);
+            }
+        }
+    }
+    $recursive_counter++;
+}
+
+/**
+ * boolean phpMyAdmin.PMA_checkPageValidity(string &$page, array $whitelist)
+ *
+ * checks given given $page against given $whitelist and returns true if valid
+ * it ignores optionaly query paramters in $page (script.php?ignored)
+ *
+ * @uses    in_array()
+ * @uses    urldecode()
+ * @uses    substr()
+ * @uses    strpos()
+ * @param   string  &$page      page to check
+ * @param   array   $whitelist  whitelist to check page against
+ * @return  boolean whether $page is valid or not (in $whitelist or not)
+ */
+function PMA_checkPageValidity(&$page, $whitelist)
+{
+    if (! isset($page) || !is_string($page)) {
+        return false;
+    }
+
+    if (in_array($page, $whitelist)) {
+        return true;
+    } elseif (in_array(substr($page, 0, strpos($page . '?', '?')), $whitelist)) {
+        return true;
+    } else {
+        $_page = urldecode($page);
+        if (in_array(substr($_page, 0, strpos($_page . '?', '?')), $whitelist)) {
+            return true;
+        }
+    }
+    return false;
+}
+
+/**
+ * trys to find the value for the given environment vriable name
+ *
+ * searchs in $_SERVER, $_ENV than trys getenv() and apache_getenv()
+ * in this order
+ *
+ * @uses    $_SERVER
+ * @uses    $_ENV
+ * @uses    getenv()
+ * @uses    function_exists()
+ * @uses    apache_getenv()
+ * @param   string  $var_name   variable name
+ * @return  string  value of $var or empty string
+ */
+function PMA_getenv($var_name) {
+    if (isset($_SERVER[$var_name])) {
+        return $_SERVER[$var_name];
+    } elseif (isset($_ENV[$var_name])) {
+        return $_ENV[$var_name];
+    } elseif (getenv($var_name)) {
+        return getenv($var_name);
+    } elseif (function_exists('apache_getenv')
+     && apache_getenv($var_name, true)) {
+        return apache_getenv($var_name, true);
+    }
+
+    return '';
+}
+
+/**
+ * removes cookie
+ *
+ * @uses    PMA_Config::isHttps()
+ * @uses    PMA_Config::getCookiePath()
+ * @uses    setcookie()
+ * @uses    time()
+ * @param   string  $cookie     name of cookie to remove
+ * @return  boolean result of setcookie()
+ */
+function PMA_removeCookie($cookie)
+{
+    return setcookie($cookie, '', time() - 3600,
+        PMA_Config::getCookiePath(), '', PMA_Config::isHttps());
+}
+
+/**
+ * sets cookie if value is different from current cokkie value,
+ * or removes if value is equal to default
+ *
+ * @uses    PMA_Config::isHttps()
+ * @uses    PMA_Config::getCookiePath()
+ * @uses    $_COOKIE
+ * @uses    PMA_removeCookie()
+ * @uses    setcookie()
+ * @uses    time()
+ * @param   string  $cookie     name of cookie to remove
+ * @param   mixed   $value      new cookie value
+ * @param   string  $default    default value
+ * @param   int     $validity   validity of cookie in seconds (default is one month)
+ * @param   bool    $httponlt   whether cookie is only for HTTP (and not for scripts)
+ * @return  boolean result of setcookie()
+ */
+function PMA_setCookie($cookie, $value, $default = null, $validity = null, $httponly = true)
+{
+    if ($validity == null) {
+        $validity = 2592000;
+    }
+    if (strlen($value) && null !== $default && $value === $default
+     && isset($_COOKIE[$cookie])) {
+        // remove cookie, default value is used
+        return PMA_removeCookie($cookie);
+    }
+
+    if (! strlen($value) && isset($_COOKIE[$cookie])) {
+        // remove cookie, value is empty
+        return PMA_removeCookie($cookie);
+    }
+
+    if (! isset($_COOKIE[$cookie]) || $_COOKIE[$cookie] !== $value) {
+        // set cookie with new value
+        /* Calculate cookie validity */
+        if ($validity == 0) {
+            $v = 0;
+        } else {
+            $v = time() + $validity;
+        }
+        /* Use native support for httponly cookies if available */
+        if (version_compare(PHP_VERSION, '5.2.0', 'ge')) {
+            return setcookie($cookie, $value, $v,
+                PMA_Config::getCookiePath(), '', PMA_Config::isHttps(), $httponly);
+        } else {
+            return setcookie($cookie, $value, $v,
+                PMA_Config::getCookiePath() . ($httponly ? '; HttpOnly' : ''), '', PMA_Config::isHttps());
+        }
+    }
+
+    // cookie has already $value as value
+    return true;
+}
+?>
--- a/libraries/db_common.inc.php
+++ b/libraries/db_common.inc.php
@@ -8,7 +8,7 @@
 /**
 * Gets some core libraries
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');
 require_once('./libraries/bookmark.lib.php');

