diff options
124 files changed, 2654 insertions, 2922 deletions
diff --git a/db_central_columns.php b/db_central_columns.php index 321b4e9b82..b576412a75 100644 --- a/db_central_columns.php +++ b/db_central_columns.php @@ -6,6 +6,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\URL; use PMA\libraries\Response; @@ -95,7 +97,7 @@ if (isset($_REQUEST['total_rows']) && $_REQUEST['total_rows']) { } else { $total_rows = PMA_getCentralColumnsCount($db); } -if (PMA_isValid($_REQUEST['pos'], 'integer')) { +if (Core::isValid($_REQUEST['pos'], 'integer')) { $pos = intval($_REQUEST['pos']); } else { $pos = 0; diff --git a/export.php b/export.php index c3dd8447ef..d354ccf88f 100644 --- a/export.php +++ b/export.php @@ -5,6 +5,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\Encoding; use PMA\libraries\plugins\ExportPlugin; use PMA\libraries\URL; @@ -173,7 +175,7 @@ $table = $GLOBALS['table']; PMA\libraries\Util::checkParameters(array('what', 'export_type')); // sanitize this parameter which will be used below in a file inclusion -$what = PMA_securePath($_POST['what']); +$what = Core::securePath($_POST['what']); // export class instance, not array of properties, as before /* @var $export_plugin ExportPlugin */ @@ -189,7 +191,7 @@ $export_plugin = PMA_getPlugin( // Check export type if (empty($export_plugin)) { - PMA_fatalError(__('Bad type!')); + Core::fatalError(__('Bad type!')); } /** @@ -272,7 +274,7 @@ if ($export_type == 'server') { ) ); } else { - PMA_fatalError(__('Bad parameters!')); + Core::fatalError(__('Bad parameters!')); } // Merge SQL Query aliases with Export aliases from @@ -365,7 +367,7 @@ if ($save_on_server) { @ini_set('url_rewriter.tags', ''); $filename = Sanitize::sanitizeFilename($filename); - PMA_downloadHeader($filename, $mime_type); + Core::downloadHeader($filename, $mime_type); } else { // HTML if ($export_type == 'database') { diff --git a/gis_data_editor.php b/gis_data_editor.php index 1dcb1d5d5a..538271e3c2 100644 --- a/gis_data_editor.php +++ b/gis_data_editor.php @@ -5,9 +5,11 @@ * * @package PhpMyAdmin */ -use PMA\libraries\Response; + +use PMA\libraries\Core; use PMA\libraries\gis\GISFactory; use PMA\libraries\gis\GISVisualization; +use PMA\libraries\Response; use PMA\libraries\URL; /** @@ -31,7 +33,7 @@ if (! isset($_REQUEST['field'])) { // Get data if any posted $gis_data = array(); -if (PMA_isValid($_REQUEST['gis_data'], 'array')) { +if (Core::isValid($_REQUEST['gis_data'], 'array')) { $gis_data = $_REQUEST['gis_data']; } diff --git a/import.php b/import.php index c3ccffc57d..a63d2afcbe 100644 --- a/import.php +++ b/import.php @@ -7,6 +7,7 @@ */ use PMA\libraries\Bookmark; +use PMA\libraries\Core; use PMA\libraries\Encoding; use PMA\libraries\File; use PMA\libraries\plugins\ImportPlugin; @@ -235,7 +236,7 @@ if (! in_array( ) { // this should not happen for a normal user // but only during an attack - PMA_fatalError('Incorrect format parameter'); + Core::fatalError('Incorrect format parameter'); } $post_patterns = array( @@ -243,13 +244,13 @@ $post_patterns = array( '/^' . $format . '_/' ); -PMA_setPostAsGlobal($post_patterns); +Core::setPostAsGlobal($post_patterns); // Check needed parameters PMA\libraries\Util::checkParameters(array('import_type', 'format')); // We don't want anything special in format -$format = PMA_securePath($format); +$format = Core::securePath($format); // Create error and goto url if ($import_type == 'table') { @@ -447,7 +448,7 @@ if (isset($_FILES['import_file'])) { if (! empty($local_import_file) && ! empty($cfg['UploadDir'])) { // sanitize $local_import_file as it comes from a POST - $local_import_file = PMA_securePath($local_import_file); + $local_import_file = Core::securePath($local_import_file); $import_file = PMA\libraries\Util::userDir($cfg['UploadDir']) . $local_import_file; diff --git a/import_status.php b/import_status.php index 64b39915fc..3b906fb9dc 100644 --- a/import_status.php +++ b/import_status.php @@ -6,6 +6,8 @@ * @package PhpMyAdmin */ +use PMA\libraries\Core; + /* PHP 5.4 stores upload progress data only in the default session. * After calling session_name(), we won't find the progress data anymore. * @@ -81,7 +83,7 @@ if (defined('SESSIONUPLOAD')) { if (isset($_GET["message"]) && $_GET["message"]) { // AJAX requests can't be cached! - PMA_noCacheHeader(); + Core::noCacheHeader(); header('Content-type: text/html'); @@ -5,14 +5,16 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Charsets; +use PMA\libraries\Core; +use PMA\libraries\LanguageManager; use PMA\libraries\Message; -use PMA\libraries\Response; use PMA\libraries\RecentFavoriteTable; -use PMA\libraries\URL; +use PMA\libraries\Response; use PMA\libraries\Sanitize; -use PMA\libraries\Charsets; use PMA\libraries\ThemeManager; -use PMA\libraries\LanguageManager; +use PMA\libraries\URL; /** * Gets some core libraries and displays a top message if required @@ -412,21 +414,21 @@ PMA_printListItem( PMA_printListItem( __('Official Homepage'), 'li_pma_homepage', - PMA_linkURL('https://www.phpmyadmin.net/'), + Core::linkURL('https://www.phpmyadmin.net/'), null, '_blank' ); PMA_printListItem( __('Contribute'), 'li_pma_contribute', - PMA_linkURL('https://www.phpmyadmin.net/contribute/'), + Core::linkURL('https://www.phpmyadmin.net/contribute/'), null, '_blank' ); PMA_printListItem( __('Get support'), 'li_pma_support', - PMA_linkURL('https://www.phpmyadmin.net/support/'), + Core::linkURL('https://www.phpmyadmin.net/support/'), null, '_blank' ); diff --git a/libraries/Advisor.php b/libraries/Advisor.php index c3e7a9ebab..bf81f7909f 100644 --- a/libraries/Advisor.php +++ b/libraries/Advisor.php @@ -8,7 +8,8 @@ */ namespace PMA\libraries; -use \Exception; +use Exception; +use PMA\libraries\Core; use PMA\libraries\URL; use Symfony\Component\ExpressionLanguage\ExpressionLanguage; @@ -410,7 +411,7 @@ class Advisor $this->translate($rule['recommendation']) ); - // Replaces external Links with PMA_linkURL() generated links + // Replaces external Links with Core::linkURL() generated links $rule['recommendation'] = preg_replace_callback( '#href=("|\')(https?://[^\1]+)\1#i', array($this, 'replaceLinkURL'), @@ -423,7 +424,7 @@ class Advisor } /** - * Callback for wrapping links with PMA_linkURL + * Callback for wrapping links with Core::linkURL * * @param array $matches List of matched elements form preg_replace_callback * @@ -431,7 +432,7 @@ class Advisor */ private function replaceLinkURL($matches) { - return 'href="' . PMA_linkURL($matches[2]) . '" target="_blank" rel="noopener noreferrer"'; + return 'href="' . Core::linkURL($matches[2]) . '" target="_blank" rel="noopener noreferrer"'; } /** diff --git a/libraries/Config.php b/libraries/Config.php index 3a9933247e..0550fb9065 100644 --- a/libraries/Config.php +++ b/libraries/Config.php @@ -8,6 +8,7 @@ namespace PMA\libraries; use DirectoryIterator; +use PMA\libraries\Core; use PMA\libraries\URL; use PMA\libraries\ThemeManager; @@ -172,8 +173,8 @@ class Config */ public function checkClient() { - if (PMA_getenv('HTTP_USER_AGENT')) { - $HTTP_USER_AGENT = PMA_getenv('HTTP_USER_AGENT'); + if (Core::getenv('HTTP_USER_AGENT')) { + $HTTP_USER_AGENT = Core::getenv('HTTP_USER_AGENT'); } else { $HTTP_USER_AGENT = ''; } @@ -312,9 +313,9 @@ class Config { // some versions return Microsoft-IIS, some Microsoft/IIS // we could use a preg_match() but it's slower - if (PMA_getenv('SERVER_SOFTWARE') - && stristr(PMA_getenv('SERVER_SOFTWARE'), 'Microsoft') - && stristr(PMA_getenv('SERVER_SOFTWARE'), 'IIS') + if (Core::getenv('SERVER_SOFTWARE') + && stristr(Core::getenv('SERVER_SOFTWARE'), 'Microsoft') + && stristr(Core::getenv('SERVER_SOFTWARE'), 'IIS') ) { $this->set('PMA_IS_IIS', 1); } else { @@ -1030,19 +1031,19 @@ class Config if ($prefs_type) { include_once './libraries/user_preferences.lib.php'; if ($default_value === null) { - $default_value = PMA_arrayRead($cfg_path, $this->default); + $default_value = Core::arrayRead($cfg_path, $this->default); } PMA_persistOption($cfg_path, $new_cfg_value, $default_value); } if ($prefs_type != 'db' && $cookie_name) { // fall back to cookies if ($default_value === null) { - $default_value = PMA_arrayRead($cfg_path, $this->settings); + $default_value = Core::arrayRead($cfg_path, $this->settings); } $this->setCookie($cookie_name, $new_cfg_value, $default_value); } - PMA_arrayWrite($cfg_path, $GLOBALS['cfg'], $new_cfg_value); - PMA_arrayWrite($cfg_path, $this->settings, $new_cfg_value); + Core::arrayWrite($cfg_path, $GLOBALS['cfg'], $new_cfg_value); + Core::arrayWrite($cfg_path, $this->settings, $new_cfg_value); } /** @@ -1110,7 +1111,7 @@ class Config } if ($contents === false) { $this->source_mtime = 0; - PMA_fatalError( + Core::fatalError( sprintf( function_exists('__') ? __('Existing configuration file (%s) is not readable.') @@ -1141,7 +1142,7 @@ class Config $this->checkWebServerOs(); if ($this->get('PMA_IS_WINDOWS') == 0) { $this->source_mtime = 0; - PMA_fatalError( + Core::fatalError( __( 'Wrong permissions on configuration file, ' . 'should not be world writable!' @@ -1161,7 +1162,7 @@ class Config public function checkErrors() { if ($this->error_config_default_file) { - PMA_fatalError( + Core::fatalError( sprintf( __('Could not load default configuration from: %1$s'), $this->default_source @@ -1344,10 +1345,10 @@ class Config if ($postsize = ini_get('post_max_size')) { $this->set( 'max_upload_size', - min(PMA_getRealSize($filesize), PMA_getRealSize($postsize)) + min(Core::getRealSize($filesize), Core::getRealSize($postsize)) ); } else { - $this->set('max_upload_size', PMA_getRealSize($filesize)); + $this->set('max_upload_size', Core::getRealSize($filesize)); } } @@ -1370,20 +1371,20 @@ class Config $is_https = false; if (! empty($url) && parse_url($url, PHP_URL_SCHEME) === 'https') { $is_https = true; - } elseif (strtolower(PMA_getenv('HTTP_SCHEME')) == 'https') { + } elseif (strtolower(Core::getenv('HTTP_SCHEME')) == 'https') { $is_https = true; - } elseif (strtolower(PMA_getenv('HTTPS')) == 'on') { + } elseif (strtolower(Core::getenv('HTTPS')) == 'on') { $is_https = true; - } elseif (substr(strtolower(PMA_getenv('REQUEST_URI')), 0, 6) == 'https:') { + } elseif (substr(strtolower(Core::getenv('REQUEST_URI')), 0, 6) == 'https:') { $is_https = true; - } elseif (strtolower(PMA_getenv('HTTP_HTTPS_FROM_LB')) == 'on') { + } elseif (strtolower(Core::getenv('HTTP_HTTPS_FROM_LB')) == 'on') { // A10 Networks load balancer $is_https = true; - } elseif (strtolower(PMA_getenv('HTTP_FRONT_END_HTTPS')) == 'on') { + } elseif (strtolower(Core::getenv('HTTP_FRONT_END_HTTPS')) == 'on') { $is_https = true; - } elseif (strtolower(PMA_getenv('HTTP_X_FORWARDED_PROTO')) == 'https') { + } elseif (strtolower(Core::getenv('HTTP_X_FORWARDED_PROTO')) == 'https') { $is_https = true; - } elseif (PMA_getenv('SERVER_PORT') == 443) { + } elseif (Core::getenv('SERVER_PORT') == 443) { $is_https = true; } @@ -1691,7 +1692,7 @@ class Config return; } - PMA_fatalError( + Core::fatalError( sprintf( 'Failed to load phpMyAdmin configuration (%s:%s): %s', Error::relPath($error['file']), diff --git a/libraries/Core.php b/libraries/Core.php new file mode 100644 index 0000000000..cbf7abf36e --- /dev/null +++ b/libraries/Core.php @@ -0,0 +1,1097 @@ +<?php +/* vim: set expandtab sw=4 ts=4 sts=4: */ +/** + * Core functions used all over the scripts. + * This script is distinct from libraries/common.inc.php because this + * script is called from /test. + * + * @package PhpMyAdmin + */ +namespace PMA\libraries; + +use PMA\libraries\DatabaseInterface; +use PMA\libraries\Message; +use PMA\libraries\Response; +use PMA\libraries\Sanitize; +use PMA\libraries\Template; +use PMA\libraries\URL; +use PMA\libraries\Util; + +/** + * Core class + * + * @package PhpMyAdmin + */ +class Core +{ + /** + * checks given $var and returns it if valid, or $default of not valid + * given $var is also checked for type being 'similar' as $default + * or against any other type if $type is provided + * + * <code> + * // $_REQUEST['db'] not set + * echo Core::ifSetOr($_REQUEST['db'], ''); // '' + * // $_REQUEST['sql_query'] not set + * echo Core::ifSetOr($_REQUEST['sql_query']); // null + * // $cfg['EnableFoo'] not set + * echo Core::ifSetOr($cfg['EnableFoo'], false, 'boolean'); // false + * echo Core::ifSetOr($cfg['EnableFoo']); // null + * // $cfg['EnableFoo'] set to 1 + * echo Core::ifSetOr($cfg['EnableFoo'], false, 'boolean'); // false + * echo Core::ifSetOr($cfg['EnableFoo'], false, 'similar'); // 1 + * echo Core::ifSetOr($cfg['EnableFoo'], false); // 1 + * // $cfg['EnableFoo'] set to true + * echo Core::ifSetOr($cfg['EnableFoo'], false, 'boolean'); // true + * </code> + * + * @param mixed &$var param to check + * @param mixed $default default value + * @param mixed $type var type or array of values to check against $var + * + * @return mixed $var or $default + * + * @see self::isValid() + */ + public static function ifSetOr(&$var, $default = null, $type = 'similar') + { + if (! self::isValid($var, $type, $default)) { + return $default; + } + + return $var; + } + + /** + * checks given $var against $type or $compare + * + * $type can be: + * - false : no type checking + * - 'scalar' : whether type of $var is integer, float, string or boolean + * - 'numeric' : whether type of $var is any number representation + * - 'length' : whether type of $var is scalar with a string length > 0 + * - 'similar' : whether type of $var is similar to type of $compare + * - 'equal' : whether type of $var is identical to type of $compare + * - 'identical' : whether $var is identical to $compare, not only the type! + * - or any other valid PHP variable type + * + * <code> + * // $_REQUEST['doit'] = true; + * Core::isValid($_REQUEST['doit'], 'identical', 'true'); // false + * // $_REQUEST['doit'] = 'true'; + * Core::isValid($_REQUEST['doit'], 'identical', 'true'); // true + * </code> + * + * NOTE: call-by-reference is used to not get NOTICE on undefined vars, + * but the var is not altered inside this function, also after checking a var + * this var exists nut is not set, example: + * <code> + * // $var is not set + * isset($var); // false + * functionCallByReference($var); // false + * isset($var); // true + * functionCallByReference($var); // true + * </code> + * + * to avoid this we set this var to null if not isset + * + * @param mixed &$var variable to check + * @param mixed $type var type or array of valid values to check against $var + * @param mixed $compare var to compare with $var + * + * @return boolean whether valid or not + * + * @todo add some more var types like hex, bin, ...? + * @see https://secure.php.net/gettype + */ + public static function isValid(&$var, $type = 'length', $compare = null) + { + if (! isset($var)) { + // var is not even set + return false; + } + + if ($type === false) { + // no vartype requested + return true; + } + + if (is_array($type)) { + return in_array($var, $type); + } + + // allow some aliases of var types + $type = strtolower($type); + switch ($type) { + case 'identic' : + $type = 'identical'; + break; + case 'len' : + $type = 'length'; + break; + case 'bool' : + $type = 'boolean'; + break; + case 'float' : + $type = 'double'; + break; + case 'int' : + $type = 'integer'; + break; + case 'null' : + $type = 'NULL'; + break; + } + + if ($type === 'identical') { + return $var === $compare; + } + + // whether we should check against given $compare + if ($type === 'similar') { + switch (gettype($compare)) { + case 'string': + case 'boolean': + $type = 'scalar'; + break; + case 'integer': + case 'double': + $type = 'numeric'; + break; + default: + $type = gettype($compare); + } + } elseif ($type === 'equal') { + $type = gettype($compare); + } + + // do the check + if ($type === 'length' || $type === 'scalar') { + $is_scalar = is_scalar($var); + if ($is_scalar && $type === 'length') { + return strlen($var) > 0; + } + return $is_scalar; + } + + if ($type === 'numeric') { + return is_numeric($var); + } + + if (gettype($var) === $type) { + return true; + } + + return false; + } + + /** + * Removes insecure parts in a path; used before include() or + * require() when a part of the path comes from an insecure source + * like a cookie or form. + * + * @param string $path The path to check + * + * @return string The secured path + * + * @access public + */ + public static function securePath($path) + { + // change .. to . + $path = preg_replace('@\.\.