"; } function mysql_die($error = "") { global $strError,$strSQLQuery, $strMySQLSaid, $strBack, $sql_query; echo " $strError

"; if(isset($sql_query) && !empty($sql_query)) { echo "$strSQLQuery:

".htmlspecialchars($sql_query)."

"; } if(empty($error)) echo "$strMySQLSaid ".mysql_error(); else echo "$strMySQLSaid ".htmlspecialchars($error); echo "\n
$strBack"; include("./footer.inc.php3"); exit; } function auth() { global $cfgServer, $strAccessDenied, $strWrongUser; //$PHP_AUTH_USER = ""; // No need to do this since err 401 allready clears that var Header("status: 401 Unauthorized"); Header("HTTP/1.0 401 Unauthorized"); Header("WWW-authenticate: basic realm=\"phpMySQLAdmin on ".$cfgServer['host']."\""); echo "".$strAccessDenied."\n"; echo "

".$strWrongUser."

\n"; echo ""; exit; } // Use mysql_connect() or mysql_pconnect()? $connect_func = ($cfgPersistentConnections) ? "mysql_pconnect" : "mysql_connect"; $dblist = array(); reset($cfgServers); while(list($key, $val) = each($cfgServers)) { // Don't use servers with no hostname if (empty($val['host'])) { unset($cfgServers[$key]); } } if(empty($server) || !isset($cfgServers[$server]) || !is_array($cfgServers[$server])) $server = $cfgServerDefault; if($server == 0) { // If no server is selected, make sure that $cfgServer is empty // (so that nothing will work), and skip server authentication. // We do NOT exit here, but continue on without logging into // any server. This way, the welcome page will still come up // (with no server info) and present a choice of servers in the // case that there are multiple servers and '$cfgServerDefault = 0' // is set. $cfgServer = array(); } else if (isset($cfgServers[$server])){ // Otherwise, set up $cfgServer and do the usual login stuff. $cfgServer = $cfgServers[$server]; if(isset($cfgServer['only_db']) && !empty($cfgServer['only_db'])) $dblist[] = $cfgServer['only_db']; if ($cfgServer['adv_auth']) { // Grab the $PHP_AUTH_USER variable whatever are the values of the // 'register_globals' and the 'variables_order' directives if (empty($PHP_AUTH_USER)) { if (!empty($HTTP_SERVER_VARS) && isset($HTTP_SERVER_VARS['PHP_AUTH_USER'])) { $PHP_AUTH_USER = $HTTP_SERVER_VARS['PHP_AUTH_USER']; } else if (isset($REMOTE_USER)) { $PHP_AUTH_USER = $REMOTE_USER; } else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['REMOTE_USER'])) { $PHP_AUTH_USER = $HTTP_ENV_VARS['REMOTE_USER']; } else if (@getenv('REMOTE_USER')) { $PHP_AUTH_USER = getenv('REMOTE_USER'); } } // Grab the $PHP_AUTH_PW variable whatever are the values of the // 'register_globals' and the 'variables_order' directives if (empty($PHP_AUTH_PW)) { if (!empty($HTTP_SERVER_VARS) && isset($HTTP_SERVER_VARS['PHP_AUTH_PW'])) { $PHP_AUTH_PW = $HTTP_SERVER_VARS['PHP_AUTH_PW']; } else if (isset($REMOTE_PASSWORD)) { $PHP_AUTH_PW = $REMOTE_PASSWORD; } else if (!empty($HTTP_ENV_VARS) && isset($HTTP_ENV_VARS['REMOTE_PASSWORD'])) { $PHP_AUTH_PW = $HTTP_ENV_VARS['REMOTE_PASSWORD']; } else if (@getenv('REMOTE_PASSWORD')) { $PHP_AUTH_PW = getenv('REMOTE_PASSWORD'); } } // Grab the $old_usr variable whatever are the values of the // 'register_globals' and the 'variables_order' directives if (empty($old_usr) && !empty($HTTP_GET_VARS) && isset($HTTP_GET_VARS['old_usr'])) { $old_usr = $HTTP_GET_VARS['old_usr']; } if(!isset($old_usr)) { if(empty($PHP_AUTH_USER)) { $AUTH=TRUE; } else { $AUTH=FALSE; } } else { if($old_usr==$PHP_AUTH_USER) { // force user to enter a different username $AUTH=TRUE; unset($old_usr); } else { $AUTH=FALSE; } } if($AUTH) { auth(); } else { if(empty($cfgServer['port'])) { $dbh = $connect_func($cfgServer['host'],$cfgServer['stduser'],$cfgServer['stdpass']) or mysql_die(); } else { $dbh = $connect_func($cfgServer['host'].":".