 PMA_checkParameters(array('db'));
--- a/libraries/db_info.inc.php
+++ b/libraries/db_info.inc.php
@@ -8,7 +8,7 @@
 /**
 * Check parameters
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 PMA_checkParameters(array('db'));

--- a/libraries/db_links.inc.php
+++ b/libraries/db_links.inc.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 require_once './libraries/relation.lib.php';
 /**
--- a/libraries/header.inc.php
+++ b/libraries/header.inc.php
@@ -8,14 +8,14 @@
 /**
 *
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';

 if (empty($GLOBALS['is_header_sent'])) {

    /**
     * Gets a core script and starts output buffering work
     */
-    require_once './libraries/common.lib.php';
+    require_once './libraries/common.inc.php';
    require_once './libraries/ob.lib.php';
    if ($GLOBALS['cfg']['OBGzip']) {
        $GLOBALS['ob_mode'] = PMA_outBufferModeGet();
--- a/libraries/header_printview.inc.php
+++ b/libraries/header_printview.inc.php
@@ -8,7 +8,7 @@
 /**
 * Gets a core script and starts output buffering work
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');
 require_once('./libraries/ob.lib.php');
 if ($cfg['OBGzip']) {
    $ob_mode = PMA_outBufferModeGet();
--- a/libraries/server_common.inc.php
+++ b/libraries/server_common.inc.php
@@ -13,7 +13,7 @@
 /**
 * Gets some core libraries
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';

 /**
 * Handles some variables that may have been sent by the calling script
--- a/libraries/server_links.inc.php
+++ b/libraries/server_links.inc.php
@@ -8,7 +8,7 @@
 /**
 * Check parameters
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');
 require_once('./libraries/server_common.inc.php');

 PMA_checkParameters(array('is_superuser', 'url_query'), TRUE, FALSE);
--- a/libraries/sql_query_form.lib.php
+++ b/libraries/sql_query_form.lib.php
@@ -29,7 +29,7 @@ require_once './libraries/bookmark.lib.php'; // used for file listing
 * @uses    $GLOBALS['db']
 * @uses    $GLOBALS['server']
 * @uses    $GLOBALS['goto']
- * @uses    $GLOBALS['is_upload']           from common.lib.php
+ * @uses    $GLOBALS['is_upload']           from common.inc.php
 * @uses    $GLOBALS['sql_query']           from grab_globals.lib.php
 * @uses    $GLOBALS['cfg']['DefaultQueryTable']
 * @uses    $GLOBALS['cfg']['DefaultQueryDatabase']
--- a/libraries/tbl_common.php
+++ b/libraries/tbl_common.php
@@ -8,7 +8,7 @@
 /**
 * Gets some core libraries
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');
 require_once('./libraries/bookmark.lib.php');

 // Check parameters
--- a/libraries/tbl_info.inc.php
+++ b/libraries/tbl_info.inc.php
@@ -20,7 +20,7 @@ require_once './libraries/Table.class.php';
 /**
 * requirements
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 // Check parameters
 PMA_checkParameters(array('db', 'table'));
--- a/libraries/tbl_links.inc.php
+++ b/libraries/tbl_links.inc.php
@@ -8,7 +8,7 @@
 /**
 * Check parameters
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 PMA_checkParameters(array('db', 'table'));

--- a/libraries/tbl_properties.inc.php
+++ b/libraries/tbl_properties.inc.php
@@ -8,7 +8,7 @@
 /**
 * Check parameters
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');
 PMA_checkParameters(array('db', 'table', 'action', 'num_fields'));


--- a/libraries/tbl_replace_fields.inc.php
+++ b/libraries/tbl_replace_fields.inc.php
@@ -39,7 +39,7 @@ if (! defined('PMA_NO_VARIABLES_IMPORT')) {
 /**
 * Gets some core libraries
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';
 require_once './libraries/PMA_File.class.php';

 $file_to_insert = new PMA_File();
--- a/main.php
+++ b/main.php
@@ -15,7 +15,7 @@ if (!defined('PMA_DISPLAY_HEADING')) {
 /**
 * Gets some core libraries and displays a top message if required
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';

 // Handles some variables that may have been sent by the calling script
 if (isset($db)) {
--- a/navigation.php
+++ b/navigation.php
@@ -45,7 +45,7 @@
 /**
 * Gets a core script and starts output buffering work
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';

 /**
 * finish and cleanup navigation.php script execution
--- a/pdf_pages.php
+++ b/pdf_pages.php
@@ -8,7 +8,7 @@
 /**
 * Gets some core libraries
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');
 require_once('./libraries/db_common.inc.php');