*@', '.', $path); + + return $path; + } // end function + + /** + * displays the given error message on phpMyAdmin error page in foreign language, + * ends script execution and closes session + * + * loads language file if not loaded already + * + * @param string $error_message the error message or named error message + * @param string|array $message_args arguments applied to $error_message + * + * @return void + */ + public static function fatalError($error_message, $message_args = null) { + /* Use format string if applicable */ + if (is_string($message_args)) { + $error_message = sprintf($error_message, $message_args); + } elseif (is_array($message_args)) { + $error_message = vsprintf($error_message, $message_args); + } + + /* + * Avoid using Response if Config is not yet loaded + * (this can happen on early fatal error) + */ + if (isset($GLOBALS['Config'])) { + $response = Response::getInstance(); + } else { + $response = null; + } + if (! is_null($response) && $response->isAjax()) { + $response->setRequestStatus(false); + $response->addJSON('message', Message::error($error_message)); + } else { + $error_message = strtr($error_message, array('<br />' => '[br]')); + $error_header = __('Error'); + $lang = isset($GLOBALS['lang']) ? $GLOBALS['lang'] : 'en'; + $dir = isset($GLOBALS['text_dir']) ? $GLOBALS['text_dir'] : 'ltr'; + + // Displays the error message + include './libraries/error.inc.php'; + } + if (! defined('TESTSUITE')) { + exit; + } + } + + /** + * Returns a link to the PHP documentation + * + * @param string $target anchor in documentation + * + * @return string the URL + * + * @access public + */ + public static function getPHPDocLink($target) + { + /* List of PHP documentation translations */ + $php_doc_languages = array( + 'pt_BR', 'zh', 'fr', 'de', 'it', 'ja', 'pl', 'ro', 'ru', 'fa', 'es', 'tr' + ); + + $lang = 'en'; + if (in_array($GLOBALS['lang'], $php_doc_languages)) { + $lang = $GLOBALS['lang']; + } + + return self::linkURL('https://secure.php.net/manual/' . $lang . '/' . $target); + } + + /** + * Warn or fail on missing extension. + * + * @param string $extension Extension name + * @param bool $fatal Whether the error is fatal. + * @param string $extra Extra string to append to message. + * + * @return void + */ + public static function warnMissingExtension($extension, $fatal = false, $extra = '') + { + /* Gettext does not have to be loaded yet here */ + if (function_exists('__')) { + $message = __( + 'The %s extension is missing. Please check your PHP configuration.' + ); + } else { + $message + = 'The %s extension is missing. Please check your PHP configuration.'; + } + $doclink = self::getPHPDocLink('book.' . $extension . '.php'); + $message = sprintf( + $message, + '[a@' . $doclink . '@Documentation][em]' . $extension . '[/em][/a]' + ); + if ($extra != '') { + $message .= ' ' . $extra; + } + if ($fatal) { + self::fatalError($message); + return; + } + + $GLOBALS['error_handler']->addError( + $message, + E_USER_WARNING, + '', + '', + false + ); + } + + /** + * returns count of tables in given db + * + * @param string $db database to count tables for + * + * @return integer count of tables in $db + */ + public static function getTableCount($db) + { + $tables = $GLOBALS['dbi']->tryQuery( + 'SHOW TABLES FROM ' . Util::backquote($db) . ';', + null, DatabaseInterface::QUERY_STORE + ); + if ($tables) { + $num_tables = $GLOBALS['dbi']->numRows($tables); + $GLOBALS['dbi']->freeResult($tables); + } else { + $num_tables = 0; + } + + return $num_tables; + } + + /** + * Converts numbers like 10M into bytes + * Used with permission from Moodle (https://moodle.org) by Martin Dougiamas + * (renamed with PMA prefix to avoid double definition when embedded + * in Moodle) + * + * @param string|int $size size (Default = 0) + * + * @return integer $size + */ + public static function getRealSize($size = 0) + { + if (! $size) { + return 0; + } + + $binaryprefixes = array( + 'T' => 1099511627776, + 't' => 1099511627776, + 'G' => 1073741824, + 'g' => 1073741824, + 'M' => 1048576, + 'm' => 1048576, + 'K' => 1024, + 'k' => 1024, + ); + + if (preg_match('/^([0-9]+)([KMGT])/i', $size, $matches)) { + return $matches[1] * $binaryprefixes[$matches[2]]; + } + + return (int) $size; + } // end getRealSize() + + /** + * boolean phpMyAdmin.Core::checkPageValidity(string &$page, array $whitelist) + * + * checks given $page against given $whitelist and returns true if valid + * it optionally ignores query parameters in $page (script.php?ignored) + * + * @param string &$page page to check + * @param array $whitelist whitelist to check page against + * + * @return boolean whether $page is valid or not (in $whitelist or not) + */ + public static function checkPageValidity(&$page, $whitelist) + { + if (! isset($page) || !is_string($page)) { + return false; + } + + if (in_array($page, $whitelist)) { + return true; + } + + $_page = mb_substr( + $page, + 0, + mb_strpos($page . '?', '?') + ); + if (in_array($_page, $whitelist)) { + return true; + } + + $_page = urldecode($page); + $_page = mb_substr( + $_page, + 0, + mb_strpos($_page . '?', '?') + ); + if (in_array($_page, $whitelist)) { + return true; + } + + return false; + } + + /** + * tries to find the value for the given environment variable name + * + * searches in $_SERVER, $_ENV then tries getenv() and apache_getenv() + * in this order + * + * @param string $var_name variable name + * + * @return string value of $var or empty string + */ + public static function getenv($var_name) + { + if (isset($_SERVER[$var_name])) { + return $_SERVER[$var_name]; + } + + if (isset($_ENV[$var_name])) { + return $_ENV[$var_name]; + } + + if (getenv($var_name)) { + return getenv($var_name); + } + + if (function_exists('apache_getenv') + && apache_getenv($var_name, true) + ) { + return apache_getenv($var_name, true); + } + + return ''; + } + + /** + * Send HTTP header, taking IIS limits into account (600 seems ok) + * + * @param string $uri the header to send + * @param bool $use_refresh whether to use Refresh: header when running on IIS + * + * @return void + */ + public static function sendHeaderLocation($uri, $use_refresh = false) + { + if ($GLOBALS['PMA_Config']->get('PMA_IS_IIS') && mb_strlen($uri) > 600) { + Response::getInstance()->disable(); + + echo Template::get('header_location') + ->render(array('uri' => $uri)); + + return; + } + + /* + * Avoid relative path redirect problems in case user entered URL + * like /phpmyadmin/index.php/ which some web servers happily accept. + */ + if ($uri[0] == '.') { + $uri = $GLOBALS['PMA_Config']->getRootPath() . substr($uri, 2); + } + + $response = Response::getInstance(); + + session_write_close(); + if ($response->headersSent()) { + trigger_error( + 'Core::sendHeaderLocation called when headers are already sent!', + E_USER_ERROR + ); + } + // bug #1523784: IE6 does not like 'Refresh: 0', it + // results in a blank page + // but we need it when coming from the cookie login panel) + if ($GLOBALS['PMA_Config']->get('PMA_IS_IIS') && $use_refresh) { + $response->header('Refresh: 0; ' . $uri); + } else { + $response->header('Location: ' . $uri); + } + } + + /** + * Outputs application/json headers. This includes no caching. + * + * @return void + */ + public static function headerJSON() + { + if (defined('TESTSUITE')) { + return; + } + // No caching + self::noCacheHeader(); + // MIME type + header('Content-Type: application/json; charset=UTF-8'); + // Disable content sniffing in browser + // This is needed in case we include HTML in JSON, browser might assume it's + // html to display + header('X-Content-Type-Options: nosniff'); + } + + /** + * Outputs headers to prevent caching in browser (and on the way). + * + * @return void + */ + public static function noCacheHeader() + { + if (defined('TESTSUITE')) { + return; + } + // rfc2616 - Section 14.21 + header('Expires: ' . gmdate(DATE_RFC1123)); + // HTTP/1.1 + header( + 'Cache-Control: no-store, no-cache, must-revalidate,' + . ' pre-check=0, post-check=0, max-age=0' + ); + + header('Pragma: no-cache'); // HTTP/1.0 + // test case: exporting a database into a .gz file with Safari + // would produce files not having the current time + // (added this header for Safari but should not harm other browsers) + header('Last-Modified: ' . gmdate(DATE_RFC1123)); + } + + + /** + * Sends header indicating file download. + * + * @param string $filename Filename to include in headers if empty, + * none Content-Disposition header will be sent. + * @param string $mimetype MIME type to include in headers. + * @param int $length Length of content (optional) + * @param bool $no_cache Whether to include no-caching headers. + * + * @return void + */ + public static function downloadHeader($filename, $mimetype, $length = 0, $no_cache = true) + { + if ($no_cache) { + self::noCacheHeader(); + } + /* Replace all possibly dangerous chars in filename */ + $filename = Sanitize::sanitizeFilename($filename); + if (!empty($filename)) { + header('Content-Description: File Transfer'); + header('Content-Disposition: attachment; filename="' . $filename . '"'); + } + header('Content-Type: ' . $mimetype); + // inform the server that compression has been done, + // to avoid a double compression (for example with Apache + mod_deflate) + $notChromeOrLessThan43 = PMA_USR_BROWSER_AGENT != 'CHROME' // see bug #4942 + || (PMA_USR_BROWSER_AGENT == 'CHROME' && PMA_USR_BROWSER_VER < 43); + if (strpos($mimetype, 'gzip') !== false && $notChromeOrLessThan43) { + header('Content-Encoding: gzip'); + } + header('Content-Transfer-Encoding: binary'); + if ($length > 0) { + header('Content-Length: ' . $length); + } + } + + /** + * Returns value of an element in $array given by $path. + * $path is a string describing position of an element in an associative array, + * eg. Servers/1/host refers to $array[Servers][1][host] + * + * @param string $path path in the array + * @param array $array the array + * @param mixed $default default value + * + * @return mixed array element or $default + */ + public static function arrayRead($path, $array, $default = null) + { + $keys = explode('/', $path); + $value =& $array; + foreach ($keys as $key) { + if (! isset($value[$key])) { + return $default; + } + $value =& $value[$key]; + } + return $value; + } + + /** + * Stores value in an array + * + * @param string $path path in the array + * @param array &$array the array + * @param mixed $value value to store + * + * @return void + */ + public static function arrayWrite($path, &$array, $value) + { + $keys = explode('/', $path); + $last_key = array_pop($keys); + $a =& $array; + foreach ($keys as $key) { + if (! isset($a[$key])) { + $a[$key] = array(); + } + $a =& $a[$key]; + } + $a[$last_key] = $value; + } + + /** + * Removes value from an array + * + * @param string $path path in the array + * @param array &$array the array + * + * @return void + */ + public static function arrayRemove($path, &$array) + { + $keys = explode('/', $path); + $keys_last = array_pop($keys); + $path = array(); + $depth = 0; + + $path[0] =& $array; + $found = true; + // go as deep as required or possible + foreach ($keys as $key) { + if (! isset($path[$depth][$key])) { + $found = false; + break; + } + $depth++; + $path[$depth] =& $path[$depth - 1][$key]; + } + // if element found, remove it + if ($found) { + unset($path[$depth][$keys_last]); + $depth--; + } + + // remove empty nested arrays + for (; $depth >= 0; $depth--) { + if (! isset($path[$depth+1]) || count($path[$depth+1]) == 0) { + unset($path[$depth][$keys[$depth]]); + } else { + break; + } + } + } + + /** + * Returns link to (possibly) external site using defined redirector. + * + * @param string $url URL where to go. + * + * @return string URL for a link. + */ + public static function linkURL($url) + { + if (!preg_match('#^https?://#', $url)) { + return $url; + } + + $params = array(); + $params['url'] = $url; + + $url = URL::getCommon($params); + //strip off token and such sensitive information. Just keep url. + $arr = parse_url($url); + parse_str($arr["query"], $vars); + $query = http_build_query(array("url" => $vars["url"])); + + if (defined('PMA_SETUP')) { + $url = '../url.php?' . $query; + } else { + $url = './url.php?' . $query; + } + + return $url; + } + + /** + * Checks whether domain of URL is whitelisted domain or not. + * Use only for URLs of external sites. + * + * @param string $url URL of external site. + * + * @return boolean True: if domain of $url is allowed domain, + * False: otherwise. + */ + public static function isAllowedDomain($url) + { + $arr = parse_url($url); + // We need host to be set + if (! isset($arr['host']) || strlen($arr['host']) == 0) { + return false; + } + // We do not want these to be present + $blocked = array('user', 'pass', 'port'); + foreach ($blocked as $part) { + if (isset($arr[$part]) && strlen($arr[$part]) != 0) { + return false; + } + } + $domain = $arr["host"]; + $domainWhiteList = array( + /* Include current domain */ + $_SERVER['SERVER_NAME'], + /* phpMyAdmin domains */ + 'wiki.phpmyadmin.net', + 'www.phpmyadmin.net', + 'phpmyadmin.net', + 'demo.phpmyadmin.net', + 'docs.phpmyadmin.net', + /* mysql.com domains */ + 'dev.mysql.com','bugs.mysql.com', + /* mariadb domains */ + 'mariadb.org', 'mariadb.com', + /* php.net domains */ + 'php.net', + 'secure.php.net', + /* sourceforge.net domain */ + 'sourceforge.net', + /* Github domains*/ + 'github.com','www.github.com', + /* Percona domains */ + 'www.percona.com', + /* Following are doubtful ones. */ + 'mysqldatabaseadministration.blogspot.com', + ); + if (in_array($domain, $domainWhiteList)) { + return true; + } + + return false; + } + + /** + * Replace some html-unfriendly stuff + * + * @param string $buffer String to process + * + * @return string Escaped and cleaned up text suitable for html + */ + public static function mimeDefaultFunction($buffer) + { + $buffer = htmlspecialchars($buffer); + $buffer = str_replace(' ', ' ', $buffer); + $buffer = preg_replace("@((\015\012)|(\015)|(\012))@", '<br />' . "\n", $buffer); + + return $buffer; + } + + /** + * Displays SQL query before executing. + * + * @param array|string $query_data Array containing queries or query itself + * + * @return void + */ + public static function previewSQL($query_data) + { + $retval = '<div class="preview_sql">'; + if (empty($query_data)) { + $retval .= __('No change'); + } elseif (is_array($query_data)) { + foreach ($query_data as $query) { + $retval .= Util::formatSql($query); + } + } else { + $retval .= Util::formatSql($query_data); + } + $retval .= '</div>'; + $response = Response::getInstance(); + $response->addJSON('sql_data', $retval); + exit; + } + + /** + * recursively check if variable is empty + * + * @param mixed $value the variable + * + * @return bool true if empty + */ + public static function emptyRecursive($value) + { + $empty = true; + if (is_array($value)) { + array_walk_recursive( + $value, + function ($item) use (&$empty) { + $empty = $empty && empty($item); + } + ); + } else { + $empty = empty($value); + } + return $empty; + } + + /** + * Creates some globals from $_POST variables matching a pattern + * + * @param array $post_patterns The patterns to search for + * + * @return void + */ + public static function setPostAsGlobal($post_patterns) + { + foreach (array_keys($_POST) as $post_key) { + foreach ($post_patterns as $one_post_pattern) { + if (preg_match($one_post_pattern, $post_key)) { + $GLOBALS[$post_key] = $_POST[$post_key]; + } + } + } + } + + /** + * Creates some globals from $_REQUEST + * + * @param string $param db|table + * + * @return void + */ + public static function setGlobalDbOrTable($param) + { + $GLOBALS[$param] = ''; + if (self::isValid($_REQUEST[$param])) { + // can we strip tags from this? + // only \ and / is not allowed in db names for MySQL + $GLOBALS[$param] = $_REQUEST[$param]; + $GLOBALS['url_params'][$param] = $GLOBALS[$param]; + } + } + + /** + * PATH_INFO could be compromised if set, so remove it from PHP_SELF + * and provide a clean PHP_SELF here + * + * @return void + */ + public static function cleanupPathInfo() + { + global $PMA_PHP_SELF; + + $PMA_PHP_SELF = self::getenv('PHP_SELF'); + if (empty($PMA_PHP_SELF)) { + $PMA_PHP_SELF = urldecode(self::getenv('REQUEST_URI')); + } + $_PATH_INFO = self::getenv('PATH_INFO'); + if (! empty($_PATH_INFO) && ! empty($PMA_PHP_SELF)) { + $question_pos = mb_strpos($PMA_PHP_SELF, '?'); + if ($question_pos != false) { + $PMA_PHP_SELF = mb_substr($PMA_PHP_SELF, 0, $question_pos); + } + $path_info_pos = mb_strrpos($PMA_PHP_SELF, $_PATH_INFO); + if ($path_info_pos !== false) { + $path_info_part = mb_substr($PMA_PHP_SELF, $path_info_pos, mb_strlen($_PATH_INFO)); + if ($path_info_part == $_PATH_INFO) { + $PMA_PHP_SELF = mb_substr($PMA_PHP_SELF, 0, $path_info_pos); + } + } + } + + $path = []; + foreach(explode('/', $PMA_PHP_SELF) as $part) { + // ignore parts that have no value + if (empty($part) || $part === '.') continue; + + if ($part !== '..') { + // cool, we found a new part + array_push($path, $part); + } else if (count($path) > 0) { + // going back up? sure + array_pop($path); + } + // Here we intentionall ignore case where we go too up + // as there is nothing sane to do + } + + $PMA_PHP_SELF = htmlspecialchars('/' . join('/', $path)); + } + + /** + * Checks that required PHP extensions are there. + * @return void + */ + public static function checkExtensions() + { + /** + * Warning about mbstring. + */ + if (! function_exists('mb_detect_encoding')) { + self::warnMissingExtension('mbstring'); + } + + /** + * We really need this one! + */ + if (! function_exists('preg_replace')) { + self::warnMissingExtension('pcre', true); + } + + /** + * JSON is required in several places. + */ + if (! function_exists('json_encode')) { + self::warnMissingExtension('json', true); + } + } + + /** + * Gets the "true" IP address of the current user + * + * @return string the ip of the user + * + * @access private + */ + public static function getIp() + { + /* Get the address of user */ + if (empty($_SERVER['REMOTE_ADDR'])) { + /* We do not know remote IP */ + return false; + } + + $direct_ip = $_SERVER['REMOTE_ADDR']; + + /* Do we trust this IP as a proxy? If yes we will use it's header. */ + if (!isset($GLOBALS['cfg']['TrustedProxies'][$direct_ip])) { + /* Return true IP */ + return $direct_ip; + } + + /** + * Parse header in form: + * X-Forwarded-For: client, proxy1, proxy2 + */ + // Get header content + $value = self::getenv($GLOBALS['cfg']['TrustedProxies'][$direct_ip]); + // Grab first element what is client adddress + $value = explode(',', $value)[0]; + // checks that the header contains only one IP address, + $is_ip = filter_var($value, FILTER_VALIDATE_IP); + + if ($is_ip !