$cfgServer['port'],$cfgServer['stduser'],$cfgServer['stdpass']) or mysql_die(); } $PHP_AUTH_USER = addslashes($PHP_AUTH_USER); $PHP_AUTH_PW = addslashes($PHP_AUTH_PW); $rs = mysql_query("SELECT User, Password, Select_priv FROM mysql.user where User = '$PHP_AUTH_USER' AND Password = PASSWORD('$PHP_AUTH_PW')", $dbh) or mysql_die(); if(@mysql_numrows($rs) <= 0) { auth(); } else { $row = mysql_fetch_array($rs); if ($row["Select_priv"] != "Y") { //correction uva 19991215 --------------------------- //previous code assumed database "mysql" admin table "db" //column "db" contains literal name of user database, and //works if so. mysql usage generally (and uva usage //specifically) allows this column to contain regular //expressions. (we have all databases owned by a given //student/faculty/staff beginning with user i.d. and //governed by default by a single set of privileges with //regular expression as key. this breaks previous code. //this maintenance is to fix code to work correctly for //regular expressions. //begin correction uva 19991215 pt. 1 --------------------------- //add "DISTINCT" to next line: need single row only $rs = mysql_query("SELECT DISTINCT Db FROM mysql.db WHERE Select_priv = 'Y' AND User = '$PHP_AUTH_USER'") or mysql_die(); //end correction uva 19991215 pt. 1 ----------------------------- if (@mysql_numrows($rs) <= 0) { $rs = mysql_query("SELECT Db FROM mysql.tables_priv WHERE Table_priv like '%Select%' AND User = '$PHP_AUTH_USER'") or mysql_die(); if (@mysql_numrows($rs) <= 0) { auth(); } else { while ($row = mysql_fetch_array($rs)) $dblist[] = $row["Db"]; } } else { //begin correction uva 19991215 pt. 2 --------------------------- //see pt. 1, above, for description of change $uva_mydbs = array(); // will use as associative array //of the following 2 code lines, // the 1st is the only line intact from before correction, pt. 2 // the 2nd replaces $dblist[] = $row["Db"]; //code following those 2 lines in correction, pt. 2, continues //populating $dblist[], as previous code did. but it is //now populated with actual database names instead of with //regular expressions. while($row = mysql_fetch_array($rs)) { $uva_mydbs[ $row["Db"] ] = 1; } $uva_alldbs = mysql_list_dbs(); while($uva_row = mysql_fetch_array($uva_alldbs)) { $uva_db = $uva_row[0]; if (isset($uva_mydbs[$uva_db]) && 1 == $uva_mydbs[$uva_db]) { $dblist[] = $uva_db; $uva_mydbs[$uva_db] = 0; } else { reset($uva_mydbs); while (list($uva_matchpattern,$uva_value) = each($uva_mydbs)) { $uva_regex = ereg_replace("%",".+",$uva_matchpattern); // fixed db name matching 2000-08-28 Benjamin Gandon if(ereg("^".$uva_regex."$",$uva_db)) { $dblist[] = $uva_db; break; } } } } //end correction uva 19991215 pt. 2 ----------------------------- } } } } $cfgServer['user']=$PHP_AUTH_USER; $cfgServer['password']=$PHP_AUTH_PW; } if (empty($cfgServer['port'])) { $link = $connect_func($cfgServer['host'], $cfgServer['user'], $cfgServer['password']) or mysql_die(); } else { $link = $connect_func($cfgServer['host'].":".$cfgServer['port'], $cfgServer['user'], $cfgServer['password']) or mysql_die(); } } else{ echo $strHostEmpty; } // ----------------------------------------------------------------- function display_table ($dt_result, $is_simple = false) { global $cfgBorder, $cfgBgcolorOne, $cfgBgcolorTwo, $cfgMaxRows, $pos; global $server, $lang, $db, $table, $sql_query, $sql_order, $cfgOrder, $cfgShowBlob; global $goto, $strShowingRecords, $strSelectNumRows, $SelectNumRows; global $strTotal, $strEdit, $strPrevious, $strNext, $strDelete, $strDeleted; global $strPos1, $strEnd, $sessionMaxRows, $strGo, $strShow, $strRowsFrom; global $cfgModifyDeleteAtLeft, $cfgModifyDeleteAtRight; global $strKill; $cfgMaxRows = isset($sessionMaxRows) ? $sessionMaxRows : $cfgMaxRows; $sessionMaxRows = isset($sessionMaxRows) ? $sessionMaxRows : $cfgMaxRows; load_javascript(); $primary = false; if(!$is_simple && !empty($table) && !empty($db)) { $result = mysql_query("SELECT COUNT(*) as total FROM " .db_name($db). "." . tbl_name($table)) or mysql_die(); $row = mysql_fetch_array($result); $total = $row["total"]; } if (!$is_simple) { if(!isset($pos)) { $pos = 0; } $pos_next = $pos + $cfgMaxRows; $pos_prev = $pos - $cfgMaxRows; if ($pos_prev < 0) { $pos_prev = 0; } } if(isset($total) && $total>1) { if(isset($SelectNumRows) && $SelectNumRows!=$total) $selectstring = ", $SelectNumRows $strSelectNumRows"; else $selectstring = ""; $se = isset($se) ? $se : ""; $lastShownRec = $pos_next - 1; show_message("$strShowingRecords $pos - $lastShownRec ($se$total $strTotal$selectstring)"); } else { show_message($GLOBALS["strSQLQuery"]); } ?> table; mysql_field_seek($dt_result, 0); if (!$is_simple) { show_table_navigation($pos_next, $pos_prev, $dt_result); } else { echo '