--- a/pdf_schema.php
+++ b/pdf_schema.php
@@ -9,7 +9,7 @@
 /**
 * Gets some core scripts
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 /**
 * Settings for relation stuff
--- a/phpinfo.php
+++ b/phpinfo.php
@@ -9,7 +9,7 @@
 * Gets core libraries and defines some variables
 */
 define( 'PMA_MINIMUM_COMMON', true );
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');


 /**
--- a/phpmyadmin.css.php
+++ b/phpmyadmin.css.php
@@ -9,7 +9,7 @@
 *
 */
 define('PMA_MINIMUM_COMMON', true);
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';
 require_once './libraries/sqlparser.lib.php';

 // MSIE 6 (at least some unpatched versions) has problems loading CSS
--- a/pmd_common.php
+++ b/pmd_common.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';
 // not understand
 require_once './libraries/header_http.inc.php';

--- a/querywindow.php
+++ b/querywindow.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';

 $is_superuser = PMA_isSuperuser();

--- a/scripts/setup.php
+++ b/scripts/setup.php
@@ -16,7 +16,7 @@
 // Grab phpMyAdmin version and PMA_dl function
 define( 'PMA_MINIMUM_COMMON', TRUE );
 chdir('..');
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 // Grab configuration defaults
 // Do not use $PMA_Config, it interferes with the one in $_SESSION
--- a/server_binlog.php
+++ b/server_binlog.php
@@ -42,7 +42,7 @@
 /**
 *
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';

 /**
 * Does the common work, provides $binary_logs
--- a/server_collations.php
+++ b/server_collations.php
@@ -11,7 +11,7 @@
 if ( ! defined( 'PMA_NO_VARIABLES_IMPORT' ) ) {
    define( 'PMA_NO_VARIABLES_IMPORT', true );
 }
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 /**
 * Does the common work
--- a/server_databases.php
+++ b/server_databases.php
@@ -8,7 +8,7 @@
 /**
 * Does the common work
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';


 $js_to_run = 'functions.js';
--- a/server_engines.php
+++ b/server_engines.php
@@ -16,7 +16,7 @@ if ( ! defined( 'PMA_NO_VARIABLES_IMPORT' ) ) {
 /**
 * requirements
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 /**
 * Does the common work
--- a/server_export.php
+++ b/server_export.php
@@ -8,7 +8,7 @@
 /**
 * Does the common work
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 $js_to_run = 'functions.js';

--- a/server_import.php
+++ b/server_import.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 /**
 * Does the common work
--- a/server_privileges.php
+++ b/server_privileges.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 /**
 * Does the common work
--- a/server_processlist.php
+++ b/server_processlist.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 /**
 * Does the common work
--- a/server_sql.php
+++ b/server_sql.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 /**
 * Does the common work
--- a/server_status.php
+++ b/server_status.php
@@ -13,7 +13,7 @@
 if (! defined('PMA_NO_VARIABLES_IMPORT')) {
    define('PMA_NO_VARIABLES_IMPORT', true);
 }
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';

 /**
 * Does the common work
--- a/server_variables.php
+++ b/server_variables.php
@@ -11,7 +11,7 @@
 if ( ! defined( 'PMA_NO_VARIABLES_IMPORT' ) ) {
    define( 'PMA_NO_VARIABLES_IMPORT', true );
 }
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';

 /**
 * Does the common work
--- a/sql.php
+++ b/sql.php
@@ -9,7 +9,7 @@
 /**
 * Gets some core libraries
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';
 require_once './libraries/Table.class.php';
 require_once './libraries/tbl_indexes.lib.php';
 require_once './libraries/check_user_privileges.lib.php';
--- a/tbl_addfield.php
+++ b/tbl_addfield.php
@@ -8,7 +8,7 @@
 /**
 * Get some core libraries
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';
 require_once './libraries/Table.class.php';

 $js_to_run = 'functions.js';
--- a/tbl_alter.php
+++ b/tbl_alter.php
@@ -8,7 +8,7 @@
 /**
 * Gets some core libraries
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');
 require_once('./libraries/Table.class.php');

 $js_to_run = 'functions.js';
--- a/tbl_change.php
+++ b/tbl_change.php
@@ -8,7 +8,7 @@
 /**
 * Gets the variables sent or posted to this script and displays the header
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';

 /**
 * Sets global variables.
--- a/tbl_create.php
+++ b/tbl_create.php
@@ -40,7 +40,7 @@
 /**
 * Get some core libraries
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';
 require_once './libraries/Table.class.php';

 $js_to_run = 'functions.js';
--- a/tbl_export.php
+++ b/tbl_export.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 /**
 * Gets tables informations and displays top links
--- a/tbl_import.php
+++ b/tbl_import.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 /**
 * Gets tables informations and displays top links
--- a/tbl_indexes.php
+++ b/tbl_indexes.php
@@ -9,7 +9,7 @@
 /**
 * Gets some core libraries
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';
 require_once './libraries/tbl_indexes.lib.php';