== false) { + // True IP behind a proxy + return $value; + } + + // We could not parse header + return false; + } // end of the 'getIp()' function + + /** + * Sanitizes MySQL hostname + * + * * strips p: prefix(es) + * + * @param string $name User given hostname + * + * @return string + */ + public static function sanitizeMySQLHost($name) + { + while (strtolower(substr($name, 0, 2)) == 'p:') { + $name = substr($name, 2); + } + + return $name; + } + + /** + * Sanitizes MySQL username + * + * * strips part behind null byte + * + * @param string $name User given username + * + * @return string + */ + public static function sanitizeMySQLUser($name) + { + $position = strpos($name, chr(0)); + if ($position !== false) { + return substr($name, 0, $position); + } + return $name; + } + + /** + * Safe unserializer wrapper + * + * It does not unserialize data containing objects + * + * @param string $data Data to unserialize + * + * @return mixed + */ + public static function safeUnserialize($data) + { + if (! is_string($data)) { + return null; + } + + /* validate serialized data */ + $length = strlen($data); + $depth = 0; + for ($i = 0; $i < $length; $i++) { + $value = $data[$i]; + + switch ($value) + { + case '}': + /* end of array */ + if ($depth <= 0) { + return null; + } + $depth--; + break; + case 's': + /* string */ + // parse sting length + $strlen = intval(substr($data, $i + 2)); + // string start + $i = strpos($data, ':', $i + 2); + if ($i === false) { + return null; + } + // skip string, quotes and ; + $i += 2 + $strlen + 1; + if ($data[$i] != ';') { + return null; + } + break; + + case 'b': + case 'i': + case 'd': + /* bool, integer or double */ + // skip value to sepearator + $i = strpos($data, ';', $i); + if ($i === false) { + return null; + } + break; + case 'a': + /* array */ + // find array start + $i = strpos($data, '{', $i); + if ($i === false) { + return null; + } + // remember nesting + $depth++; + break; + case 'N': + /* null */ + // skip to end + $i = strpos($data, ';', $i); + if ($i === false) { + return null; + } + break; + default: + /* any other elements are not wanted */ + return null; + } + } + + // check unterminated arrays + if ($depth > 0) { + return null; + } + + return unserialize($data); + } +} diff --git a/libraries/DatabaseInterface.php b/libraries/DatabaseInterface.php index 4a67a79dc1..e77dba3de7 100644 --- a/libraries/DatabaseInterface.php +++ b/libraries/DatabaseInterface.php @@ -7,6 +7,7 @@ */ namespace PMA\libraries; +use PMA\libraries\Core; use PMA\libraries\dbi\DBIExtension; use PMA\libraries\LanguageManager; use PMA\libraries\URL; @@ -1809,7 +1810,7 @@ class DatabaseInterface . " FROM `information_schema`.`ROUTINES`" . " WHERE `ROUTINE_SCHEMA` " . Util::getCollateForIS() . " = '" . $GLOBALS['dbi']->escapeString($db) . "'"; - if (PMA_isValid($which, array('FUNCTION','PROCEDURE'))) { + if (Core::isValid($which, array('FUNCTION','PROCEDURE'))) { $query .= " AND `ROUTINE_TYPE` = '" . $which . "'"; } if (! empty($name)) { diff --git a/libraries/DbQbe.php b/libraries/DbQbe.php index 4a4963c956..26fe2315f1 100644 --- a/libraries/DbQbe.php +++ b/libraries/DbQbe.php @@ -7,6 +7,7 @@ */ namespace PMA\libraries; +use PMA\libraries\Core; use PMA\libraries\URL; use PMA\libraries\Util; @@ -264,12 +265,12 @@ class DbQbe { $criteriaColumnCount = $this->_initializeCriteriasCount(); - $this->_criteriaColumnInsert = PMA_ifSetOr( + $this->_criteriaColumnInsert = Core::ifSetOr( $_REQUEST['criteriaColumnInsert'], null, 'array' ); - $this->_criteriaColumnDelete = PMA_ifSetOr( + $this->_criteriaColumnDelete = Core::ifSetOr( $_REQUEST['criteriaColumnDelete'], null, 'array' @@ -312,7 +313,7 @@ class DbQbe private function _setCriteriaTablesAndColumns() { // The tables list sent by a previously submitted form - if (PMA_isValid($_REQUEST['TableList'], 'array')) { + if (Core::isValid($_REQUEST['TableList'], 'array')) { foreach ($_REQUEST['TableList'] as $each_table) { $this->_criteriaTables[$each_table] = ' selected="selected"'; } @@ -1922,12 +1923,12 @@ class DbQbe private function _initializeCriteriasCount() { // sets column count - $criteriaColumnCount = PMA_ifSetOr( + $criteriaColumnCount = Core::ifSetOr( $_REQUEST['criteriaColumnCount'], 3, 'numeric' ); - $criteriaColumnAdd = PMA_ifSetOr( + $criteriaColumnAdd = Core::ifSetOr( $_REQUEST['criteriaColumnAdd'], 0, 'numeric' @@ -1938,8 +1939,8 @@ class DbQbe ); // sets row count - $rows = PMA_ifSetOr($_REQUEST['rows'], 0, 'numeric'); - $criteriaRowAdd = PMA_ifSetOr($_REQUEST['criteriaRowAdd'], 0, 'numeric'); + $rows = Core::ifSetOr($_REQUEST['rows'], 0, 'numeric'); + $criteriaRowAdd = Core::ifSetOr($_REQUEST['criteriaRowAdd'], 0, 'numeric'); $this->_criteria_row_count = min( 100, max($rows + $criteriaRowAdd, 0) diff --git a/libraries/DisplayResults.php b/libraries/DisplayResults.php index a24dc28f68..0261ab3a3e 100644 --- a/libraries/DisplayResults.php +++ b/libraries/DisplayResults.php @@ -8,6 +8,7 @@ namespace PMA\libraries; use PhpMyAdmin\SqlParser\Utils\Query; +use PMA\libraries\Core; use PMA\libraries\plugins\transformations\Text_Plain_Link; use PMA\libraries\Sanitize; use PMA\libraries\Sql; @@ -2599,7 +2600,7 @@ class DisplayResults * @param bool $is_field_truncated is field truncated (display ...) * @param object|string $transformation_plugin transformation plugin. * Can also be the default function: - * PMA_mimeDefaultFunction + * Core::mimeDefaultFunction * @param string $default_function default transformation function * * @return string the list of classes @@ -3042,7 +3043,7 @@ class DisplayResults : false; // Wrap MIME-transformations. [MIME] - $default_function = 'PMA_mimeDefaultFunction'; // default_function + $default_function = [Core::class, 'mimeDefaultFunction']; // default_function $transformation_plugin = $default_function; $transform_options = array(); @@ -4095,8 +4096,8 @@ class DisplayResults } // as this is a form value, the type is always string so we cannot - // use PMA_isValid($_REQUEST['session_max_rows'], 'integer') - if (PMA_isValid($_REQUEST['session_max_rows'], 'numeric')) { + // use Core::isValid($_REQUEST['session_max_rows'], 'integer') + if (Core::isValid($_REQUEST['session_max_rows'], 'numeric')) { $query['max_rows'] = (int)$_REQUEST['session_max_rows']; unset($_REQUEST['session_max_rows']); } elseif ($_REQUEST['session_max_rows'] == self::ALL_ROWS) { @@ -4106,14 +4107,14 @@ class DisplayResults $query['max_rows'] = intval($GLOBALS['cfg']['MaxRows']); } - if (PMA_isValid($_REQUEST['pos'], 'numeric')) { + if (Core::isValid($_REQUEST['pos'], 'numeric')) { $query['pos'] = $_REQUEST['pos']; unset($_REQUEST['pos']); } elseif (empty($query['pos'])) { $query['pos'] = 0; } - if (PMA_isValid( + if (Core::isValid( $_REQUEST['pftext'], array( self::DISPLAY_PARTIAL_TEXT, self::DISPLAY_FULL_TEXT @@ -4126,7 +4127,7 @@ class DisplayResults $query['pftext'] = self::DISPLAY_PARTIAL_TEXT; } - if (PMA_isValid( + if (Core::isValid( $_REQUEST['relational_display'], array( self::RELATIONAL_KEY, self::RELATIONAL_DISPLAY_COLUMN @@ -4142,7 +4143,7 @@ class DisplayResults $query['relational_display'] = $GLOBALS['cfg']['RelationalDisplay']; } - if (PMA_isValid( + if (Core::isValid( $_REQUEST['geoOption'], array( self::GEOMETRY_DISP_WKT, self::GEOMETRY_DISP_WKB, @@ -4568,7 +4569,7 @@ class DisplayResults $row = $GLOBALS['dbi']->fetchRow($dt_result); // initializing default arguments - $default_function = 'PMA_mimeDefaultFunction'; + $default_function = [Core::class, 'mimeDefaultFunction']; $transformation_plugin = $default_function; $transform_options = array(); @@ -5228,7 +5229,7 @@ class DisplayResults * @param string $content the binary content * @param mixed $transformation_plugin transformation plugin. * Can also be the default function: - * PMA_mimeDefaultFunction + * Core::mimeDefaultFunction * @param string $transform_options transformation parameters * @param string $default_function default transformation function * @param object $meta the meta-information about the field @@ -5391,7 +5392,7 @@ class DisplayResults * @param string $data data * @param object|string $transformation_plugin transformation plugin. * Can also be the default function: - * PMA_mimeDefaultFunction + * Core::mimeDefaultFunction * @param string $default_function default function * @param string $nowrap 'nowrap' if the content should * not be wrapped diff --git a/libraries/Encoding.php b/libraries/Encoding.php index 209d94f406..dfc60a76d2 100644 --- a/libraries/Encoding.php +++ b/libraries/Encoding.php @@ -7,6 +7,7 @@ */ namespace PMA\libraries; +use PMA\libraries\Core; use PMA\libraries\config\ConfigFile; /** @@ -103,7 +104,7 @@ class Encoding self::$_engine = self::$_enginemap[$engine][1]; return; } else { - PMA_warnMissingExtension(self::$_enginemap[$engine][2]); + Core::warnMissingExtension(self::$_enginemap[$engine][2]); } } diff --git a/libraries/File.php b/libraries/File.php index 16f855d5d5..3e4391b6a0 100644 --- a/libraries/File.php +++ b/libraries/File.php @@ -8,6 +8,7 @@ namespace PMA\libraries; use PMA\libraries\config\ConfigFile; +use PMA\libraries\Core; /** * File wrapper class @@ -439,7 +440,7 @@ class File } $this->setName( - Util::userDir($GLOBALS['cfg']['UploadDir']) . PMA_securePath($name) + Util::userDir($GLOBALS['cfg']['UploadDir']) . Core::securePath($name) ); if (@is_link($this->getName())) { $this->_error_message = __('File is a symbolic link'); diff --git a/libraries/Footer.php b/libraries/Footer.php index a0cc039837..dac04b8f95 100644 --- a/libraries/Footer.php +++ b/libraries/Footer.php @@ -11,6 +11,7 @@ use Traversable; use PMA\libraries\URL; use PMA\libraries\Sanitize; use PMA\libraries\Config; +use PMA\libraries\Core; /** * Class used to output the footer @@ -177,7 +178,7 @@ class Footer ) { $params['single_table'] = $_REQUEST['single_table']; } - return basename(PMA_getenv('SCRIPT_NAME')) . URL::getCommonRaw($params); + return basename(Core::getenv('SCRIPT_NAME')) . URL::getCommonRaw($params); } /** @@ -233,7 +234,7 @@ class Footer */ private function _setHistory() { - if (! PMA_isValid($_REQUEST['no_history']) + if (! Core::isValid($_REQUEST['no_history']) && empty($GLOBALS['error_message']) && ! empty($GLOBALS['sql_query']) && (isset($GLOBALS['dbi']) @@ -242,8 +243,8 @@ class Footer && $GLOBALS['controllink'])) ) { PMA_setHistory( - PMA_ifSetOr($GLOBALS['db'], ''), - PMA_ifSetOr($GLOBALS['table'], ''), + Core::ifSetOr($GLOBALS['db'], ''), + Core::ifSetOr($GLOBALS['table'], ''), $GLOBALS['cfg']['Server']['user'], $GLOBALS['sql_query'] ); @@ -307,7 +308,7 @@ class Footer $retval .= "</div>"; } if (! $this->_isAjax && ! $this->_isMinimal) { - if (PMA_getenv('SCRIPT_NAME') + if (Core::getenv('SCRIPT_NAME') && empty($_POST) && empty($GLOBALS['checked_special']) && ! $this->_isAjax @@ -331,7 +332,7 @@ class Footer ) ); } - if (PMA_getenv('SCRIPT_NAME') + if (Core::getenv('SCRIPT_NAME') && ! $this->_isAjax ) { $url = $this->getSelfUrl(); diff --git a/libraries/Header.php b/libraries/Header.php index a9deddc5f4..c76946b025 100644 --- a/libraries/Header.php +++ b/libraries/Header.php @@ -11,7 +11,7 @@ use PMA\libraries\navigation\Navigation; use PMA\libraries\URL; use PMA\libraries\Sanitize; use PMA\libraries\Config; - +use PMA\libraries\Core; /** * Class used to output the HTTP and HTML headers @@ -610,7 +610,7 @@ class Header header( 'X-Robots-Tag: noindex, nofollow' ); - PMA_noCacheHeader(); + Core::noCacheHeader(); if (! defined('IS_TRANSFORMATION_WRAPPER')) { // Define the charset to be used header('Content-Type: text/html; charset=utf-8'); @@ -809,4 +809,3 @@ class Header return "v=" . urlencode(PMA_VERSION); } } - diff --git a/libraries/LanguageManager.php b/libraries/LanguageManager.php index 30aab0d5b4..e9a48b3ff1 100644 --- a/libraries/LanguageManager.php +++ b/libraries/LanguageManager.php @@ -7,6 +7,7 @@ */ namespace PMA\libraries; +use PMA\libraries\Core; use PMA\libraries\Language; use PMA\libraries\URL; @@ -851,7 +852,7 @@ class LanguageManager $langs = $this->availableLanguages(); // try to find out user's language by checking its HTTP_ACCEPT_LANGUAGE variable; - $accepted_languages = PMA_getenv('HTTP_ACCEPT_LANGUAGE'); + $accepted_languages = Core::getenv('HTTP_ACCEPT_LANGUAGE'); if ($accepted_languages) { foreach (explode(',', $accepted_languages) as $header) { foreach ($langs as $language) { @@ -863,7 +864,7 @@ class LanguageManager } // try to find out user's language by checking its HTTP_USER_AGENT variable - $user_agent = PMA_getenv('HTTP_USER_AGENT'); + $user_agent = Core::getenv('HTTP_USER_AGENT'); if (! empty($user_agent)) { foreach ($langs as $language) { if ($language->matchesUserAgent($user_agent)) { diff --git a/libraries/Logging.php b/libraries/Logging.php index 09c225df94..931bfea7e4 100644 --- a/libraries/Logging.php +++ b/libraries/Logging.php @@ -9,6 +9,8 @@ */ namespace PMA\libraries; +use PMA\libraries\Core; + /** * Misc logging functions * @@ -35,7 +37,7 @@ class Logging @syslog( LOG_WARNING, 'user denied: ' . $user . ' (' . $status . ') from ' . - PMA_getIp() + Core::getIp() ); closelog(); } diff --git a/libraries/PDF.php b/libraries/PDF.php index b45b09a7d5..5195c16596 100644 --- a/libraries/PDF.php +++ b/libraries/PDF.php @@ -7,6 +7,7 @@ */ namespace PMA\libraries; +use PMA\libraries\Core; use TCPDF; use TCPDF_FONTS; @@ -140,7 +141,7 @@ class PDF extends TCPDF { $pdfData = $this->getPDFData(); Response::getInstance()->disable(); - PMA_downloadHeader( + Core::downloadHeader( $filename, 'application/pdf', strlen($pdfData) diff --git a/libraries/Response.php b/libraries/Response.php index 87b99624c7..dc5caf2695 100644 --- a/libraries/Response.php +++ b/libraries/Response.php @@ -7,6 +7,8 @@ */ namespace PMA\libraries; +use PMA\libraries\Core; + /** * Singleton class used to manage the rendering of pages in PMA * @@ -351,8 +353,8 @@ class Response $this->addJSON( '_reloadQuerywindow', array( - 'db' => PMA_ifSetOr($GLOBALS['db'], ''), - 'table' => PMA_ifSetOr($GLOBALS['table'], ''), + 'db' => Core::ifSetOr($GLOBALS['db'], ''), + 'table' => Core::ifSetOr($GLOBALS['table'], ''), 'sql_query' => $query ) ); @@ -368,7 +370,7 @@ class Response // Set the Content-Type header to JSON so that jQuery parses the // response correctly. - PMA_headerJSON(); + Core::headerJSON(); $result = json_encode($this->_JSON); if ($result === false) { diff --git a/libraries/Sanitize.php b/libraries/Sanitize.php index 0011705c3d..8f604a4021 100644 --- a/libraries/Sanitize.php +++ b/libraries/Sanitize.php @@ -7,6 +7,7 @@ */ namespace PMA\libraries; +use PMA\libraries\Core; use PMA\libraries\Util; /** @@ -109,7 +110,7 @@ class Sanitize /* Construct url */ if (substr($found[1], 0, 4) == 'http') { - $url = PMA_linkURL($found[1]); + $url = Core::linkURL($found[1]); } else { $url = $found[1]; } diff --git a/libraries/Sql.php b/libraries/Sql.php index dfd008654b..7edb7a256a 100644 --- a/libraries/Sql.php +++ b/libraries/Sql.php @@ -12,6 +12,7 @@ use PhpMyAdmin\SqlParser\Statements\DropStatement; use PhpMyAdmin\SqlParser\Statements\SelectStatement; use PhpMyAdmin\SqlParser\Utils\Query; use PMA\libraries\Bookmark; +use PMA\libraries\Core; use PMA\libraries\DatabaseInterface; use PMA\libraries\DisplayResults; use PMA\libraries\Index; @@ -816,7 +817,7 @@ EOT; /** * @todo In which scenario does this happen? */ - PMA_sendHeaderLocation( + Core::sendHeaderLocation( './' . $goto . '&label=' . $_POST['bkm_fields']['bkm_label'] ); diff --git a/libraries/Util.php b/libraries/Util.php index 64dd51fd92..2e0b1da16f 100644 --- a/libraries/Util.php +++ b/libraries/Util.php @@ -13,6 +13,7 @@ use PhpMyAdmin\SqlParser\Lexer; use PhpMyAdmin\SqlParser\Parser; use PhpMyAdmin\SqlParser\Token; use stdClass; +use PMA\libraries\Core; use PMA\libraries\URL; use PMA\libraries\Sanitize; use PMA\libraries\Template; @@ -373,7 +374,7 @@ class Util $url .= '#' . $anchor; } - return PMA_linkURL($url); + return Core::linkURL($url); } /** @@ -425,7 +426,7 @@ class Util /* Check if we have built local documentation */ if (defined('TESTSUITE')) { /* Provide consistent URL for testsuite */ - return PMA_linkURL('https://docs.phpmyadmin.net/en/latest/' . $url); + return Core::linkURL('https://docs.phpmyadmin.net/en/latest/' . $url); } elseif (@file_exists('doc/html/index.html')) { if (defined('PMA_SETUP')) { return '../doc/html/' . $url; @@ -434,7 +435,7 @@ class Util } } else { /* TODO: Should link to correct branch for released versions */ - return PMA_linkURL('https://docs.phpmyadmin.net/en/latest/' . $url); + return Core::linkURL('https://docs.phpmyadmin.net/en/latest/' . $url); } } @@ -465,7 +466,7 @@ class Util */ public static function showPHPDocu($target) { - $url = PMA_getPHPDocLink($target); + $url = Core::getPHPDocLink($target); return self::showDocLink($url); } // end of the 'showPHPDocu()' function @@ -1633,7 +1634,7 @@ class Util // determine additional style-class if (empty($tab['class'])) { if (! empty($tab['active']) - || PMA_isValid($GLOBALS['active_page'], 'identical', $tab['link']) + || Core::isValid($GLOBALS['active_page'], 'identical', $tab['link']) ) { $tab['class'] = 'active'; } elseif (is_null($tab['active']) && empty($GLOBALS['active_page']) @@ -2019,7 +2020,7 @@ class Util } } if ($found_error) { - PMA_fatalError($error_message); + Core::fatalError($error_message); } } // end function @@ -2520,7 +2521,7 @@ class Util $dir .