'; } ?> \n"; } if($sql_query == "SHOW PROCESSLIST") { echo ""; } while($field = mysql_fetch_field($dt_result)) { if(@mysql_num_rows($dt_result)>1 && !$is_simple) { $sort_order=urlencode(" order by $field->name $cfgOrder"); echo "\n"; } else { echo ""; } $table = $field->table; } echo "\n"; $foo = 0; while($row = mysql_fetch_row($dt_result)) { $primary_key = ""; //begin correction uva 19991216 --------------------------- //previous code assumed that all tables have keys, specifically //that only the phpMyAdmin GUI should support row delete/edit //only for such tables. although always using keys is arguably //the prescribed way of defining a relational table, it is not //required. this will in particular be violated by the novice. we //want to encourage phpMyAdmin usage by such novices. so the code //below has been changed to conditionally work as before when the //table being displayed has one or more keys; but to display delete/edit //options correctly for tables without keys. //begin correction uva 19991216 pt. 1 --------------------------- $uva_nonprimary_condition = ""; //end correction uva 19991216 pt. 1 ----------------------------- $bgcolor = $cfgBgcolorOne; $foo % 2 ? 0: $bgcolor = $cfgBgcolorTwo; echo ""; for($i=0; $inumeric == 1) { if($sql_query == "SHOW PROCESSLIST") $Id = $row[$i]; } if($primary->primary_key > 0) $primary_key .= " $primary->name = '".addslashes($row[$i])."' AND"; //begin correction uva 19991216 pt. 2 --------------------------- //see pt. 1, above, for description of change $uva_nonprimary_condition .= " $primary->name = '".addslashes($row[$i])."' AND"; //end correction uva 19991216 pt. 2 ----------------------------- } //begin correction uva 19991216 pt. 3 --------------------------- //see pt. 1, above, for description of change //prefer primary keys for condition, but use conjunction of //all values if no primary key if($primary_key) //use differently and include else $uva_condition = $primary_key; else $uva_condition = $uva_nonprimary_condition; // { code no longer conditional on $primary_key // $primary_key replaced with $uva_condition below $uva_condition = urlencode(ereg_replace("AND$", "", $uva_condition)); $query = "server=$server&lang=$lang&db=$db&table=$table&pos=$pos"; $goto = (isset($goto) && !empty($goto) && empty($GLOBALS["QUERY_STRING"])) ? $goto : "sql.php3"; $edit_url = "tbl_change.php3"; $edit_url .= "?primary_key=$uva_condition"; $edit_url .= "&$query"; $edit_url .= "&sql_query=".urlencode($sql_query); $edit_url .= "&goto=$goto"; // Chistian Schmidt suggest added in $delete_url 2000-08-24 $delete_url = "sql.php3"; $delete_url .= "?sql_query=".urlencode("DELETE FROM $table WHERE ").$uva_condition; $delete_url .= "&$query"; $delete_url .= "&goto=sql.php3".urlencode("?$query&goto=tbl_properties.php3&sql_query=".urlencode($sql_query)."&zero_rows=".urlencode($strDeleted)); if($cfgModifyDeleteAtLeft && !$is_simple) { echo ""; echo ""; } // } code no longer condition on $primary_key //end correction uva 19991216 pt. 3 ----------------------------- if($sql_query == "SHOW PROCESSLIST") echo "\n"; //possibility to have the modify/delete button on the left added // 2000-08-29 for($i=0; $inumeric == 1) { echo "\n"; } elseif($cfgShowBlob == false && eregi("BLOB", $primary->type)) { echo "\n"; } else { echo "\n"; } } if($cfgModifyDeleteAtRight && !$is_simple) { echo ""; echo ""; } echo "\n"; $foo++; } echo "

		"; echo ""; echo $field->name; echo ""; echo "	$field->name
".$strEdit."	".$strDelete."	$strKill	$row[$i]	[BLOB]	".htmlspecialchars($row[$i])."	".$strEdit."	".$strDelete."