 /**
--- a/tbl_move_copy.php
+++ b/tbl_move_copy.php
@@ -8,7 +8,7 @@
 /**
 * Gets some core libraries
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';
 require_once './libraries/Table.class.php';

 // Check parameters
--- a/tbl_operations.php
+++ b/tbl_operations.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';
 require_once './libraries/Table.class.php';

 $pma_table = new PMA_Table($GLOBALS['table'], $GLOBALS['db']);
--- a/tbl_printview.php
+++ b/tbl_printview.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';

 require './libraries/tbl_common.php';

--- a/tbl_relation.php
+++ b/tbl_relation.php
@@ -8,7 +8,7 @@
 /**
 * Gets some core libraries
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');
 require_once('./libraries/tbl_common.php');
 $url_query .= '&amp;goto=tbl_sql.php';

--- a/tbl_replace.php
+++ b/tbl_replace.php
@@ -52,7 +52,7 @@ if (! defined('PMA_NO_VARIABLES_IMPORT')) {
 /**
 * Gets some core libraries
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';

 // Check parameters
 PMA_checkParameters(array('db', 'table', 'goto'));
--- a/tbl_row_action.php
+++ b/tbl_row_action.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');
 require_once('./libraries/mysql_charsets.lib.php');

 /**
--- a/tbl_select.php
+++ b/tbl_select.php
@@ -8,7 +8,7 @@
 /**
 * Gets some core libraries
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');
 require_once('./libraries/relation.lib.php'); // foreign keys
 require_once('./libraries/mysql_charsets.lib.php');

--- a/tbl_sql.php
+++ b/tbl_sql.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 /**
 * Runs common work
--- a/tbl_structure.php
+++ b/tbl_structure.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';
 require_once './libraries/mysql_charsets.lib.php';
 require_once './libraries/relation.lib.php';

--- a/test/FailTest.php
+++ b/test/FailTest.php
@@ -11,7 +11,6 @@
 *
 */
 require_once 'PHPUnit/Framework.php';
-require_once './libraries/common.lib.php';

 class FailTest extends PHPUnit_Framework_TestCase
 {
--- a/test/PMA_get_real_size_test.php
+++ b/test/PMA_get_real_size_test.php
@@ -11,7 +11,7 @@
 *
 */
 require_once 'PHPUnit/Framework.php';
-require_once './libraries/common.lib.php';
+require_once './libraries/core.lib.php';

 class PMA_get_real_size_test extends PHPUnit_Framework_TestCase
 {
--- a/test/theme.php
+++ b/test/theme.php
@@ -3,7 +3,7 @@
 /**
 * theme test
 *
- * @uses    libraries/common.lib.php        global fnctions
+ * @uses    libraries/common.inc.php        global fnctions
 * @package phpMyAdmin-test
 * @version $Id$
 */
@@ -13,7 +13,7 @@ chdir('..');
 /**
 * Gets core libraries and defines some variables
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';

 $lang_iso_code = $GLOBALS['available_languages'][$GLOBALS['lang']][2];

--- a/themes.php
+++ b/themes.php
@@ -8,7 +8,7 @@
 /**
 * get some globals
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 /* Theme Select */
 $path_to_themes = $cfg['ThemePath'] . '/';
--- a/transformation_overview.php
+++ b/transformation_overview.php
@@ -13,7 +13,7 @@ define('PMA_DISPLAY_HEADING', 0);
 /**
 * Gets some core libraries and displays a top message if required
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';
 require_once './libraries/header.inc.php';
 require_once './libraries/relation.lib.php';
 require_once './libraries/transformations.lib.php';
--- a/transformation_wrapper.php
+++ b/transformation_wrapper.php
@@ -13,7 +13,7 @@ define('IS_TRANSFORMATION_WRAPPER', true);
 /**
 * Gets a core script and starts output buffering work
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');
 require_once('./libraries/relation.lib.php'); // foreign keys
 require_once('./libraries/transformations.lib.php'); // Transformations
 $cfgRelation = PMA_getRelationsParam();
--- a/user_password.php
+++ b/user_password.php
@@ -8,7 +8,7 @@
 /**
 * Gets some core libraries
 */
-require_once('./libraries/common.lib.php');
+require_once('./libraries/common.inc.php');

 /**
 * Displays an error message and exits if the user isn't allowed to use this
--- a/view_create.php
+++ b/view_create.php
@@ -8,7 +8,7 @@
 /**
 *
 */
-require_once './libraries/common.lib.php';
+require_once './libraries/common.inc.php';

 /**
 * Runs common work