= '/'; } - return str_replace('%u', PMA_securePath($GLOBALS['cfg']['Server']['user']), $dir); + return str_replace('%u', Core::securePath($GLOBALS['cfg']['Server']['user']), $dir); } /** @@ -2575,7 +2576,7 @@ class Util sprintf( __('The %s functionality is affected by a known bug, see %s'), $functionality, - PMA_linkURL('https://bugs.mysql.com/') . $bugref + Core::linkURL('https://bugs.mysql.com/') . $bugref ) ); } @@ -3264,7 +3265,7 @@ class Util ) { /* Content */ $vars = array(); - $vars['http_host'] = PMA_getenv('HTTP_HOST'); + $vars['http_host'] = Core::getenv('HTTP_HOST'); $vars['server_name'] = $GLOBALS['cfg']['Server']['host']; $vars['server_verbose'] = $GLOBALS['cfg']['Server']['verbose']; @@ -4589,7 +4590,7 @@ class Util if (isset($sot_cache)) { $tblGroupSql = ""; $whereAdded = false; - if (PMA_isValid($_REQUEST['tbl_group'])) { + if (Core::isValid($_REQUEST['tbl_group'])) { $group = Util::escapeMysqlWildcards($_REQUEST['tbl_group']); $groupWithSeparator = Util::escapeMysqlWildcards( $_REQUEST['tbl_group'] @@ -4603,7 +4604,7 @@ class Util . " LIKE '" . $group . "')"; $whereAdded = true; } - if (PMA_isValid($_REQUEST['tbl_type'], array('table', 'view'))) { + if (Core::isValid($_REQUEST['tbl_type'], array('table', 'view'))) { $tblGroupSql .= $whereAdded ? " AND" : " WHERE"; if ($_REQUEST['tbl_type'] == 'view') { $tblGroupSql .= " `Table_type` != 'BASE TABLE'"; diff --git a/libraries/common.inc.php b/libraries/common.inc.php index baa49396c8..90952839c2 100644 --- a/libraries/common.inc.php +++ b/libraries/common.inc.php @@ -30,7 +30,9 @@ * * @package PhpMyAdmin */ + use PMA\libraries\Config; +use PMA\libraries\Core; use PMA\libraries\DatabaseInterface; use PMA\libraries\ErrorHandler; use PMA\libraries\Message; @@ -52,7 +54,7 @@ if (getcwd() == dirname(__FILE__)) { } /** - * Minimum PHP version; can't call PMA_fatalError() which uses a + * Minimum PHP version; can't call Core::fatalError() which uses a * PHP 5 function, so cannot easily localize this message. */ if (version_compare(PHP_VERSION, '5.5.0', 'lt')) { @@ -95,14 +97,9 @@ PhpMyAdmin\MoTranslator\Loader::loadFunctions(); $GLOBALS['error_handler'] = new ErrorHandler(); /** - * core functions - */ -require './libraries/core.lib.php'; - -/** * Warning about missing PHP extensions. */ -PMA_checkExtensions(); +Core::checkExtensions(); /** * Set utf-8 encoding for PHP @@ -126,7 +123,7 @@ require './libraries/relation.lib.php'; /******************************************************************************/ /* start procedural code label_start_procedural */ -PMA_cleanupPathInfo(); +Core::cleanupPathInfo(); /** * just to be sure there was no import (registering) before here @@ -326,7 +323,7 @@ $goto_whitelist = array( /** * check $__redirect against whitelist */ -if (! PMA_checkPageValidity($__redirect, $goto_whitelist)) { +if (! Core::checkPageValidity($__redirect, $goto_whitelist)) { $__redirect = null; } @@ -336,7 +333,7 @@ if (! PMA_checkPageValidity($__redirect, $goto_whitelist)) { */ $GLOBALS['goto'] = ''; // Security fix: disallow accessing serious server files via "?goto=" -if (PMA_checkPageValidity($_REQUEST['goto'], $goto_whitelist)) { +if (Core::checkPageValidity($_REQUEST['goto'], $goto_whitelist)) { $GLOBALS['goto'] = $_REQUEST['goto']; $GLOBALS['url_params']['goto'] = $_REQUEST['goto']; } else { @@ -347,7 +344,7 @@ if (PMA_checkPageValidity($_REQUEST['goto'], $goto_whitelist)) { * returning page * @global string $GLOBALS['back'] */ -if (PMA_checkPageValidity($_REQUEST['back'], $goto_whitelist)) { +if (Core::checkPageValidity($_REQUEST['back'], $goto_whitelist)) { $GLOBALS['back'] = $_REQUEST['back']; } else { unset($_REQUEST['back'], $_GET['back'], $_POST['back'], $_COOKIE['back']); @@ -368,12 +365,13 @@ if (PMA_checkPageValidity($_REQUEST['back'], $goto_whitelist)) { * @todo variables should be handled by their respective owners (objects) * f.e. lang, server, collation_connection in PMA\libraries\Config */ +require_once './libraries/core.lib.php'; $token_mismatch = true; $token_provided = false; if ($_SERVER['REQUEST_METHOD'] == 'POST') { - if (PMA_isValid($_POST['token'])) { + if (Core::isValid($_POST['token'])) { $token_provided = true; $token_mismatch = ! hash_equals($_SESSION[' PMA_token '], $_POST['token']); } @@ -393,19 +391,19 @@ if ($_SERVER['REQUEST_METHOD'] == 'POST') { * current selected database * @global string $GLOBALS['db'] */ -PMA_setGlobalDbOrTable('db'); +Core::setGlobalDbOrTable('db'); /** * current selected table * @global string $GLOBALS['table'] */ -PMA_setGlobalDbOrTable('table'); +Core::setGlobalDbOrTable('table'); /** * Store currently selected recent table. * Affect $GLOBALS['db'] and $GLOBALS['table'] */ -if (PMA_isValid($_REQUEST['selected_recent_table'])) { +if (Core::isValid($_REQUEST['selected_recent_table'])) { $recent_table = json_decode($_REQUEST['selected_recent_table'], true); $GLOBALS['db'] @@ -424,7 +422,7 @@ if (PMA_isValid($_REQUEST['selected_recent_table'])) { * @global string $GLOBALS['sql_query'] */ $GLOBALS['sql_query'] = ''; -if (PMA_isValid($_REQUEST['sql_query'])) { +if (Core::isValid($_REQUEST['sql_query'])) { $GLOBALS['sql_query'] = $_REQUEST['sql_query']; } @@ -462,7 +460,7 @@ $GLOBALS['PMA_Config']->checkErrors(); * break it, see bug 1063821. */ if (@extension_loaded('mbstring') && @ini_get('mbstring.func_overload') != '0') { - PMA_fatalError( + Core::fatalError( __( 'You have enabled mbstring.func_overload in your PHP ' . 'configuration. This option is incompatible with phpMyAdmin ' @@ -634,7 +632,7 @@ if (! defined('PMA_MINIMUM_COMMON')) { './libraries/plugins/auth/' . $auth_class . '.php' )) { - PMA_fatalError( + Core::fatalError( __('Invalid authentication method set in configuration:') . ' ' . $cfg['Server']['auth_type'] ); @@ -781,7 +779,7 @@ if (! defined('PMA_MINIMUM_COMMON')) { Logging::logUser($cfg['Server']['user']); if (PMA_MYSQL_INT_VERSION < $cfg['MysqlMinVersion']['internal']) { - PMA_fatalError( + Core::fatalError( __('You should upgrade to %s %s or later.'), array('MySQL', $cfg['MysqlMinVersion']['human']) ); @@ -886,14 +884,14 @@ $GLOBALS['PMA_Config']->set('default_server', ''); Tracker::enable(); if (isset($_REQUEST['GLOBALS']) || isset($_FILES['GLOBALS'])) { - PMA_fatalError(__("GLOBALS overwrite attempt")); + Core::fatalError(__("GLOBALS overwrite attempt")); } /** * protect against possible exploits - there is no need to have so much variables */ if (count($_REQUEST) > 1000) { - PMA_fatalError(__('possible exploit')); + Core::fatalError(__('possible exploit')); } // here, the function does not exist with this configuration: diff --git a/libraries/config/ConfigFile.php b/libraries/config/ConfigFile.php index fe50edfd9a..26a2843800 100644 --- a/libraries/config/ConfigFile.php +++ b/libraries/config/ConfigFile.php @@ -8,6 +8,7 @@ namespace PMA\libraries\config; use PMA\libraries\Config; +use PMA\libraries\Core; /** * Config file management class. @@ -94,7 +95,7 @@ class ConfigFile // apply default values overrides if (count($cfg_db['_overrides'])) { foreach ($cfg_db['_overrides'] as $path => $value) { - PMA_arrayWrite($path, $cfg, $value); + Core::arrayWrite($path, $cfg, $value); } } @@ -209,7 +210,7 @@ class ConfigFile } // if the path isn't protected it may be removed if (isset($this->_persistKeys[$canonical_path])) { - PMA_arrayWrite($path, $_SESSION[$this->_id], $value); + Core::arrayWrite($path, $_SESSION[$this->_id], $value); return; } @@ -223,7 +224,7 @@ class ConfigFile // get original config values not overwritten by user // preferences to allow for overwriting options set in // config.inc.php with default values - $instance_default_value = PMA_arrayRead( + $instance_default_value = Core::arrayRead( $canonical_path, $this->_baseCfg ); @@ -233,11 +234,11 @@ class ConfigFile && ($instance_default_value === $default_value); } if ($remove_path) { - PMA_arrayRemove($path, $_SESSION[$this->_id]); + Core::arrayRemove($path, $_SESSION[$this->_id]); return; } - PMA_arrayWrite($path, $_SESSION[$this->_id], $value); + Core::arrayWrite($path, $_SESSION[$this->_id], $value); } /** @@ -313,7 +314,7 @@ class ConfigFile */ public function get($path, $default = null) { - return PMA_arrayRead($path, $_SESSION[$this->_id], $default); + return Core::arrayRead($path, $_SESSION[$this->_id], $default); } /** @@ -328,7 +329,7 @@ class ConfigFile */ public function getDefault($canonical_path, $default = null) { - return PMA_arrayRead($canonical_path, $this->_defaultCfg, $default); + return Core::arrayRead($canonical_path, $this->_defaultCfg, $default); } /** @@ -342,7 +343,7 @@ class ConfigFile */ public function getValue($path, $default = null) { - $v = PMA_arrayRead($path, $_SESSION[$this->_id], null); + $v = Core::arrayRead($path, $_SESSION[$this->_id], null); if ($v !== null) { return $v; } @@ -372,7 +373,7 @@ class ConfigFile */ public function getDbEntry($path, $default = null) { - return PMA_arrayRead($path, $this->_cfgDb, $default); + return Core::arrayRead($path, $this->_cfgDb, $default); } /** @@ -490,9 +491,9 @@ class ConfigFile $c = $_SESSION[$this->_id]; foreach ($this->_cfgUpdateReadMapping as $map_to => $map_from) { // if the key $c exists in $map_to - if (PMA_arrayRead($map_to, $c) !== null) { - PMA_arrayWrite($map_to, $c, PMA_arrayRead($map_from, $c)); - PMA_arrayRemove($map_from, $c); + if (Core::arrayRead($map_to, $c) !== null) { + Core::arrayWrite($map_to, $c, Core::arrayRead($map_from, $c)); + Core::arrayRemove($map_from, $c); } } return $c; diff --git a/libraries/config/PageSettings.php b/libraries/config/PageSettings.php index 34291a47df..fa9cbd95cf 100644 --- a/libraries/config/PageSettings.php +++ b/libraries/config/PageSettings.php @@ -7,6 +7,7 @@ */ namespace PMA\libraries\config; +use PMA\libraries\Core; use PMA\libraries\Message; use PMA\libraries\Response; @@ -113,7 +114,7 @@ class PageSettings if ($result === true) { // reload page $response = Response::getInstance(); - PMA_sendHeaderLocation( + Core::sendHeaderLocation( $response->getFooter()->getSelfUrl('unencoded') ); exit(); diff --git a/libraries/config/ServerConfigChecks.php b/libraries/config/ServerConfigChecks.php index 2efbd234f3..f63f70c8e9 100644 --- a/libraries/config/ServerConfigChecks.php +++ b/libraries/config/ServerConfigChecks.php @@ -7,6 +7,7 @@ */ namespace PMA\libraries\config; +use PMA\libraries\Core; use PMA\libraries\URL; use PMA\libraries\Util; @@ -429,7 +430,7 @@ class ServerConfigChecks '[a@?page=form' . URL::getCommon(array(), '&') . '&formset=Features#tab_Security]', '[/a]', - '[a@' . PMA_getPHPDocLink( + '[a@' . Core::getPHPDocLink( 'session.configuration.php#ini.session.gc-maxlifetime' ) . ']', '[/a]', diff --git a/libraries/config/Validator.php b/libraries/config/Validator.php index ff6f666a4d..8dab95684e 100644 --- a/libraries/config/Validator.php +++ b/libraries/config/Validator.php @@ -7,6 +7,7 @@ */ namespace PMA\libraries\config; +use PMA\libraries\Core; use PMA\libraries\DatabaseInterface; use PMA\libraries\Util; @@ -59,7 +60,7 @@ class Validator } for ($i = 1, $nb = count($uv); $i < $nb; $i++) { if (mb_substr($uv[$i], 0, 6) == 'value:') { - $uv[$i] = PMA_arrayRead( + $uv[$i] = Core::arrayRead( mb_substr($uv[$i], 6), $GLOBALS['PMA_Config']->base_settings ); @@ -186,7 +187,7 @@ class Validator // static::testPHPErrorMsg(); $error = null; - $host = PMA_sanitizeMySQLHost($host); + $host = Core::sanitizeMySQLHost($host); if (DatabaseInterface::checkDbExtension('mysqli')) { $socket = empty($socket) ? null : $socket; diff --git a/libraries/controllers/database/DatabaseStructureController.php b/libraries/controllers/database/DatabaseStructureController.php index 4124aadbca..6af60f952d 100644 --- a/libraries/controllers/database/DatabaseStructureController.php +++ b/libraries/controllers/database/DatabaseStructureController.php @@ -12,6 +12,7 @@ namespace PMA\libraries\controllers\database; use PMA\libraries\config\PageSettings; use PMA\libraries\controllers\DatabaseController; use PMA\libraries\Charsets; +use PMA\libraries\Core; use PMA\libraries\Message; use PMA\libraries\RecentFavoriteTable; use PMA\libraries\Response; @@ -155,7 +156,7 @@ class DatabaseStructureController extends DatabaseController 'pos' => max(0, $this->_total_num_tables - $GLOBALS['cfg']['MaxTableList']), 'reload' => 1 )); - PMA_sendHeaderLocation($uri); + Core::sendHeaderLocation($uri); } include_once 'libraries/replication.inc.php'; diff --git a/libraries/controllers/table/TableGisVisualizationController.php b/libraries/controllers/table/TableGisVisualizationController.php index 88d4fe998b..47b75329e6 100644 --- a/libraries/controllers/table/TableGisVisualizationController.php +++ b/libraries/controllers/table/TableGisVisualizationController.php @@ -10,6 +10,7 @@ namespace PMA\libraries\controllers\table; use PMA\libraries\controllers\TableController; +use PMA\libraries\Core; use PMA\libraries\Message; use PMA\libraries\Template; use PMA\libraries\gis\GISVisualization; @@ -117,7 +118,7 @@ class TableGisVisualizationController extends TableController } // Get settings if any posted - if (PMA_isValid($_REQUEST['visualizationSettings'], 'array')) { + if (Core::isValid($_REQUEST['visualizationSettings'], 'array')) { $this->visualizationSettings = $_REQUEST['visualizationSettings']; } diff --git a/libraries/controllers/table/TableRelationController.php b/libraries/controllers/table/TableRelationController.php index 163c2d74eb..41dc50b14d 100644 --- a/libraries/controllers/table/TableRelationController.php +++ b/libraries/controllers/table/TableRelationController.php @@ -11,6 +11,7 @@ namespace PMA\libraries\controllers\table; require_once 'libraries/index.lib.php'; use PMA\libraries\controllers\TableController; +use PMA\libraries\Core; use PMA\libraries\DatabaseInterface; use PMA\libraries\Index; use PMA\libraries\Table; @@ -243,7 +244,7 @@ class TableRelationController extends TableController // If there is a request for SQL previewing. if (isset($_REQUEST['preview_sql'])) { - PMA_previewSQL($preview_sql_data); + Core::previewSQL($preview_sql_data); } if (!empty($display_query) && !$seen_error) { diff --git a/libraries/controllers/table/TableStructureController.php b/libraries/controllers/table/TableStructureController.php index b213ad2a35..3a399a469d 100644 --- a/libraries/controllers/table/TableStructureController.php +++ b/libraries/controllers/table/TableStructureController.php @@ -14,6 +14,7 @@ use PhpMyAdmin\SqlParser\Statements\CreateStatement; use PhpMyAdmin\SqlParser\Utils\Table as SqlTable; use PMA\libraries\config\PageSettings; use PMA\libraries\controllers\TableController; +use PMA\libraries\Core; use PMA\libraries\Index; use PMA\libraries\Message; use PMA\libraries\Sql; @@ -908,7 +909,7 @@ class TableStructureController extends TableController // If there is a request for SQL previewing. if (isset($_REQUEST['preview_sql'])) { - PMA_previewSQL(count($changes) > 0 ? $sql_query : ''); + Core::previewSQL(count($changes) > 0 ? $sql_query : ''); } $columns_with_index = $this->dbi diff --git a/libraries/core.lib.php b/libraries/core.lib.php index 5fea4b4d5f..07576d46c2 100644 --- a/libraries/core.lib.php +++ b/libraries/core.lib.php @@ -7,967 +7,13 @@ * * @package PhpMyAdmin */ -use PMA\libraries\Message; -use PMA\libraries\Response; -use PMA\libraries\URL; -use PMA\libraries\Sanitize; - if (! defined('PHPMYADMIN')) { exit; } -/** - * checks given $var and returns it if valid, or $default of not valid - * given $var is also checked for type being 'similar' as $default - * or against any other type if $type is provided - * - * <code> - * // $_REQUEST['db'] not set - * echo PMA_ifSetOr($_REQUEST['db'], ''); // '' - * // $_REQUEST['sql_query'] not set - * echo PMA_ifSetOr($_REQUEST['sql_query']); // null - * // $cfg['EnableFoo'] not set - * echo PMA_ifSetOr($cfg['EnableFoo'], false, 'boolean'); // false - * echo PMA_ifSetOr($cfg['EnableFoo']); // null - * // $cfg['EnableFoo'] set to 1 - * echo PMA_ifSetOr($cfg['EnableFoo'], false, 'boolean'); // false - * echo PMA_ifSetOr($cfg['EnableFoo'], false, 'similar'); // 1 - * echo PMA_ifSetOr($cfg['EnableFoo'], false); // 1 - * // $cfg['EnableFoo'] set to true - * echo PMA_ifSetOr($cfg['EnableFoo'], false, 'boolean'); // true - * </code> - * - * @param mixed &$var param to check - * @param mixed $default default value - * @param mixed $type var type or array of values to check against $var - * - * @return mixed $var or $default - * - * @see PMA_isValid() - */ -function PMA_ifSetOr(&$var, $default = null, $type = 'similar') -{ - if (! PMA_isValid($var, $type, $default)) { - return $default; - } - - return $var; -} - -/** - * checks given $var against $type or $compare - * - * $type can be: - * - false : no type checking - * - 'scalar' : whether type of $var is integer, float, string or boolean - * - 'numeric' : whether type of $var is any number representation - * - 'length' : whether type of $var is scalar with a string length > 0 - * - 'similar' : whether type of $var is similar to type of $compare - * - 'equal' : whether type of $var is identical to type of $compare - * - 'identical' : whether $var is identical to $compare, not only the type! - * - or any other valid PHP variable type - * - * <code> - * // $_REQUEST['doit'] = true; - * PMA_isValid($_REQUEST['doit'], 'identical', 'true'); // false - * // $_REQUEST['doit'] = 'true'; - * PMA_isValid($_REQUEST['doit'], 'identical', 'true'); // true - * </code> - * - * NOTE: call-by-reference is used to not get NOTICE on undefined vars, - * but the var is not altered inside this function, also after checking a var - * this var exists nut is not set, example: - * <code> - * // $var is not set - * isset($var); // false - * functionCallByReference($var); // false - * isset($var); // true - * functionCallByReference($var); // true - * </code> - * - * to avoid this we set this var to null if not isset - * - * @param mixed &$var variable to check - * @param mixed $type var type or array of valid values to check against $var - * @param mixed $compare var to compare with $var - * - * @return boolean whether valid or not - * - * @todo add some more var types like hex, bin, ...? - * @see https://secure.php.net/gettype - */ -function PMA_isValid(&$var, $type = 'length', $compare = null) -{ - if (! isset($var)) { - // var is not even set - return false; - } - - if ($type === false) { - // no vartype requested - return true; - } - - if (is_array($type)) { - return in_array($var, $type); - } - - // allow some aliases of var types - $type = strtolower($type); - switch ($type) { - case 'identic' : - $type = 'identical'; - break; - case 'len' : - $type = 'length'; - break; - case 'bool' : - $type = 'boolean'; - break; - case 'float' : - $type = 'double'; - break; - case 'int' : - $type = 'integer'; - break; - case 'null' : - $type = 'NULL'; - break; - } - - if ($type === 'identical') { - return $var === $compare; - } - - // whether we should check against given $compare - if ($type === 'similar') { - switch (gettype($compare)) { - case 'string': - case 'boolean': - $type = 'scalar'; - break; - case 'integer': - case 'double': - $type = 'numeric'; - break; - default: - $type = gettype($compare); - } - } elseif ($type === 'equal') { - $type = gettype($compare); - } - - // do the check - if ($type === 'length' || $type === 'scalar') { - $is_scalar = is_scalar($var); - if ($is_scalar && $type === 'length') { - return strlen($var) > 0; - } - return $is_scalar; - } - - if ($type === 'numeric') { - return is_numeric($var); - } - - if (gettype($var) === $type) { - return true; - } - - return false; -} - -/** - * Removes insecure parts in a path; used before include() or - * require() when a part of the path comes from an insecure source - * like a cookie or form. - * - * @param string $path The path to check - * - * @return string The secured path - * - * @access public - */ -function PMA_securePath($path) -{ - // change .. to . - $path = preg_replace('@\.