\n"; if (!$is_simple) { show_table_navigation($pos_next, $pos_prev, $dt_result); } }//display_table // Return $table's CREATE definition // Returns a string containing the CREATE statement on success function get_table_def($db, $table, $crlf) { global $drop; $schema_create = ""; if(!empty($drop)) $schema_create .= "DROP TABLE IF EXISTS $table;$crlf"; // Steve Alberty's patch for complete table dump, // modified by Lem9 to allow older MySQL versions to continue to work if(MYSQL_MAJOR_VERSION == "3.23" && intval(MYSQL_MINOR_VERSION) > 20){ $result=mysql_query("show create table " .db_name($db)."." . tbl_name($table)); if ($result!=false && mysql_num_rows($result)>0){ $tmpres=mysql_fetch_array($result); $tmp=$tmpres[1]; $schema_create.=str_replace("\n",$crlf,$tmp); } return $schema_create; } $schema_create .= "CREATE TABLE $table ($crlf"; $result = mysql_query("SHOW FIELDS FROM " .db_name($db)."." . tbl_name($table)) or mysql_die(); while($row = mysql_fetch_array($result)) { $schema_create .= " $row[Field] $row[Type]"; if(isset($row["Default"]) && (!empty($row["Default"]) || $row["Default"] == "0")) $schema_create .= " DEFAULT '$row[Default]'"; if($row["Null"] != "YES") $schema_create .= " NOT NULL"; if($row["Extra"] != "") $schema_create .= " $row[Extra]"; $schema_create .= ",$crlf"; } $schema_create = ereg_replace(",".$crlf."$", "", $schema_create); $result = mysql_query("SHOW KEYS FROM " .db_name($db)."." . tbl_name($table)) or mysql_die(); while($row = mysql_fetch_array($result)) { $kname=$row['Key_name']; $comment=(isset($row['Comment'])) ? $row['Comment'] : ''; $sub_part=(isset($row['Sub_part'])) ? $row['Sub_part'] : ''; if(($kname != "PRIMARY") && ($row['Non_unique'] == 0)) $kname="UNIQUE|$kname"; if($comment=="FULLTEXT") $kname="FULLTEXT|$kname"; if(!isset($index[$kname])) $index[$kname] = array(); if ($sub_part>1) $index[$kname][] = $row['Column_name'] . "(" . $sub_part . ")"; else $index[$kname][] = $row['Column_name']; } while(list($x, $columns) = @each($index)) { $schema_create .= ",$crlf"; if($x == "PRIMARY") $schema_create .= " PRIMARY KEY ("; elseif (substr($x,0,6) == "UNIQUE") $schema_create .= " UNIQUE " .substr($x,7)." ("; elseif (substr($x,0,8) == "FULLTEXT") $schema_create .= " FULLTEXT ".substr($x,9)." ("; else $schema_create .= " KEY $x ("; $schema_create .= implode($columns,", ") . ")"; } $schema_create .= "$crlf)"; if(get_magic_quotes_gpc()) { return (stripslashes($schema_create)); } else { return ($schema_create); } } // Get the content of $table as a series of INSERT statements. // After every row, a custom callback function $handler gets called. // $handler must accept one parameter ($sql_insert); function get_table_content ($db, $table, $handler){ if (PMA_INT_VERSION>=40005) get_table_content_fast($db, $table, $handler); else get_table_content_old($db, $table, $handler); } // only php >= 4.0.5 - staybyte - 27. June 2001 function get_table_content_fast($db, $table, $handler){ $result = mysql_query("SELECT * FROM ".db_name($db)."." . tbl_name($table)) or mysql_die(); if ($result!=false){ for($j=0; $j$strDocu]"); } function show_message($message) { if(!empty($GLOBALS['reload']) && ($GLOBALS['reload'] == "true")) { // Reload the navigation frame via JavaScript ?>

", nl2br(htmlspecialchars($GLOBALS['sql_query'])); if (isset($GLOBALS["sql_order"])) echo " $GLOBALS[sql_order]"; if (isset($GLOBALS["pos"])) echo " LIMIT $GLOBALS[pos], $GLOBALS[cfgMaxRows]";?>

$strError

"; echo "$strSQLQuery:

".htmlspecialchars($sql)."

