From f6d24d59c9eba55b43d9aa3a2e8d0266a967b9c8 Mon Sep 17 00:00:00 2001 From: Marc Delisle Date: Sun, 11 Dec 2005 13:49:00 +0000 Subject: [PATCH] first example for deglobalization: goto --- sql.php | 64 ++++++++++++++++++++++++++++----------------------------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/sql.php b/sql.php index fa1cfc20c..c6a9ad9d6 100644 --- a/sql.php +++ b/sql.php @@ -14,23 +14,23 @@ require_once('./libraries/bookmark.lib.php'); * Defines the url to return to in case of error in a sql statement */ // Security checkings -if (!empty($goto)) { - $is_gotofile = preg_replace('@^([^?]+).*$@s', '\\1', $goto); +if (!empty($_REQUEST['goto'])) { + $is_gotofile = preg_replace('@^([^?]+).*$@s', '\\1', $_REQUEST['goto']); if (!@file_exists('./' . $is_gotofile)) { - unset($goto); + unset($_REQUEST['goto']); } else { - $is_gotofile = ($is_gotofile == $goto); + $is_gotofile = ($is_gotofile == $_REQUEST['goto']); } } // end if (security checkings) -if (empty($goto)) { - $goto = (empty($table)) ? $cfg['DefaultTabDatabase'] : $cfg['DefaultTabTable']; +if (empty($_REQUEST['goto'])) { + $_REQUEST['goto'] = (empty($table)) ? $cfg['DefaultTabDatabase'] : $cfg['DefaultTabTable']; $is_gotofile = TRUE; } // end if if (!isset($err_url)) { - $err_url = (!empty($back) ? $back : $goto) + $err_url = (!empty($back) ? $back : $_REQUEST['goto']) . '?' . PMA_generate_common_url(isset($db) ? $db : '') - . ((strpos(' ' . $goto, 'db_details') != 1 && isset($table)) ? '&table=' . urlencode($table) : ''); + . ((strpos(' ' . $_REQUEST['goto'], 'db_details') != 1 && isset($table)) ? '&table=' . urlencode($table) : ''); } // end if // Coming from a bookmark dialog @@ -97,7 +97,7 @@ elseif (!isset($pos)) { */ if (isset($store_bkm)) { PMA_addBookmarks($fields, $cfg['Bookmark'], (isset($bkm_all_users) && $bkm_all_users == 'true' ? true : false)); - PMA_sendHeaderLocation($cfg['PmaAbsoluteUri'] . $goto); + PMA_sendHeaderLocation($cfg['PmaAbsoluteUri'] . $_REQUEST['goto']); } // end if @@ -172,9 +172,9 @@ if ($is_select) { /** * Sets or modifies the $goto variable if required */ -if ($goto == 'sql.php') { +if ($_REQUEST['goto'] == 'sql.php') { $is_gotofile = FALSE; - $goto = 'sql.php?' + $_REQUEST['goto'] = 'sql.php?' . PMA_generate_common_url($db, $table) . '&pos=' . $pos . '&sql_query=' . urlencode($sql_query); @@ -186,16 +186,16 @@ if ($goto == 'sql.php') { */ if (isset($btnDrop) && $btnDrop == $strNo) { if (!empty($back)) { - $goto = $back; + $_REQUEST['goto'] = $back; } if ($is_gotofile) { - if (strpos(' ' . $goto, 'db_details') == 1 && !empty($table)) { + if (strpos(' ' . $_REQUEST['goto'], 'db_details') == 1 && !empty($table)) { unset($table); } - $active_page = $goto; - require('./' . PMA_securePath($goto)); + $active_page = $_REQUEST['goto']; + require('./' . PMA_securePath($_REQUEST['goto'])); } else { - PMA_sendHeaderLocation($cfg['PmaAbsoluteUri'] . str_replace('&', '&', $goto)); + PMA_sendHeaderLocation($cfg['PmaAbsoluteUri'] . str_replace('&', '&', $_REQUEST['goto'])); } exit(); } // end if @@ -236,7 +236,7 @@ if ( $do_confirm ) { ?> - + @@ -631,7 +631,7 @@ else { $message .= ' ' . (isset($GLOBALS['querytime']) ? '(' . sprintf($strQueryTime, $GLOBALS['querytime']) . ')' : ''); if ($is_gotofile) { - $goto = PMA_securePath($goto); + $_REQUEST['goto'] = PMA_securePath($_REQUEST['goto']); // Checks for a valid target script if (isset($table) && $table == '') { unset($table); @@ -640,45 +640,45 @@ else { unset($db); } $is_db = $is_table = FALSE; - if (strpos(' ' . $goto, 'tbl_properties') == 1) { + if (strpos(' ' . $_REQUEST['goto'], 'tbl_properties') == 1) { if (!isset($table)) { - $goto = 'db_details.php'; + $_REQUEST['goto'] = 'db_details.php'; } else { $is_table = @PMA_DBI_query('SHOW TABLES LIKE \'' . PMA_sqlAddslashes($table, TRUE) . '\';', NULL, PMA_DBI_QUERY_STORE); if (!($is_table && @PMA_DBI_num_rows($is_table))) { - $goto = 'db_details.php'; + $_REQUEST['goto'] = 'db_details.php'; unset($table); } @PMA_DBI_free_result($is_table); } // end if... else... } - if (strpos(' ' . $goto, 'db_details') == 1) { + if (strpos(' ' . $_REQUEST['goto'], 'db_details') == 1) { if (isset($table)) { unset($table); } if (!isset($db)) { - $goto = 'main.php'; + $_REQUEST['goto'] = 'main.php'; } else { $is_db = @PMA_DBI_select_db($db); if (!$is_db) { - $goto = 'main.php'; + $_REQUEST['goto'] = 'main.php'; unset($db); } } // end if... else... } // Loads to target script - if (strpos(' ' . $goto, 'db_details') == 1 - || strpos(' ' . $goto, 'tbl_properties') == 1) { + if (strpos(' ' . $_REQUEST['goto'], 'db_details') == 1 + || strpos(' ' . $_REQUEST['goto'], 'tbl_properties') == 1) { $js_to_run = 'functions.js'; } - if ($goto != 'main.php') { + if ($_REQUEST['goto'] != 'main.php') { require_once('./libraries/header.inc.php'); } - $active_page = $goto; - require('./' . $goto); + $active_page = $_REQUEST['goto']; + require('./' . $_REQUEST['goto']); } // end if file_exist else { - PMA_sendHeaderLocation($cfg['PmaAbsoluteUri'] . str_replace('&', '&', $goto) . '&message=' . urlencode($message)); + PMA_sendHeaderLocation($cfg['PmaAbsoluteUri'] . str_replace('&', '&', $_REQUEST['goto']) . '&message=' . urlencode($message)); } // end else exit(); } // end no rows returned @@ -859,7 +859,7 @@ else { && !empty($sql_query)) { echo "\n"; - $goto = 'sql.php?' + $_REQUEST['goto'] = 'sql.php?' . PMA_generate_common_url($db, $table) . '&pos=' . $pos . '&session_max_rows=' . $session_max_rows @@ -877,7 +877,7 @@ else { ?>
- +