\.*@', '.', $path); - - return $path; -} // end function - -/** - * displays the given error message on phpMyAdmin error page in foreign language, - * ends script execution and closes session - * - * loads language file if not loaded already - * - * @param string $error_message the error message or named error message - * @param string|array $message_args arguments applied to $error_message - * - * @return void - */ -function PMA_fatalError($error_message, $message_args = null) { - /* Use format string if applicable */ - if (is_string($message_args)) { - $error_message = sprintf($error_message, $message_args); - } elseif (is_array($message_args)) { - $error_message = vsprintf($error_message, $message_args); - } - - /* - * Avoid using Response if Config is not yet loaded - * (this can happen on early fatal error) - */ - if (isset($GLOBALS['Config'])) { - $response = Response::getInstance(); - } else { - $response = null; - } - if (! is_null($response) && $response->isAjax()) { - $response->setRequestStatus(false); - $response->addJSON('message', PMA\libraries\Message::error($error_message)); - } else { - $error_message = strtr($error_message, array('<br />' => '[br]')); - $error_header = __('Error'); - $lang = isset($GLOBALS['lang']) ? $GLOBALS['lang'] : 'en'; - $dir = isset($GLOBALS['text_dir']) ? $GLOBALS['text_dir'] : 'ltr'; - - // Displays the error message - include './libraries/error.inc.php'; - } - if (! defined('TESTSUITE')) { - exit; - } -} - -/** - * Returns a link to the PHP documentation - * - * @param string $target anchor in documentation - * - * @return string the URL - * - * @access public - */ -function PMA_getPHPDocLink($target) -{ - /* List of PHP documentation translations */ - $php_doc_languages = array( - 'pt_BR', 'zh', 'fr', 'de', 'it', 'ja', 'pl', 'ro', 'ru', 'fa', 'es', 'tr' - ); - - $lang = 'en'; - if (in_array($GLOBALS['lang'], $php_doc_languages)) { - $lang = $GLOBALS['lang']; - } - - return PMA_linkURL('https://secure.php.net/manual/' . $lang . '/' . $target); -} - -/** - * Warn or fail on missing extension. - * - * @param string $extension Extension name - * @param bool $fatal Whether the error is fatal. - * @param string $extra Extra string to append to message. - * - * @return void - */ -function PMA_warnMissingExtension($extension, $fatal = false, $extra = '') -{ - /* Gettext does not have to be loaded yet here */ - if (function_exists('__')) { - $message = __( - 'The %s extension is missing. Please check your PHP configuration.' - ); - } else { - $message - = 'The %s extension is missing. Please check your PHP configuration.'; - } - $doclink = PMA_getPHPDocLink('book.' . $extension . '.php'); - $message = sprintf( - $message, - '[a@' . $doclink . '@Documentation][em]' . $extension . '[/em][/a]' - ); - if ($extra != '') { - $message .= ' ' . $extra; - } - if ($fatal) { - PMA_fatalError($message); - return; - } - - $GLOBALS['error_handler']->addError( - $message, - E_USER_WARNING, - '', - '', - false - ); -} - -/** - * returns count of tables in given db - * - * @param string $db database to count tables for - * - * @return integer count of tables in $db - */ -function PMA_getTableCount($db) -{ - $tables = $GLOBALS['dbi']->tryQuery( - 'SHOW TABLES FROM ' . PMA\libraries\Util::backquote($db) . ';', - null, PMA\libraries\DatabaseInterface::QUERY_STORE - ); - if ($tables) { - $num_tables = $GLOBALS['dbi']->numRows($tables); - $GLOBALS['dbi']->freeResult($tables); - } else { - $num_tables = 0; - } - - return $num_tables; -} - -/** - * Converts numbers like 10M into bytes - * Used with permission from Moodle (https://moodle.org) by Martin Dougiamas - * (renamed with PMA prefix to avoid double definition when embedded - * in Moodle) - * - * @param string|int $size size (Default = 0) - * - * @return integer $size - */ -function PMA_getRealSize($size = 0) -{ - if (! $size) { - return 0; - } - - $binaryprefixes = array( - 'T' => 1099511627776, - 't' => 1099511627776, - 'G' => 1073741824, - 'g' => 1073741824, - 'M' => 1048576, - 'm' => 1048576, - 'K' => 1024, - 'k' => 1024, - ); - - if (preg_match('/^([0-9]+)([KMGT])/i', $size, $matches)) { - return $matches[1] * $binaryprefixes[$matches[2]]; - } - - return (int) $size; -} // end function PMA_getRealSize() - -/** - * boolean phpMyAdmin.PMA_checkPageValidity(string &$page, array $whitelist) - * - * checks given $page against given $whitelist and returns true if valid - * it optionally ignores query parameters in $page (script.php?ignored) - * - * @param string &$page page to check - * @param array $whitelist whitelist to check page against - * - * @return boolean whether $page is valid or not (in $whitelist or not) - */ -function PMA_checkPageValidity(&$page, $whitelist) -{ - if (! isset($page) || !is_string($page)) { - return false; - } - - if (in_array($page, $whitelist)) { - return true; - } - - $_page = mb_substr( - $page, - 0, - mb_strpos($page . '?', '?') - ); - if (in_array($_page, $whitelist)) { - return true; - } - - $_page = urldecode($page); - $_page = mb_substr( - $_page, - 0, - mb_strpos($_page . '?', '?') - ); - if (in_array($_page, $whitelist)) { - return true; - } - - return false; -} - -/** - * tries to find the value for the given environment variable name - * - * searches in $_SERVER, $_ENV then tries getenv() and apache_getenv() - * in this order - * - * @param string $var_name variable name - * - * @return string value of $var or empty string - */ -function PMA_getenv($var_name) -{ - if (isset($_SERVER[$var_name])) { - return $_SERVER[$var_name]; - } - - if (isset($_ENV[$var_name])) { - return $_ENV[$var_name]; - } - - if (getenv($var_name)) { - return getenv($var_name); - } - - if (function_exists('apache_getenv') - && apache_getenv($var_name, true) - ) { - return apache_getenv($var_name, true); - } - - return ''; -} - -/** - * Send HTTP header, taking IIS limits into account (600 seems ok) - * - * @param string $uri the header to send - * @param bool $use_refresh whether to use Refresh: header when running on IIS - * - * @return void - */ -function PMA_sendHeaderLocation($uri, $use_refresh = false) -{ - if ($GLOBALS['PMA_Config']->get('PMA_IS_IIS') && mb_strlen($uri) > 600) { - Response::getInstance()->disable(); - - echo PMA\libraries\Template::get('header_location') - ->render(array('uri' => $uri)); - - return; - } - - /* - * Avoid relative path redirect problems in case user entered URL - * like /phpmyadmin/index.php/ which some web servers happily accept. - */ - if ($uri[0] == '.') { - $uri = $GLOBALS['PMA_Config']->getRootPath() . substr($uri, 2); - } - - $response = Response::getInstance(); - - session_write_close(); - if ($response->headersSent()) { - trigger_error( - 'PMA_sendHeaderLocation called when headers are already sent!', - E_USER_ERROR - ); - } - // bug #1523784: IE6 does not like 'Refresh: 0', it - // results in a blank page - // but we need it when coming from the cookie login panel) - if ($GLOBALS['PMA_Config']->get('PMA_IS_IIS') && $use_refresh) { - $response->header('Refresh: 0; ' . $uri); - } else { - $response->header('Location: ' . $uri); - } -} - -/** - * Outputs application/json headers. This includes no caching. - * - * @return void - */ -function PMA_headerJSON() -{ - if (defined('TESTSUITE')) { - return; - } - // No caching - PMA_noCacheHeader(); - // MIME type - header('Content-Type: application/json; charset=UTF-8'); - // Disable content sniffing in browser - // This is needed in case we include HTML in JSON, browser might assume it's - // html to display - header('X-Content-Type-Options: nosniff'); -} - -/** - * Outputs headers to prevent caching in browser (and on the way). - * - * @return void - */ -function PMA_noCacheHeader() -{ - if (defined('TESTSUITE')) { - return; - } - // rfc2616 - Section 14.21 - header('Expires: ' . gmdate(DATE_RFC1123)); - // HTTP/1.1 - header( - 'Cache-Control: no-store, no-cache, must-revalidate,' - . ' pre-check=0, post-check=0, max-age=0' - ); - - header('Pragma: no-cache'); // HTTP/1.0 - // test case: exporting a database into a .gz file with Safari - // would produce files not having the current time - // (added this header for Safari but should not harm other browsers) - header('Last-Modified: ' . gmdate(DATE_RFC1123)); -} - - -/** - * Sends header indicating file download. - * - * @param string $filename Filename to include in headers if empty, - * none Content-Disposition header will be sent. - * @param string $mimetype MIME type to include in headers. - * @param int $length Length of content (optional) - * @param bool $no_cache Whether to include no-caching headers. - * - * @return void - */ -function PMA_downloadHeader($filename, $mimetype, $length = 0, $no_cache = true) -{ - if ($no_cache) { - PMA_noCacheHeader(); - } - /* Replace all possibly dangerous chars in filename */ - $filename = Sanitize::sanitizeFilename($filename); - if (!empty($filename)) { - header('Content-Description: File Transfer'); - header('Content-Disposition: attachment; filename="' . $filename . '"'); - } - header('Content-Type: ' . $mimetype); - // inform the server that compression has been done, - // to avoid a double compression (for example with Apache + mod_deflate) - $notChromeOrLessThan43 = PMA_USR_BROWSER_AGENT != 'CHROME' // see bug #4942 - || (PMA_USR_BROWSER_AGENT == 'CHROME' && PMA_USR_BROWSER_VER < 43); - if (strpos($mimetype, 'gzip') !== false && $notChromeOrLessThan43) { - header('Content-Encoding: gzip'); - } - header('Content-Transfer-Encoding: binary'); - if ($length > 0) { - header('Content-Length: ' . $length); - } -} - -/** - * Returns value of an element in $array given by $path. - * $path is a string describing position of an element in an associative array, - * eg. Servers/1/host refers to $array[Servers][1][host] - * - * @param string $path path in the array - * @param array $array the array - * @param mixed $default default value - * - * @return mixed array element or $default - */ -function PMA_arrayRead($path, $array, $default = null) -{ - $keys = explode('/', $path); - $value =& $array; - foreach ($keys as $key) { - if (! isset($value[$key])) { - return $default; - } - $value =& $value[$key]; - } - return $value; -} - -/** - * Stores value in an array - * - * @param string $path path in the array - * @param array &$array the array - * @param mixed $value value to store - * - * @return void - */ -function PMA_arrayWrite($path, &$array, $value) -{ - $keys = explode('/', $path); - $last_key = array_pop($keys); - $a =& $array; - foreach ($keys as $key) { - if (! isset($a[$key])) { - $a[$key] = array(); - } - $a =& $a[$key]; - } - $a[$last_key] = $value; -} - -/** - * Removes value from an array - * - * @param string $path path in the array - * @param array &$array the array - * - * @return void - */ -function PMA_arrayRemove($path, &$array) -{ - $keys = explode('/', $path); - $keys_last = array_pop($keys); - $path = array(); - $depth = 0; - - $path[0] =& $array; - $found = true; - // go as deep as required or possible - foreach ($keys as $key) { - if (! isset($path[$depth][$key])) { - $found = false; - break; - } - $depth++; - $path[$depth] =& $path[$depth - 1][$key]; - } - // if element found, remove it - if ($found) { - unset($path[$depth][$keys_last]); - $depth--; - } - - // remove empty nested arrays - for (; $depth >= 0; $depth--) { - if (! isset($path[$depth+1]) || count($path[$depth+1]) == 0) { - unset($path[$depth][$keys[$depth]]); - } else { - break; - } - } -} - -/** - * Returns link to (possibly) external site using defined redirector. - * - * @param string $url URL where to go. - * - * @return string URL for a link. - */ -function PMA_linkURL($url) -{ - if (!preg_match('#^https?://#', $url)) { - return $url; - } - - $params = array(); - $params['url'] = $url; - - $url = URL::getCommon($params); - //strip off token and such sensitive information. Just keep url. - $arr = parse_url($url); - parse_str($arr["query"], $vars); - $query = http_build_query(array("url" => $vars["url"])); - - if (defined('PMA_SETUP')) { - $url = '../url.php?' . $query; - } else { - $url = './url.php?' . $query; - } - - return $url; -} - -/** - * Checks whether domain of URL is whitelisted domain or not. - * Use only for URLs of external sites. - * - * @param string $url URL of external site. - * - * @return boolean True: if domain of $url is allowed domain, - * False: otherwise. - */ -function PMA_isAllowedDomain($url) -{ - $arr = parse_url($url); - // We need host to be set - if (! isset($arr['host']) || strlen($arr['host']) == 0) { - return false; - } - // We do not want these to be present - $blocked = array('user', 'pass', 'port'); - foreach ($blocked as $part) { - if (isset($arr[$part]) && strlen($arr[$part]) != 0) { - return false; - } - } - $domain = $arr["host"]; - $domainWhiteList = array( - /* Include current domain */ - $_SERVER['SERVER_NAME'], - /* phpMyAdmin domains */ - 'wiki.phpmyadmin.net', - 'www.phpmyadmin.net', - 'phpmyadmin.net', - 'demo.phpmyadmin.net', - 'docs.phpmyadmin.net', - /* mysql.com domains */ - 'dev.mysql.com','bugs.mysql.com', - /* mariadb domains */ - 'mariadb.org', 'mariadb.com', - /* php.net domains */ - 'php.net', - 'secure.php.net', - /* sourceforge.net domain */ - 'sourceforge.net', - /* Github domains*/ - 'github.com','www.github.com', - /* Percona domains */ - 'www.percona.com', - /* Following are doubtful ones. */ - 'mysqldatabaseadministration.blogspot.com', - ); - if (in_array($domain, $domainWhiteList)) { - return true; - } - - return false; -} - -/** - * Replace some html-unfriendly stuff - * - * @param string $buffer String to process - * - * @return string Escaped and cleaned up text suitable for html - */ -function PMA_mimeDefaultFunction($buffer) -{ - $buffer = htmlspecialchars($buffer); - $buffer = str_replace(' ', ' ', $buffer); - $buffer = preg_replace("@((\015\012)|(\015)|(\012))@", '<br />' . "\n", $buffer); - - return $buffer; -} - -/** - * Displays SQL query before executing. - * - * @param array|string $query_data Array containing queries or query itself - * - * @return void - */ -function PMA_previewSQL($query_data) -{ - $retval = '<div class="preview_sql">'; - if (empty($query_data)) { - $retval .= __('No change'); - } elseif (is_array($query_data)) { - foreach ($query_data as $query) { - $retval .= PMA\libraries\Util::formatSql($query); - } - } else { - $retval .= PMA\libraries\Util::formatSql($query_data); - } - $retval .= '</div>'; - $response = Response::getInstance(); - $response->addJSON('sql_data', $retval); - exit; -} - -/** - * recursively check if variable is empty - * - * @param mixed $value the variable - * - * @return bool true if empty - */ -function PMA_emptyRecursive($value) -{ - $empty = true; - if (is_array($value)) { - array_walk_recursive( - $value, - function ($item) use (&$empty) { - $empty = $empty && empty($item); - } - ); - } else { - $empty = empty($value); - } - return $empty; -} - -/** - * Creates some globals from $_POST variables matching a pattern - * - * @param array $post_patterns The patterns to search for - * - * @return void - */ -function PMA_setPostAsGlobal($post_patterns) -{ - foreach (array_keys($_POST) as $post_key) { - foreach ($post_patterns as $one_post_pattern) { - if (preg_match($one_post_pattern, $post_key)) { - $GLOBALS[$post_key] = $_POST[$post_key]; - } - } - } -} - -/** - * Creates some globals from $_REQUEST - * - * @param string $param db|table - * - * @return void - */ -function PMA_setGlobalDbOrTable($param) -{ - $GLOBALS[$param] = ''; - if (PMA_isValid($_REQUEST[$param])) { - // can we strip tags from this? - // only \ and / is not allowed in db names for MySQL - $GLOBALS[$param] = $_REQUEST[$param]; - $GLOBALS['url_params'][$param] = $GLOBALS[$param]; - } -} - -/** - * PATH_INFO could be compromised if set, so remove it from PHP_SELF - * and provide a clean PHP_SELF here - * - * @return void - */ -function PMA_cleanupPathInfo() -{ - global $PMA_PHP_SELF; - - $PMA_PHP_SELF = PMA_getenv('PHP_SELF'); - if (empty($PMA_PHP_SELF)) { - $PMA_PHP_SELF = urldecode(PMA_getenv('REQUEST_URI')); - } - $_PATH_INFO = PMA_getenv('PATH_INFO'); - if (! empty($_PATH_INFO) && ! empty($PMA_PHP_SELF)) { - $question_pos = mb_strpos($PMA_PHP_SELF, '?'); - if ($question_pos != false) { - $PMA_PHP_SELF = mb_substr($PMA_PHP_SELF, 0, $question_pos); - } - $path_info_pos = mb_strrpos($PMA_PHP_SELF, $_PATH_INFO); - if ($path_info_pos !