"; if(empty($error)) echo "$strMySQLSaid ".mysql_error(); else echo "$strMySQLSaid ".htmlspecialchars($error); echo "\n
$strBack"; include("./footer.inc.php3"); exit; } // Split up large sql files into individual queries // Version 2 18th May 2001 - Last Modified By Pete Kelly function split_sql_file($sql, $delimiter) { $sql = trim($sql); $char = ""; $last_char = ""; $ret = array(); $in_string = true; for($i=0; $i strlen($sql)) break; } $sql = substr($sql,0,$i) . substr($sql,$i+$j); } $i++; } return($sql); } // Bookmark Support function get_bookmarks_param() { global $cfgServers; global $cfgServer; global $server; $cfgBookmark=false; $cfgBookmark=""; $i=1; while($i<=sizeof($cfgServers)) { if($cfgServer['adv_auth']) { if(($cfgServers[$i]['host']==$cfgServer['host'] || $cfgServers[$i]['host']=='') && $cfgServers[$i]['adv_auth']==true && $cfgServers[$i]['stduser']==$cfgServer['user'] && $cfgServers[$i]['stdpass']==$cfgServer['password']) { $cfgBookmark['db']=$cfgServers[$i]['bookmarkdb']; $cfgBookmark['table']=$cfgServers[$i]['bookmarktable']; break; } } else { if(($cfgServers[$i]['host']==$cfgServer['host'] || $cfgServers[$i]['host']=='') && $cfgServers[$i]['adv_auth']==false && $cfgServers[$i]['user']==$cfgServer['user'] && $cfgServers[$i]['password']==$cfgServer['password']) { $cfgBookmark['db']=$cfgServers[$i]['bookmarkdb']; $cfgBookmark['table']=$cfgServers[$i]['bookmarktable']; break; } } $i++; } return $cfgBookmark; } function list_bookmarks($db, $cfgBookmark) { $query="SELECT label, id FROM ".$cfgBookmark['db'].".".$cfgBookmark['table']." WHERE dbase='$db'"; // $result=mysql_db_query($cfgBookmark['db'], $query); $result=mysql_query($query); if($result>0 && mysql_num_rows($result)>0) { $flag = 1; while($row = mysql_fetch_row($result)) { $bookmark_list["$flag - ".$row[0]] = $row[1]; $flag++; } return $bookmark_list; } else return false; } function query_bookmarks($db, $cfgBookmark, $id) { $query="SELECT query FROM ".$cfgBookmark['db'].".".$cfgBookmark['table']." WHERE dbase='$db' AND id='$id'"; // $result=mysql_db_query($cfgBookmark['db'], $query); $result=mysql_query($query); $bookmark_query=mysql_result($result,0,"query"); return $bookmark_query; } function delete_bookmarks($db, $cfgBookmark, $id) { $query="DELETE FROM ".$cfgBookmark['db'].".".$cfgBookmark['table']." WHERE id='$id'"; // $result=mysql_db_query($cfgBookmark['db'], $query); $result=mysql_query($query); } $cfgBookmark=get_bookmarks_param(); // formats $value to byte view - staybyte - 15. June 2001 // $comma <= how many comma // $limes <= sensitiveness function format_byte_down($value,$limes=6,$comma=0){ $dh=pow(10,$comma); $li=pow(10,$limes); $returnvalue=$value; $unit="Byte"; if ($value >= $li*1000000){ $value=round($value/(1073741824/$dh))/$dh; $unit="GB"; } else if ($value >= $li*1000){ $value=round($value/(1048576/$dh))/$dh; $unit="MB"; } else if ($value >= $li){ $value=round($value/(1024/$dh))/$dh; $unit="KB"; } if ($unit!="Byte") $returnvalue=number_format($value,$comma,',','.'); else $returnvalue=number_format($value,0,',','.'); return array($returnvalue,$unit); } // to support special characters in db names: Lem9, 2001-06-27 function db_name ($db) { if (MYSQL_MAJOR_VERSION >= "3.23" && intval(MYSQL_MINOR_VERSION) >= 6) { return "`" . $db . "`"; } else return $db; } function tbl_name ($tbl) { if (MYSQL_MAJOR_VERSION >= "3.23" && intval(MYSQL_MINOR_VERSION) >= 6) { return "`" . $tbl . "`"; } else return $tbl; } include ("./defines.inc.php3"); } // $__LIB_INC__ // ----------------------------------------------------------------- ?>