== false) { - $path_info_part = mb_substr($PMA_PHP_SELF, $path_info_pos, mb_strlen($_PATH_INFO)); - if ($path_info_part == $_PATH_INFO) { - $PMA_PHP_SELF = mb_substr($PMA_PHP_SELF, 0, $path_info_pos); - } - } - } - - $path = []; - foreach(explode('/', $PMA_PHP_SELF) as $part) { - // ignore parts that have no value - if (empty($part) || $part === '.') continue; - - if ($part !== '..') { - // cool, we found a new part - array_push($path, $part); - } else if (count($path) > 0) { - // going back up? sure - array_pop($path); - } - // Here we intentionall ignore case where we go too up - // as there is nothing sane to do - } - - $PMA_PHP_SELF = htmlspecialchars('/' . join('/', $path)); -} - -/** - * Checks that required PHP extensions are there. - * @return void - */ -function PMA_checkExtensions() -{ - /** - * Warning about mbstring. - */ - if (! function_exists('mb_detect_encoding')) { - PMA_warnMissingExtension('mbstring'); - } - - /** - * We really need this one! - */ - if (! function_exists('preg_replace')) { - PMA_warnMissingExtension('pcre', true); - } - - /** - * JSON is required in several places. - */ - if (! function_exists('json_encode')) { - PMA_warnMissingExtension('json', true); - } -} - -/** - * Gets the "true" IP address of the current user - * - * @return string the ip of the user - * - * @access private - */ -function PMA_getIp() -{ - /* Get the address of user */ - if (empty($_SERVER['REMOTE_ADDR'])) { - /* We do not know remote IP */ - return false; - } - - $direct_ip = $_SERVER['REMOTE_ADDR']; - - /* Do we trust this IP as a proxy? If yes we will use it's header. */ - if (!isset($GLOBALS['cfg']['TrustedProxies'][$direct_ip])) { - /* Return true IP */ - return $direct_ip; - } - - /** - * Parse header in form: - * X-Forwarded-For: client, proxy1, proxy2 - */ - // Get header content - $value = PMA_getenv($GLOBALS['cfg']['TrustedProxies'][$direct_ip]); - // Grab first element what is client adddress - $value = explode(',', $value)[0]; - // checks that the header contains only one IP address, - $is_ip = filter_var($value, FILTER_VALIDATE_IP); - - if ($is_ip !== false) { - // True IP behind a proxy - return $value; - } - - // We could not parse header - return false; -} // end of the 'PMA_getIp()' function - - /* Compatibility with PHP < 5.6 */ -if(! function_exists('hash_equals')) { - +if (! function_exists('hash_equals')) { /** * Timing attack safe string comparison * @@ -982,6 +28,7 @@ if(! function_exists('hash_equals')) { return ! $ret; } } + /* Compatibility with PHP < 5.1 or PHP without hash extension */ if (! function_exists('hash_hmac')) { /** @@ -1018,127 +65,3 @@ if (! function_exists('hash_hmac')) { return ($raw_output) ? pack($pack, $output) : $output; } } - -/** - * Sanitizes MySQL hostname - * - * * strips p: prefix(es) - * - * @param string $name User given hostname - * - * @return string - */ -function PMA_sanitizeMySQLHost($name) -{ - while (strtolower(substr($name, 0, 2)) == 'p:') { - $name = substr($name, 2); - } - - return $name; -} - -/** - * Sanitizes MySQL username - * - * * strips part behind null byte - * - * @param string $name User given username - * - * @return string - */ -function PMA_sanitizeMySQLUser($name) -{ - $position = strpos($name, chr(0)); - if ($position !== false) { - return substr($name, 0, $position); - } - return $name; -} - -/** - * Safe unserializer wrapper - * - * It does not unserialize data containing objects - * - * @param string $data Data to unserialize - * - * @return mixed - */ -function PMA_safeUnserialize($data) -{ - if (! is_string($data)) { - return null; - } - - /* validate serialized data */ - $length = strlen($data); - $depth = 0; - for ($i = 0; $i < $length; $i++) { - $value = $data[$i]; - - switch ($value) - { - case '}': - /* end of array */ - if ($depth <= 0) { - return null; - } - $depth--; - break; - case 's': - /* string */ - // parse sting length - $strlen = intval(substr($data, $i + 2)); - // string start - $i = strpos($data, ':', $i + 2); - if ($i === false) { - return null; - } - // skip string, quotes and ; - $i += 2 + $strlen + 1; - if ($data[$i] != ';') { - return null; - } - break; - - case 'b': - case 'i': - case 'd': - /* bool, integer or double */ - // skip value to sepearator - $i = strpos($data, ';', $i); - if ($i === false) { - return null; - } - break; - case 'a': - /* array */ - // find array start - $i = strpos($data, '{', $i); - if ($i === false) { - return null; - } - // remember nesting - $depth++; - break; - case 'N': - /* null */ - // skip to end - $i = strpos($data, ';', $i); - if ($i === false) { - return null; - } - break; - default: - /* any other elements are not wanted */ - return null; - } - } - - // check unterminated arrays - if ($depth > 0) { - return null; - } - - return unserialize($data); -} diff --git a/libraries/create_addfield.lib.php b/libraries/create_addfield.lib.php index 8f8e9e00fb..45508e7f77 100644 --- a/libraries/create_addfield.lib.php +++ b/libraries/create_addfield.lib.php @@ -5,6 +5,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\Table; use PMA\libraries\Util; @@ -487,7 +489,7 @@ function PMA_tryColumnCreationQuery($db, $table, $err_url) PMA\libraries\Util::backquote($table) . ' ' . $sql_statement . ';'; // If there is a request for SQL previewing. if (isset($_REQUEST['preview_sql'])) { - PMA_previewSQL($sql_query); + Core::previewSQL($sql_query); } return array($GLOBALS['dbi']->tryQuery($sql_query) , $sql_query); } diff --git a/libraries/database_interface.inc.php b/libraries/database_interface.inc.php index def0b777be..5d734fb8c7 100644 --- a/libraries/database_interface.inc.php +++ b/libraries/database_interface.inc.php @@ -6,6 +6,8 @@ * * @package PhpMyAdmin-DBI */ + +use PMA\libraries\Core; use PMA\libraries\dbi\DBIDummy; use PMA\libraries\di\Container; use PMA\libraries\DatabaseInterface; @@ -42,7 +44,7 @@ if (defined('TESTSUITE')) { $extension = 'mysql'; if (! PMA\libraries\DatabaseInterface::checkDbExtension($extension)) { // warn about both extensions missing and exit - PMA_warnMissingExtension( + Core::warnMissingExtension( 'mysqli', true, $doclink @@ -61,7 +63,7 @@ if (defined('TESTSUITE')) { } } else { // mysql extension is not part of PHP 7+, so warn and exit - PMA_warnMissingExtension( + Core::warnMissingExtension( 'mysqli', true, $doclink diff --git a/libraries/db_common.inc.php b/libraries/db_common.inc.php index 4d5a92acf9..0e6c73c4b1 100644 --- a/libraries/db_common.inc.php +++ b/libraries/db_common.inc.php @@ -5,6 +5,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\Message; use PMA\libraries\Response; use PMA\libraries\URL; @@ -69,7 +71,7 @@ if (! isset($is_db) || ! $is_db) { Message::error(__('No databases selected.')) ); } else { - PMA_sendHeaderLocation($uri); + Core::sendHeaderLocation($uri); } exit; } @@ -106,4 +108,3 @@ if (isset($_REQUEST['submitcollation']) * Set parameters for links */ $url_query = URL::getCommon(array('db' => $db)); - diff --git a/libraries/db_table_exists.inc.php b/libraries/db_table_exists.inc.php index b4fc51021d..562a85350e 100644 --- a/libraries/db_table_exists.inc.php +++ b/libraries/db_table_exists.inc.php @@ -6,6 +6,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\Message; use PMA\libraries\Response; use PMA\libraries\URL; @@ -42,7 +44,7 @@ if (empty($is_db)) { if (isset($show_as_php)) { $url_params['show_as_php'] = $show_as_php; } - PMA_sendHeaderLocation( + Core::sendHeaderLocation( './index.php' . URL::getCommonRaw($url_params) ); diff --git a/libraries/display_export.lib.php b/libraries/display_export.lib.php index bc80a65078..087e060709 100644 --- a/libraries/display_export.lib.php +++ b/libraries/display_export.lib.php @@ -6,6 +6,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\Encoding; use PMA\libraries\Message; use PMA\libraries\plugins\ExportPlugin; @@ -573,7 +575,7 @@ function PMA_getHtmlForExportOptionsOutputFormat($export_type) ) ); $msg->addParamHtml( - '<a href="' . PMA_linkURL(PMA_getPHPDocLink('function.strftime.php')) + '<a href="' . Core::linkURL(Core::getPHPDocLink('function.strftime.php')) . '" target="documentation" title="' . __('Documentation') . '">' ); $msg->addParamHtml('</a>'); @@ -773,7 +775,7 @@ function PMA_getHtmlForExportOptionsOutput($export_type) $html .= '<ul id="ul_output">'; $html .= '<li><input type="checkbox" id="btn_alias_config" '; if (isset($_SESSION['tmpval']['aliases']) - && !PMA_emptyRecursive($_SESSION['tmpval']['aliases']) + && !Core::emptyRecursive($_SESSION['tmpval']['aliases']) ) { $html .= 'checked="checked"'; } diff --git a/libraries/display_git_revision.lib.php b/libraries/display_git_revision.lib.php index a57022b0cc..17a671ae19 100644 --- a/libraries/display_git_revision.lib.php +++ b/libraries/display_git_revision.lib.php @@ -5,6 +5,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\Response; /** @@ -34,7 +36,7 @@ function PMA_printGitRevision() . '">' . $commit_hash . '</strong>'; if ($GLOBALS['PMA_Config']->get('PMA_VERSION_GIT_ISREMOTECOMMIT')) { $commit_hash = '<a href="' - . PMA_linkURL( + . Core::linkURL( 'https://github.com/phpmyadmin/phpmyadmin/commit/' . $GLOBALS['PMA_Config']->get('PMA_VERSION_GIT_COMMITHASH') ) @@ -44,7 +46,7 @@ function PMA_printGitRevision() $branch = $GLOBALS['PMA_Config']->get('PMA_VERSION_GIT_BRANCH'); if ($GLOBALS['PMA_Config']->get('PMA_VERSION_GIT_ISREMOTEBRANCH')) { $branch = '<a href="' - . PMA_linkURL( + . Core::linkURL( 'https://github.com/phpmyadmin/phpmyadmin/tree/' . $GLOBALS['PMA_Config']->get('PMA_VERSION_GIT_BRANCH') ) @@ -64,7 +66,7 @@ function PMA_printGitRevision() . sprintf( __('committed on %1$s by %2$s'), PMA\libraries\Util::localisedDate(strtotime($committer['date'])), - '<a href="' . PMA_linkURL( + '<a href="' . Core::linkURL( 'mailto:' . htmlspecialchars($committer['email']) ) . '">' . htmlspecialchars($committer['name']) . '</a>' @@ -74,7 +76,7 @@ function PMA_printGitRevision() . sprintf( __('authored on %1$s by %2$s'), PMA\libraries\Util::localisedDate(strtotime($author['date'])), - '<a href="' . PMA_linkURL( + '<a href="' . Core::linkURL( 'mailto:' . htmlspecialchars($author['email']) ) . '">' . htmlspecialchars($author['name']) . '</a>' diff --git a/libraries/display_import.lib.php b/libraries/display_import.lib.php index d6beff2cf8..3b87ed791a 100644 --- a/libraries/display_import.lib.php +++ b/libraries/display_import.lib.php @@ -8,7 +8,9 @@ * * @package PhpMyAdmin */ + use PMA\libraries\Charsets; +use PMA\libraries\Core; use PMA\libraries\Encoding; use PMA\libraries\Message; use PMA\libraries\plugins\ImportPlugin; @@ -668,7 +670,7 @@ function PMA_getImportDisplay($import_type, $db, $table, $max_upload_size) exit; } - if (PMA_isValid($_REQUEST['offset'], 'numeric')) { + if (Core::isValid($_REQUEST['offset'], 'numeric')) { $offset = intval($_REQUEST['offset']); } if (isset($_REQUEST['timeout_passed'])) { diff --git a/libraries/display_import_ajax.lib.php b/libraries/display_import_ajax.lib.php index 838f9b7805..67887ae854 100644 --- a/libraries/display_import_ajax.lib.php +++ b/libraries/display_import_ajax.lib.php @@ -6,6 +6,8 @@ * @package PhpMyAdmin */ +use PMA\libraries\Core; + /** * Sets up some variables for upload progress * @@ -128,7 +130,7 @@ function PMA_Import_nopluginCheck() */ function PMA_importAjaxStatus($id) { - PMA_headerJSON(); + Core::headerJSON(); echo json_encode( $_SESSION[$GLOBALS['SESSION_KEY']]['handler']::getUploadStatus($id) ); diff --git a/libraries/engines/Pbxt.php b/libraries/engines/Pbxt.php index 68af617199..d3058e37ba 100644 --- a/libraries/engines/Pbxt.php +++ b/libraries/engines/Pbxt.php @@ -8,6 +8,7 @@ namespace PMA\libraries\engines; use PMA; +use PMA\libraries\Core; use PMA\libraries\StorageEngine; /** @@ -181,7 +182,7 @@ class Pbxt extends StorageEngine 'Documentation and further information about PBXT' . ' can be found on the %sPrimeBase XT Home Page%s.' ), - '<a href="' . PMA_linkURL('https://mariadb.com/kb/en/mariadb/about-pbxt/') + '<a href="' . Core::linkURL('https://mariadb.com/kb/en/mariadb/about-pbxt/') . '" rel="noopener noreferrer" target="_blank">', '</a>' ) @@ -190,4 +191,3 @@ class Pbxt extends StorageEngine return $output; } } - diff --git a/libraries/gis/GISVisualization.php b/libraries/gis/GISVisualization.php index 7f05ff65db..c9be03c95a 100644 --- a/libraries/gis/GISVisualization.php +++ b/libraries/gis/GISVisualization.php @@ -8,6 +8,7 @@ namespace PMA\libraries\gis; +use PMA\libraries\Core; use PMA\libraries\Util; use \TCPDF; use PMA\libraries\Sanitize; @@ -280,7 +281,7 @@ class GISVisualization private function _toFile($file_name, $type, $ext) { $file_name = $this->_sanitizeName($file_name, $ext); - PMA_downloadHeader($file_name, $type); + Core::downloadHeader($file_name, $type); } /** diff --git a/libraries/ip_allow_deny.lib.php b/libraries/ip_allow_deny.lib.php index 85fb82cf26..cf16d06829 100644 --- a/libraries/ip_allow_deny.lib.php +++ b/libraries/ip_allow_deny.lib.php @@ -7,6 +7,10 @@ * @package PhpMyAdmin */ +use PMA\libraries\Core; + +require_once './libraries/core.lib.php'; + /** * Matches for IPv4 or IPv6 addresses * @@ -222,14 +226,14 @@ function PMA_ipv6MaskTest($test_range, $ip_to_test) * * @access public * - * @see PMA_getIp() + * @see Core::getIp() */ function PMA_allowDeny($type) { global $cfg; // Grabs true IP of the user and returns if it can't be found - $remote_ip = PMA_getIp(); + $remote_ip = Core::getIp(); if (empty($remote_ip)) { return false; } @@ -254,10 +258,10 @@ function PMA_allowDeny($type) ); // Provide some useful shortcuts if server gives us address: - if (PMA_getenv('SERVER_ADDR')) { - $shortcuts['localnetA'] = PMA_getenv('SERVER_ADDR') . '/8'; - $shortcuts['localnetB'] = PMA_getenv('SERVER_ADDR') . '/16'; - $shortcuts['localnetC'] = PMA_getenv('SERVER_ADDR') . '/24'; + if (Core::getenv('SERVER_ADDR')) { + $shortcuts['localnetA'] = Core::getenv('SERVER_ADDR') . '/8'; + $shortcuts['localnetB'] = Core::getenv('SERVER_ADDR') . '/16'; + $shortcuts['localnetC'] = Core::getenv('SERVER_ADDR') . '/24'; } foreach ($rules as $rule) { @@ -298,4 +302,3 @@ function PMA_allowDeny($type) return false; } // end of the "PMA_AllowDeny()" function - diff --git a/libraries/operations.lib.php b/libraries/operations.lib.php index 5b2a2f92d9..ef5b8f304e 100644 --- a/libraries/operations.lib.php +++ b/libraries/operations.lib.php @@ -7,6 +7,7 @@ */ use PMA\libraries\engines\Innodb; use PMA\libraries\Charsets; +use PMA\libraries\Core; use PMA\libraries\Message; use PMA\libraries\Partition; use PMA\libraries\plugins\export\ExportSql; @@ -2026,7 +2027,7 @@ function PMA_moveOrCopyTable($db, $table) /** * A target table name has been sent to this script -> do the work */ - if (PMA_isValid($_REQUEST['new_name'])) { + if (Core::isValid($_REQUEST['new_name'])) { if ($db == $_REQUEST['target_db'] && $table == $_REQUEST['new_name']) { if (isset($_REQUEST['submit_move'])) { $message = Message::error(__('Can\'t move table to same one!')); @@ -2095,7 +2096,7 @@ function PMA_moveOrCopyTable($db, $table) /* Check: Work on new table or on old table? */ if (isset($_REQUEST['submit_move']) - || PMA_isValid($_REQUEST['switch_to_new']) + || Core::isValid($_REQUEST['switch_to_new']) ) { } } diff --git a/libraries/plugins/AuthenticationPlugin.php b/libraries/plugins/AuthenticationPlugin.php index 52c1da9442..63f4cd187c 100644 --- a/libraries/plugins/AuthenticationPlugin.php +++ b/libraries/plugins/AuthenticationPlugin.php @@ -7,6 +7,7 @@ */ namespace PMA\libraries\plugins; +use PMA\libraries\Core; use PMA\libraries\Sanitize; use PMA\libraries\URL; @@ -97,11 +98,11 @@ abstract class AuthenticationPlugin } /* Redirect to login form (or configured URL) */ - PMA_sendHeaderLocation($redirect_url); + Core::sendHeaderLocation($redirect_url); } else { /* Redirect to other autenticated server */ $_SESSION['partial_logout'] = true; - PMA_sendHeaderLocation( + Core::sendHeaderLocation( './index.php' . URL::getCommonRaw(array('server' => $server)) ); } diff --git a/libraries/plugins/auth/AuthenticationCookie.php b/libraries/plugins/auth/AuthenticationCookie.php index 4d1e80e5e6..699a4271c4 100644 --- a/libraries/plugins/auth/AuthenticationCookie.php +++ b/libraries/plugins/auth/AuthenticationCookie.php @@ -15,9 +15,11 @@ use PMA\libraries\plugins\AuthenticationPlugin; use PMA\libraries\Response; use PMA\libraries\Util; use PMA\libraries\Config; +use PMA\libraries\Core; use ReCaptcha; use PMA\libraries\URL; +require_once './libraries/core.lib.php'; require_once './libraries/session.lib.php'; /** @@ -26,8 +28,8 @@ require_once './libraries/session.lib.php'; */ if (! empty($_REQUEST['target'])) { $GLOBALS['target'] = $_REQUEST['target']; -} else if (PMA_getenv('SCRIPT_NAME')) { - $GLOBALS['target'] = basename(PMA_getenv('SCRIPT_NAME')); +} else if (Core::getenv('SCRIPT_NAME')) { + $GLOBALS['target'] = basename(Core::getenv('SCRIPT_NAME')); } /** @@ -117,7 +119,7 @@ class AuthenticationCookie extends AuthenticationPlugin echo ' <div class="container"> <a href="'; - echo PMA_linkURL('https://www.phpmyadmin.net/'); + echo Core::linkURL('https://www.phpmyadmin.net/'); echo '" target="_blank" rel="noopener noreferrer" class="logo">'; $logo_image = $GLOBALS['pmaThemeImage'] . 'logo_right.png'; if (@file_exists($logo_image)) { @@ -328,7 +330,7 @@ class AuthenticationCookie extends AuthenticationPlugin // verify captcha status. $resp = $reCaptcha->verify( $_POST["g-recaptcha-response"], - PMA_getIp() + Core::getIp() ); // Check if the captcha entered is valid, if not stop the login. @@ -343,7 +345,7 @@ class AuthenticationCookie extends AuthenticationPlugin } // The user just logged in - $GLOBALS['PHP_AUTH_USER'] = PMA_sanitizeMySQLUser($_REQUEST['pma_username']); + $GLOBALS['PHP_AUTH_USER'] = Core::sanitizeMySQLUser($_REQUEST['pma_username']); $GLOBALS['PHP_AUTH_PW'] = isset($_REQUEST['pma_password']) ? $_REQUEST['pma_password'] : ''; if ($GLOBALS['cfg']['AllowArbitraryServer'] && isset($_REQUEST['pma_servername']) @@ -366,7 +368,7 @@ class AuthenticationCookie extends AuthenticationPlugin return false; } } - $GLOBALS['pma_auth_server'] = PMA_sanitizeMySQLHost($_REQUEST['pma_servername']); + $GLOBALS['pma_auth_server'] = Core::sanitizeMySQLHost($_REQUEST['pma_servername']); } PMA_secureSession(); return true; @@ -531,7 +533,7 @@ class AuthenticationCookie extends AuthenticationPlugin Response::getInstance() ->disable(); - PMA_sendHeaderLocation( + Core::sendHeaderLocation( $redirect_url . URL::getCommonRaw($url_params), true ); diff --git a/libraries/plugins/auth/AuthenticationHttp.php b/libraries/plugins/auth/AuthenticationHttp.php index 927bc56802..e34d6c315e 100644 --- a/libraries/plugins/auth/AuthenticationHttp.php +++ b/libraries/plugins/auth/AuthenticationHttp.php @@ -13,6 +13,9 @@ use PMA\libraries\plugins\AuthenticationPlugin; use PMA\libraries\Message; use PMA\libraries\Response; use PMA\libraries\Config; +use PMA\libraries\Core; + +require_once './libraries/core.lib.php'; /** * Handles the HTTP authentication methods @@ -110,35 +113,35 @@ class AuthenticationHttp extends AuthenticationPlugin // Grabs the $PHP_AUTH_USER variable if (empty($PHP_AUTH_USER)) { - if (PMA_getenv('PHP_AUTH_USER')) { - $PHP_AUTH_USER = PMA_getenv('PHP_AUTH_USER'); - } elseif (PMA_getenv('REMOTE_USER')) { + if (Core::getenv('PHP_AUTH_USER')) { + $PHP_AUTH_USER = Core::getenv('PHP_AUTH_USER'); + } elseif (Core::getenv('REMOTE_USER')) { // CGI, might be encoded, see below - $PHP_AUTH_USER = PMA_getenv('REMOTE_USER'); - } elseif (PMA_getenv('REDIRECT_REMOTE_USER')) { + $PHP_AUTH_USER = Core::getenv('REMOTE_USER'); + } elseif (Core::getenv('REDIRECT_REMOTE_USER')) { // CGI, might be encoded, see below - $PHP_AUTH_USER = PMA_getenv('REDIRECT_REMOTE_USER'); - } elseif (PMA_getenv('AUTH_USER')) { + $PHP_AUTH_USER = Core::getenv('REDIRECT_REMOTE_USER'); + } elseif (Core::getenv('AUTH_USER')) { // WebSite Professional - $PHP_AUTH_USER = PMA_getenv('AUTH_USER'); - } elseif (PMA_getenv('HTTP_AUTHORIZATION')) { + $PHP_AUTH_USER = Core::getenv('AUTH_USER'); + } elseif (Core::getenv('HTTP_AUTHORIZATION')) { // IIS, might be encoded, see below - $PHP_AUTH_USER = PMA_getenv('HTTP_AUTHORIZATION'); - } elseif (PMA_getenv('Authorization')) { + $PHP_AUTH_USER = Core::getenv('HTTP_AUTHORIZATION'); + } elseif (Core::getenv('Authorization')) { // FastCGI, might be encoded, see below - $PHP_AUTH_USER = PMA_getenv('Authorization'); + $PHP_AUTH_USER = Core::getenv('Authorization'); } } // Grabs the $PHP_AUTH_PW variable if (empty($PHP_AUTH_PW)) { - if (PMA_getenv('PHP_AUTH_PW')) { - $PHP_AUTH_PW = PMA_getenv('PHP_AUTH_PW'); - } elseif (PMA_getenv('REMOTE_PASSWORD')) { + if (Core::getenv('PHP_AUTH_PW')) { + $PHP_AUTH_PW = Core::getenv('PHP_AUTH_PW'); + } elseif (Core::getenv('REMOTE_PASSWORD')) { // Apache/CGI - $PHP_AUTH_PW = PMA_getenv('REMOTE_PASSWORD'); - } elseif (PMA_getenv('AUTH_PASSWORD')) { + $PHP_AUTH_PW = Core::getenv('REMOTE_PASSWORD'); + } elseif (Core::getenv('AUTH_PASSWORD')) { // WebSite Professional - $PHP_AUTH_PW = PMA_getenv('AUTH_PASSWORD'); + $PHP_AUTH_PW = Core::getenv('AUTH_PASSWORD'); } } // Sanitize empty password login @@ -162,7 +165,7 @@ class AuthenticationHttp extends AuthenticationPlugin } // sanitize username - $PHP_AUTH_USER = PMA_sanitizeMySQLUser($PHP_AUTH_USER); + $PHP_AUTH_USER = Core::sanitizeMySQLUser($PHP_AUTH_USER); // User logged out -> ensure the new username is not the same $old_usr = isset($_REQUEST['old_usr']) ? $_REQUEST['old_usr'] : ''; @@ -216,7 +219,7 @@ class AuthenticationHttp extends AuthenticationPlugin { $error = $GLOBALS['dbi']->getError(); if ($error && $GLOBALS['errno'] != 1045) { - PMA_fatalError($error); + Core::fatalError($error); return true; } diff --git a/libraries/plugins/auth/AuthenticationSignon.php b/libraries/plugins/auth/AuthenticationSignon.php index 644adfcb18..f1e1685ddf 100644 --- a/libraries/plugins/auth/AuthenticationSignon.php +++ b/libraries/plugins/auth/AuthenticationSignon.php @@ -8,6 +8,7 @@ */ namespace PMA\libraries\plugins\auth; +use PMA\libraries\Core; use PMA\libraries\plugins\AuthenticationPlugin; use PMA; @@ -27,9 +28,9 @@ class AuthenticationSignon extends AuthenticationPlugin { unset($_SESSION['LAST_SIGNON_URL']); if (empty($GLOBALS['cfg']['Server']['SignonURL'])) { - PMA_fatalError('You must set SignonURL!'); + Core::fatalError('You must set SignonURL!'); } else { - PMA_sendHeaderLocation($GLOBALS['cfg']['Server']['SignonURL']); + Core::sendHeaderLocation($GLOBALS['cfg']['Server']['SignonURL']); } if (!defined('TESTSUITE')) { @@ -83,7 +84,7 @@ class AuthenticationSignon extends AuthenticationPlugin /* Handle script based auth */ if (!empty($script_name)) { if (!file_exists($script_name)) { - PMA_fatalError( + Core::fatalError( __('Can not find signon authentication script:') . ' ' . $script_name ); diff --git a/libraries/plugins/schema/dia/Dia.php b/libraries/plugins/schema/dia/Dia.php index 2a6d689837..9bd93c6436 100644 --- a/libraries/plugins/schema/dia/Dia.php +++ b/libraries/plugins/schema/dia/Dia.php @@ -8,6 +8,7 @@ namespace PMA\libraries\plugins\schema\dia; use PMA; +use PMA\libraries\Core; use PMA\libraries\Response; use XMLWriter; @@ -178,7 +179,7 @@ class Dia extends XMLWriter } $output = $this->flush(); Response::getInstance()->disable(); - PMA_downloadHeader( + Core::downloadHeader( $fileName, 'application/x-dia-diagram', strlen($output) diff --git a/libraries/plugins/schema/eps/Eps.php b/libraries/plugins/schema/eps/Eps.php index 4b257d4d76..3cf4034906 100644 --- a/libraries/plugins/schema/eps/Eps.php +++ b/libraries/plugins/schema/eps/Eps.php @@ -7,6 +7,7 @@ */ namespace PMA\libraries\plugins\schema\eps; +use PMA\libraries\Core; use PMA\libraries\Response; /** @@ -267,7 +268,7 @@ class Eps $output = $this->stringCommands; Response::getInstance() ->disable(); - PMA_downloadHeader( + Core::downloadHeader( $fileName, 'image/x-eps', strlen($output) diff --git a/libraries/plugins/schema/svg/Svg.php b/libraries/plugins/schema/svg/Svg.php index d37add7402..75ffe8b00c 100644 --- a/libraries/plugins/schema/svg/Svg.php +++ b/libraries/plugins/schema/svg/Svg.php @@ -8,6 +8,7 @@ namespace PMA\libraries\plugins\schema\svg; use PMA; +use PMA\libraries\Core; use PMA\libraries\Response; use XMLWriter; @@ -190,7 +191,7 @@ class Svg extends XMLWriter //ob_get_clean(); $output = $this->flush(); Response::getInstance()->disable(); - PMA_downloadHeader( + Core::downloadHeader( $fileName, 'image/svg+xml', strlen($output) diff --git a/libraries/relation.lib.php b/libraries/relation.lib.php index 088180888b..fbdea1c003 100644 --- a/libraries/relation.lib.php +++ b/libraries/relation.lib.php @@ -5,6 +5,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\Message; use PMA\libraries\Table; use PMA\libraries\RecentFavoriteTable; @@ -1292,15 +1294,15 @@ function PMA_foreignDropdown($disp_row, $foreign_field, $foreign_display, $data, $top = array(); $bottom = array(); if ($foreign_display) { - if (PMA_isValid($GLOBALS['cfg']['ForeignKeyDropdownOrder'], 'array')) { - if (PMA_isValid($GLOBALS['cfg']['ForeignKeyDropdownOrder'][0])) { + if (Core::isValid($GLOBALS['cfg']['ForeignKeyDropdownOrder'], 'array')) { + if (Core::isValid($GLOBALS['cfg']['ForeignKeyDropdownOrder'][0])) { $top = PMA_buildForeignDropdown( $foreign, $data, $GLOBALS['cfg']['ForeignKeyDropdownOrder'][0] ); } - if (PMA_isValid($GLOBALS['cfg']['ForeignKeyDropdownOrder'][1])) { + if (Core::isValid($GLOBALS['cfg']['ForeignKeyDropdownOrder'][1])) { $bottom = PMA_buildForeignDropdown( $foreign, $data, diff --git a/libraries/replication.inc.php b/libraries/replication.inc.php index 262719b7bb..cb93944849 100644 --- a/libraries/replication.inc.php +++ b/libraries/replication.inc.php @@ -6,7 +6,8 @@ * @package PhpMyAdmin */ - use PMA\libraries\DatabaseInterface; +use PMA\libraries\Core; +use PMA\libraries\DatabaseInterface; if (! defined('PHPMYADMIN')) { exit; @@ -297,7 +298,7 @@ function PMA_Replication_connectToMaster( $server = array(); $server['user'] = $user; $server['password'] = $password; - $server["host"] = PMA_sanitizeMySQLHost($host); + $server["host"] = Core::sanitizeMySQLHost($host); $server["port"] = $port; $server["socket"] = $socket; diff --git a/libraries/replication_gui.lib.php b/libraries/replication_gui.lib.php index 18aafb7fbc..9ca7c34fdb 100644 --- a/libraries/replication_gui.lib.php +++ b/libraries/replication_gui.lib.php @@ -5,6 +5,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\Message; use PMA\libraries\Response; use PMA\libraries\URL; @@ -942,7 +944,7 @@ function PMA_handleControlRequest() : Message::error($messageError) ); } else { - PMA_sendHeaderLocation( + Core::sendHeaderLocation( './server_replication.php' . URL::getCommonRaw($GLOBALS['url_params']) ); diff --git a/libraries/rte/rte_routines.lib.php b/libraries/rte/rte_routines.lib.php index 65d339b0c6..654371eede 100644 --- a/libraries/rte/rte_routines.lib.php +++ b/libraries/rte/rte_routines.lib.php @@ -6,6 +6,7 @@ * @package PhpMyAdmin */ use PMA\libraries\Charsets; +use PMA\libraries\Core; use PMA\libraries\Message; use PMA\libraries\Response; use PMA\libraries\Util; @@ -60,7 +61,7 @@ function PMA_RTN_main($type) /** * Display a list of available routines */ - if (! PMA_isValid($type, array('FUNCTION','PROCEDURE'))) { + if (! Core::isValid($type, array('FUNCTION','PROCEDURE'))) { $type = null; } $items = $GLOBALS['dbi']->getRoutines($db, $type); diff --git a/libraries/server_privileges.lib.php b/libraries/server_privileges.lib.php index 60001c2a06..7a4afac348 100644 --- a/libraries/server_privileges.lib.php +++ b/libraries/server_privileges.lib.php @@ -5,6 +5,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\DatabaseInterface; use PMA\libraries\Message; use PMA\libraries\Response; @@ -4254,17 +4256,17 @@ function PMA_getDataForDBInfo() /** * Checks if a dropdown box has been used for selecting a database / table */ - if (PMA_isValid($_REQUEST['pred_tablename'])) { + if (Core::isValid($_REQUEST['pred_tablename'])) { $tablename = $_REQUEST['pred_tablename']; - } elseif (PMA_isValid($_REQUEST['tablename'])) { + } elseif (Core::isValid($_REQUEST['tablename'])) { $tablename = $_REQUEST['tablename']; } else { unset($tablename); } - if (PMA_isValid($_REQUEST['pred_routinename'])) { + if (Core::isValid($_REQUEST['pred_routinename'])) { $routinename = $_REQUEST['pred_routinename']; - } elseif (PMA_isValid($_REQUEST['routinename'])) { + } elseif (Core::isValid($_REQUEST['routinename'])) { $routinename = $_REQUEST['routinename']; } else { unset($routinename); @@ -4273,7 +4275,7 @@ function PMA_getDataForDBInfo() if (isset($_REQUEST['pred_dbname'])) { $is_valid_pred_dbname = true; foreach ($_REQUEST['pred_dbname'] as $key => $db_name) { - if (! PMA_isValid($db_name)) { + if (! Core::isValid($db_name)) { $is_valid_pred_dbname = false; break; } @@ -4284,13 +4286,13 @@ function PMA_getDataForDBInfo() $is_valid_dbname = true; if (is_array($_REQUEST['dbname'])) { foreach ($_REQUEST['dbname'] as $key => $db_name) { - if (! PMA_isValid($db_name)) { + if (! Core::isValid($db_name)) { $is_valid_dbname = false; break; } } } else { - if (! PMA_isValid($_REQUEST['dbname'])) { + if (! Core::isValid($_REQUEST['dbname'])) { $is_valid_dbname = false; } } @@ -4755,8 +4757,8 @@ function PMA_getHtmlForUserProperties($dbname_is_wildcard,$url_dbname, $html_output .= URL::getHiddenInputs($_params); $html_output .= PMA_getHtmlToDisplayPrivilegesTable( // If $dbname is an array, pass any one db as all have same privs. - PMA_ifSetOr($dbname, (is_array($dbname)) ? $dbname[0] : '*', 'length'), - PMA_ifSetOr($tablename, '*', 'length') + Core::ifSetOr($dbname, (is_array($dbname)) ? $dbname[0] : '*', 'length'), + Core::ifSetOr($tablename, '*', 'length') ); $html_output .= '</form>' . "\n"; diff --git a/libraries/session.inc.php b/libraries/session.inc.php index 535549d9a8..3cf0c60be1 100644 --- a/libraries/session.inc.php +++ b/libraries/session.inc.php @@ -8,6 +8,9 @@ * @package PhpMyAdmin * @see https://secure.php.net/session */ + +use PMA\libraries\Core; + if (! defined('PHPMYADMIN')) { exit; } @@ -17,7 +20,7 @@ require_once 'libraries/session.lib.php'; // verify if PHP supports session, die if it does not if (!@function_exists('session_name')) { - PMA_warnMissingExtension('session', true); + Core::warnMissingExtension('session', true); } elseif (ini_get('session.auto_start') !== '' && session_name() != 'phpMyAdmin') { // Do not delete the existing session, it might be used by other // applications; instead just close it. @@ -104,7 +107,7 @@ function PMA_sessionFailed($errors) * Session initialization is done before selecting language, so we * can not use translations here. */ - PMA_fatalError( + Core::fatalError( 'Error during session start; please check your PHP and/or ' . 'webserver log file and configure your PHP ' . 'installation properly. Also ensure that cookies are enabled ' @@ -161,7 +164,7 @@ if (empty($_SESSION[' PMA_token '])) { } session_start(); if (empty($_SESSION[' PMA_token '])) { - PMA_fatalError( + Core::fatalError( 'Failed to store CSRF token in session! ' . 'Probably sessions are not working properly.' ); diff --git a/libraries/session.lib.php b/libraries/session.lib.php index 7bb27f81af..62b0820883 100644 --- a/libraries/session.lib.php +++ b/libraries/session.lib.php @@ -5,6 +5,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\Util; /** @@ -38,7 +40,7 @@ function PMA_generateToken() * due to missing /dev/random for openssl). */ if (empty($_SESSION[' PMA_token '])) { - PMA_fatalError( + Core::fatalError( 'Failed to generate random CSRF token!' ); } diff --git a/libraries/tbl_partition_definition.inc.php b/libraries/tbl_partition_definition.inc.php index 35fd0ca755..8e2ae09e5e 100644 --- a/libraries/tbl_partition_definition.inc.php +++ b/libraries/tbl_partition_definition.inc.php @@ -6,6 +6,8 @@ * @package PhpMyAdmin */ +use PMA\libraries\Core; + if (!isset($partitionDetails)) { $partitionDetails = array(); @@ -20,7 +22,7 @@ if (!isset($partitionDetails)) { ? $_REQUEST[$partitionParam] : ''; } - if (PMA_isValid($_REQUEST['partition_count'], 'numeric')) { + if (Core::isValid($_REQUEST['partition_count'], 'numeric')) { // MySQL's limit is 8192, so do not allow more $partition_count = min(intval($_REQUEST['partition_count']), 8192); } else { @@ -28,7 +30,7 @@ if (!isset($partitionDetails)) { } $partitionDetails['partition_count'] = ($partition_count === 0) ? '' : $partition_count; - if (PMA_isValid($_REQUEST['subpartition_count'], 'numeric')) { + if (Core::isValid($_REQUEST['subpartition_count'], 'numeric')) { // MySQL's limit is 8192, so do not allow more $subpartition_count = min(intval($_REQUEST['subpartition_count']), 8192); } else { diff --git a/libraries/tracking.lib.php b/libraries/tracking.lib.php index 18fd632f6f..d6e0522a34 100644 --- a/libraries/tracking.lib.php +++ b/libraries/tracking.lib.php @@ -5,6 +5,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\Message; use PMA\libraries\Response; use PMA\libraries\Tracker; @@ -856,7 +858,7 @@ function PMA_getHtmlForSchemaSnapshot($url_query) ); // Unserialize snapshot - $temp = PMA_safeUnserialize($data['schema_snapshot']); + $temp = Core::safeUnserialize($data['schema_snapshot']); if ($temp === null) { $temp = array('COLUMNS' => array(), 'INDEXES' => array()); } @@ -1179,7 +1181,7 @@ function PMA_exportAsFileDownload($entries) } $filename = 'log_' . $table . '.sql'; Response::getInstance()->disable(); - PMA_downloadHeader( + Core::downloadHeader( $filename, 'text/x-sql', strlen($dump) diff --git a/libraries/user_preferences.lib.php b/libraries/user_preferences.lib.php index 2d7129b5b9..282f20d9e6 100644 --- a/libraries/user_preferences.lib.php +++ b/libraries/user_preferences.lib.php @@ -6,6 +6,7 @@ * @package PhpMyAdmin */ use PMA\libraries\config\ConfigFile; +use PMA\libraries\Core; use PMA\libraries\Message; use PMA\libraries\URL; @@ -171,7 +172,7 @@ function PMA_applyUserprefs(array $config_data) if (! isset($whitelist[$path]) || isset($blacklist[$path])) { continue; } - PMA_arrayWrite($path, $cfg, $value); + Core::arrayWrite($path, $cfg, $value); } return $cfg; } @@ -256,7 +257,7 @@ function PMA_userprefsRedirect($file_name, if ($hash) { $hash = '#' . urlencode($hash); } - PMA_sendHeaderLocation('./' . $file_name + Core::sendHeaderLocation('./' . $file_name . URL::getCommonRaw($url_params) . $hash ); } @@ -5,6 +5,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\Linter; use PMA\libraries\Response; @@ -32,7 +34,7 @@ $sql_query = !empty($_POST['sql_query']) ? $_POST['sql_query'] : ''; // Disabling standard response. Response::getInstance()->disable(); -PMA_headerJSON(); +Core::headerJSON(); if (! empty($_POST['options'])) { $options = $_POST['options']; diff --git a/logout.php b/logout.php index 01924339f3..ff31a307a1 100644 --- a/logout.php +++ b/logout.php @@ -5,11 +5,13 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; + require_once 'libraries/common.inc.php'; if ($_SERVER['REQUEST_METHOD'] != 'POST' || $token_mismatch) { - PMA_sendHeaderLocation('./index.php'); + Core::sendHeaderLocation('./index.php'); } else { $auth_plugin->logOut(); } - diff --git a/normalization.php b/normalization.php index 5251dce3fc..124356d1b7 100644 --- a/normalization.php +++ b/normalization.php @@ -5,6 +5,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\URL; use PMA\libraries\Response; @@ -63,7 +65,7 @@ if (isset($_REQUEST['getNewTables3NF'])) { $tables = json_decode($_REQUEST['tables']); $newTables = PMA_getHtmlForNewTables3NF($dependencies, $tables, $db); $response->disable(); - PMA_headerJSON(); + Core::headerJSON(); echo json_encode($newTables); exit; } @@ -73,7 +75,7 @@ $scripts = $header->getScripts(); $scripts->addFile('normalization.js'); $scripts->addFile('jquery/jquery.uitablefilter.js'); $normalForm = '1nf'; -if (PMA_isValid($_REQUEST['normalizeTo'], array('1nf', '2nf', '3nf'))) { +if (Core::isValid($_REQUEST['normalizeTo'], array('1nf', '2nf', '3nf'))) { $normalForm = $_REQUEST['normalizeTo']; } if (isset($_REQUEST['createNewTables2NF'])) { diff --git a/prefs_forms.php b/prefs_forms.php index ebf5f879fb..5ee6be0da2 100644 --- a/prefs_forms.php +++ b/prefs_forms.php @@ -7,6 +7,7 @@ */ use PMA\libraries\config\ConfigFile; use PMA\libraries\config\FormDisplay; +use PMA\libraries\Core; use PMA\libraries\Response; use PMA\libraries\URL; @@ -44,7 +45,7 @@ if (isset($_POST['revert'])) { $form_display->fixErrors(); // redirect $url_params = array('form' => $form_param); - PMA_sendHeaderLocation( + Core::sendHeaderLocation( './prefs_forms.php' . URL::getCommonRaw($url_params) ); diff --git a/prefs_manage.php b/prefs_manage.php index 83a3dcd9c2..726392641e 100644 --- a/prefs_manage.php +++ b/prefs_manage.php @@ -7,6 +7,7 @@ */ use PMA\libraries\config\ConfigFile; use PMA\libraries\config\FormDisplay; +use PMA\libraries\Core; use PMA\libraries\File; use PMA\libraries\Message; use PMA\libraries\Response; @@ -35,8 +36,8 @@ if (isset($_POST['submit_export']) ) { // export to JSON file $response->disable(); - $filename = 'phpMyAdmin-config-' . urlencode(PMA_getenv('HTTP_HOST')) . '.json'; - PMA_downloadHeader($filename, 'application/json'); + $filename = 'phpMyAdmin-config-' . urlencode(Core::getenv('HTTP_HOST')) . '.json'; + Core::downloadHeader($filename, 'application/json'); $settings = PMA_loadUserprefs(); echo json_encode($settings['config_data'], JSON_PRETTY_PRINT); exit; @@ -46,8 +47,8 @@ if (isset($_POST['submit_export']) ) { // export to JSON file $response->disable(); - $filename = 'phpMyAdmin-config-' . urlencode(PMA_getenv('HTTP_HOST')) . '.php'; - PMA_downloadHeader($filename, 'application/php'); + $filename = 'phpMyAdmin-config-' . urlencode(Core::getenv('HTTP_HOST')) . '.php'; + Core::downloadHeader($filename, 'application/php'); $settings = PMA_loadUserprefs(); echo '/* ' . _('phpMyAdmin configuration snippet') . " */\n\n"; echo '/* ' . _('Paste it to your config.inc.php') . " */\n\n"; diff --git a/schema_export.php b/schema_export.php index 9aebd9a24c..210facbea0 100644 --- a/schema_export.php +++ b/schema_export.php @@ -5,6 +5,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\plugins\SchemaPlugin; /** @@ -49,7 +51,7 @@ function PMA_processExportSchema($export_type) } // sanitize this parameter which will be used below in a file inclusion - $export_type = PMA_securePath($export_type); + $export_type = Core::securePath($export_type); // get the specific plugin /* @var $export_plugin SchemaPlugin */ @@ -61,7 +63,7 @@ function PMA_processExportSchema($export_type) // Check schema export type if (! isset($export_plugin)) { - PMA_fatalError(__('Bad type!')); + Core::fatalError(__('Bad type!')); } $GLOBALS['dbi']->selectDb($GLOBALS['db']); diff --git a/scripts/advisor2po b/scripts/advisor2po index fd7755c23f..fe0b34b0d2 100644 --- a/scripts/advisor2po +++ b/scripts/advisor2po @@ -52,7 +52,6 @@ function print_message($idx) { define('PHPMYADMIN', 1); require_once 'libraries/vendor_config.php'; require_once AUTOLOAD_FILE; -require_once 'libraries/core.lib.php'; $rules = PMA\libraries\Advisor::parseRulesFile(); diff --git a/server_privileges.php b/server_privileges.php index 06989de1c3..c15bfda307 100644 --- a/server_privileges.php +++ b/server_privileges.php @@ -5,6 +5,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\Response; /** @@ -48,7 +50,7 @@ $post_patterns = array( '/^max_/i' ); -PMA_setPostAsGlobal($post_patterns); +Core::setPostAsGlobal($post_patterns); require 'libraries/server_common.inc.php'; diff --git a/setup/config.php b/setup/config.php index 42eecc6920..b5a2d5c6d4 100644 --- a/setup/config.php +++ b/setup/config.php @@ -7,6 +7,7 @@ */ use PMA\libraries\config\FormDisplay; use PMA\setup\lib\ConfigGenerator; +use PMA\libraries\Core; use PMA\libraries\URL; use PMA\libraries\Response; @@ -27,7 +28,7 @@ if (isset($_POST['eol'])) { $_SESSION['eol'] = ($_POST['eol'] == 'unix') ? 'unix' : 'win'; } -if (PMA_ifSetOr($_POST['submit_clear'], '')) { +if (Core::ifSetOr($_POST['submit_clear'], '')) { // // Clear current config and return to main page // @@ -35,11 +36,11 @@ if (PMA_ifSetOr($_POST['submit_clear'], '')) { // drop post data $response->generateHeader303('index.php' . URL::getCommonRaw()); exit; -} elseif (PMA_ifSetOr($_POST['submit_download'], '')) { +} elseif (Core::ifSetOr($_POST['submit_download'], '')) { // // Output generated config file // - PMA_downloadHeader('config.inc.php', 'text/plain'); + Core::downloadHeader('config.inc.php', 'text/plain'); echo ConfigGenerator::getConfigFile($GLOBALS['ConfigFile']); exit; } else { diff --git a/setup/frames/config.inc.php b/setup/frames/config.inc.php index 783961f5b7..e7c3c3bb76 100644 --- a/setup/frames/config.inc.php +++ b/setup/frames/config.inc.php @@ -7,6 +7,7 @@ */ use PMA\setup\lib\ConfigGenerator; +use PMA\libraries\Core; if (!defined('PHPMYADMIN')) { exit; @@ -22,7 +23,7 @@ echo '<h2>' , __('Configuration file') , '</h2>'; echo PMA_displayFormTop('config.php'); echo '<input type="hidden" name="eol" value="' - , htmlspecialchars(PMA_ifSetOr($_GET['eol'], 'unix')) , '" />'; + , htmlspecialchars(Core::ifSetOr($_GET['eol'], 'unix')) , '" />'; echo PMA_displayFieldsetTop('config.inc.php', '', null, array('class' => 'simple')); echo '<tr>'; echo '<td>'; diff --git a/setup/frames/form.inc.php b/setup/frames/form.inc.php index 3ab5c0fd8a..9d64f660dd 100644 --- a/setup/frames/form.inc.php +++ b/setup/frames/form.inc.php @@ -7,6 +7,7 @@ */ use PMA\libraries\config\FormDisplay; +use PMA\libraries\Core; if (!defined('PHPMYADMIN')) { exit; @@ -19,10 +20,10 @@ require_once './setup/lib/form_processing.lib.php'; require './libraries/config/setup.forms.php'; -$formset_id = PMA_isValid($_GET['formset'], 'scalar') ? $_GET['formset'] : null; +$formset_id = Core::isValid($_GET['formset'], 'scalar') ? $_GET['formset'] : null; $mode = isset($_GET['mode']) ? $_GET['mode'] : null; if (! isset($forms[$formset_id]) || substr($formset_id, 0, 1) === '_') { - PMA_fatalError(__('Incorrect formset, check $formsets array in setup/frames/form.inc.php!')); + Core::fatalError(__('Incorrect formset, check $formsets array in setup/frames/form.inc.php!')); } if (isset($GLOBALS['strConfigFormset_' . $formset_id])) { diff --git a/setup/frames/index.inc.php b/setup/frames/index.inc.php index c9d0969455..1405a4a17c 100644 --- a/setup/frames/index.inc.php +++ b/setup/frames/index.inc.php @@ -9,6 +9,7 @@ use PMA\libraries\config\ConfigFile; use PMA\libraries\config\FormDisplay; use PMA\libraries\config\ServerConfigChecks; +use PMA\libraries\Core; use PMA\libraries\LanguageManager; use PMA\libraries\URL; use PMA\libraries\Sanitize; @@ -243,7 +244,7 @@ $opts = array( 'unix' => 'UNIX / Linux (\n)', 'win' => 'Windows (\r\n)'), 'values_escaped' => true); -$eol = PMA_ifSetOr($_SESSION['eol'], (PMA_IS_WINDOWS ? 'win' : 'unix')); +$eol = Core::ifSetOr($_SESSION['eol'], (PMA_IS_WINDOWS ? 'win' : 'unix')); echo PMA_displayInput( 'eol', __('End of line'), 'select', $eol, '', true, $opts diff --git a/setup/frames/servers.inc.php b/setup/frames/servers.inc.php index 623648a591..1784525202 100644 --- a/setup/frames/servers.inc.php +++ b/setup/frames/servers.inc.php @@ -8,6 +8,7 @@ use PMA\libraries\config\ConfigFile; use PMA\libraries\config\FormDisplay; +use PMA\libraries\Core; use PMA\libraries\URL; if (!defined('PHPMYADMIN')) { @@ -22,7 +23,7 @@ require_once './setup/lib/form_processing.lib.php'; require './libraries/config/setup.forms.php'; $mode = isset($_GET['mode']) ? $_GET['mode'] : null; -$id = PMA_isValid($_GET['id'], 'numeric') ? intval($_GET['id']) : null; +$id = Core::isValid($_GET['id'], 'numeric') ? intval($_GET['id']) : null; /** @var ConfigFile $cf */ $cf = $GLOBALS['ConfigFile']; diff --git a/setup/index.php b/setup/index.php index 594716dcfe..a0c75aa692 100644 --- a/setup/index.php +++ b/setup/index.php @@ -7,30 +7,32 @@ * @license https://www.gnu.org/licenses/gpl.html GNU GPL 2.0 */ +use PMA\libraries\Core; + /** * Core libraries. */ require './lib/common.inc.php'; if (file_exists(CONFIG_FILE) && ! $cfg['DBG']['demo']) { - PMA_fatalError(__('Configuration already exists, setup is disabled!')); + Core::fatalError(__('Configuration already exists, setup is disabled!')); } -$page = PMA_isValid($_GET['page'], 'scalar') ? $_GET['page'] : null; +$page = Core::isValid($_GET['page'], 'scalar') ? $_GET['page'] : null; $page = preg_replace('/[^a-z]/', '', $page); if ($page === '') { $page = 'index'; } if (!file_exists("./setup/frames/$page.inc.php")) { // it will happen only when entering URL by hand, we don't care for these cases - PMA_fatalError(__('Wrong GET file attribute value')); + Core::fatalError(__('Wrong GET file attribute value')); } // Handle done action info -$action_done = PMA_isValid($_GET['action_done'], 'scalar') ? $_GET['action_done'] : null; +$action_done = Core::isValid($_GET['action_done'], 'scalar') ? $_GET['action_done'] : null; $action_done = preg_replace('/[^a-z_]/', '', $action_done); -PMA_noCacheHeader(); +Core::noCacheHeader(); ?> <!DOCTYPE HTML> diff --git a/setup/lib/form_processing.lib.php b/setup/lib/form_processing.lib.php index 366398bcf4..b6f393e256 100644 --- a/setup/lib/form_processing.lib.php +++ b/setup/lib/form_processing.lib.php @@ -6,6 +6,7 @@ * @package PhpMyAdmin-Setup */ use PMA\libraries\config\FormDisplay; +use PMA\libraries\Core; use PMA\libraries\URL; use PMA\libraries\Response; @@ -41,7 +42,7 @@ function PMA_Process_formset(FormDisplay $form_display) // form has errors, show warning $page = isset($_GET['page']) ? $_GET['page'] : ''; $formset = isset($_GET['formset']) ? $_GET['formset'] : ''; - $formId = PMA_isValid($_GET['id'], 'numeric') ? $_GET['id'] : ''; + $formId = Core::isValid($_GET['id'], 'numeric') ? $_GET['id'] : ''; if ($formId === null && $page == 'servers') { // we've just added a new server, get its id $formId = $form_display->getConfigFile()->getServerCount(); diff --git a/setup/validate.php b/setup/validate.php index c53c0e73b1..70df31a4cf 100644 --- a/setup/validate.php +++ b/setup/validate.php @@ -6,6 +6,8 @@ * @package PhpMyAdmin-Setup */ +use PMA\libraries\Core; + /** * Core libraries. */ @@ -14,14 +16,14 @@ require './lib/common.inc.php'; $validators = array(); require './libraries/config/Validator.php'; -PMA_headerJSON(); +Core::headerJSON(); -$ids = PMA_isValid($_POST['id'], 'scalar') ? $_POST['id'] : null; +$ids = Core::isValid($_POST['id'], 'scalar') ? $_POST['id'] : null; $vids = explode(',', $ids); -$vals = PMA_isValid($_POST['values'], 'scalar') ? $_POST['values'] : null; +$vals = Core::isValid($_POST['values'], 'scalar') ? $_POST['values'] : null; $values = json_decode($vals); if (!($values instanceof stdClass)) { - PMA_fatalError(__('Wrong data')); + Core::fatalError(__('Wrong data')); } $values = (array)$values; $result = PMA\libraries\config\Validator::validate($GLOBALS['ConfigFile'], $vids, $values, true); diff --git a/tbl_create.php b/tbl_create.php index c275275521..1beffcb3c7 100644 --- a/tbl_create.php +++ b/tbl_create.php @@ -6,6 +6,7 @@ * @package PhpMyAdmin */ +use PMA\libraries\Core; use PMA\libraries\Response; use PMA\libraries\Transformations; use PMA\libraries\URL; @@ -62,7 +63,7 @@ if (isset($_REQUEST['do_save_data'])) { // If there is a request for SQL previewing. if (isset($_REQUEST['preview_sql'])) { - PMA_previewSQL($sql_query); + Core::previewSQL($sql_query); } // Executes the query $result = $GLOBALS['dbi']->tryQuery($sql_query); diff --git a/tbl_get_field.php b/tbl_get_field.php index 95f8b67b43..384eae91ef 100644 --- a/tbl_get_field.php +++ b/tbl_get_field.php @@ -6,6 +6,8 @@ * @package PhpMyAdmin */ +use PMA\libraries\Core; + /** * Common functions. */ @@ -49,7 +51,7 @@ if ($result === false) { /* Avoid corrupting data */ @ini_set('url_rewriter.tags', ''); -PMA_downloadHeader( +Core::downloadHeader( $table . '-' . $_GET['transform_key'] . '.bin', PMA_detectMIME($result), strlen($result) diff --git a/tbl_replace.php b/tbl_replace.php index 25903ebfaa..e608c83fa5 100644 --- a/tbl_replace.php +++ b/tbl_replace.php @@ -11,6 +11,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\plugins\IOTransformationsPlugin; use PMA\libraries\Response; use PMA\libraries\Table; @@ -317,14 +319,14 @@ if ($is_insert && count($value_sets) > 0) { $goto_include = 'tbl_change.php'; } $active_page = $goto_include; - include '' . PMA_securePath($goto_include); + include '' . Core::securePath($goto_include); exit; } unset($multi_edit_columns, $is_insertignore); // If there is a request for SQL previewing. if (isset($_REQUEST['preview_sql'])) { - PMA_previewSQL($query); + Core::previewSQL($query); } /** @@ -421,7 +423,7 @@ if ($response->isAjax() && ! isset($_POST['ajax_page_request'])) { foreach ($mime_map as $transformation) { $column_name = $transformation['column_name']; foreach ($transformation_types as $type) { - $file = PMA_securePath($transformation[$type]); + $file = Core::securePath($transformation[$type]); $extra_data = PMA_transformEditedValues( $db, $table, $transformation, $edited_values, $file, $column_name, $extra_data, $type @@ -474,5 +476,5 @@ if (isset($_REQUEST['after_insert']) && 'new_insert' == $_REQUEST['after_insert' /** * Load target page. */ -require '' . PMA_securePath($goto_include); +require '' . Core::securePath($goto_include); exit; diff --git a/templates/database/structure/show_create_row.phtml b/templates/database/structure/show_create_row.phtml index 62db1ac5c1..e73c7ad350 100644 --- a/templates/database/structure/show_create_row.phtml +++ b/templates/database/structure/show_create_row.phtml @@ -1,3 +1,4 @@ +<?php use PMA\libraries\Core; ?> <fieldset> <legend><?= $title; ?></legend> <table class="show_create"> @@ -10,8 +11,8 @@ <tbody> <?php foreach ($db_objects as $object): ?> <tr> - <td><strong><?= PMA_mimeDefaultFunction($object); ?></strong></td> - <td><?= PMA_mimeDefaultFunction($GLOBALS['dbi']->getTable($db, $object)->showCreate()); ?></td> + <td><strong><?= Core::mimeDefaultFunction($object); ?></strong></td> + <td><?= Core::mimeDefaultFunction($GLOBALS['dbi']->getTable($db, $object)->showCreate()); ?></td> </tr> <?php endforeach; ?> </tbody> diff --git a/templates/database/structure/sortable_header.phtml b/templates/database/structure/sortable_header.phtml index b9bfb3e9d8..f96c3e4560 100644 --- a/templates/database/structure/sortable_header.phtml +++ b/templates/database/structure/sortable_header.phtml @@ -1,4 +1,6 @@ <?php +use PMA\libraries\Core; + $requested_sort = 'table'; $requested_sort_order = $future_sort_order = $initial_sort_order; // If the user requested a sort @@ -56,7 +58,7 @@ $_url_params = array( 'sort_order' => $future_sort_order, ); -if (PMA_isValid($_REQUEST['tbl_type'], array('view', 'table'))) { +if (Core::isValid($_REQUEST['tbl_type'], array('view', 'table'))) { $_url_params['tbl_type'] = $_REQUEST['tbl_type']; } if (! empty($_REQUEST['tbl_group'])) { diff --git a/test/bootstrap-dist.php b/test/bootstrap-dist.php index 12acd5f5bf..38fdebe17a 100644 --- a/test/bootstrap-dist.php +++ b/test/bootstrap-dist.php @@ -60,7 +60,6 @@ if (PHP_SAPI == 'cli') { require_once 'libraries/vendor_config.php'; require_once AUTOLOAD_FILE; -require_once 'libraries/core.lib.php'; PhpMyAdmin\MoTranslator\Loader::loadFunctions(); $CFG = new PMA\libraries\Config(); // Initialize PMA_VERSION variable diff --git a/test/classes/CoreTest.php b/test/classes/CoreTest.php new file mode 100644 index 0000000000..eea6c2f9e5 --- /dev/null +++ b/test/classes/CoreTest.php @@ -0,0 +1,1106 @@ +<?php +/* vim: set expandtab sw=4 ts=4 sts=4: */ +/** + * Tests for PMA\libraries\Core class + * + * @package PhpMyAdmin-test + */ + +/* + * Include to test. + */ +require_once 'test/PMATestCase.php'; + +use PMA\libraries\Config; +use PMA\libraries\Core; +use PMA\libraries\Sanitize; + +/** + * Tests for PMA\libraries\Core class + * + * @package PhpMyAdmin-test + */ +class CoreTest extends PMATestCase +{ + protected $goto_whitelist = array( + 'db_datadict.php', + 'db_sql.php', + 'db_export.php', + 'db_search.php', + 'export.php', + 'import.php', + 'index.php', + 'pdf_pages.php', + 'pdf_schema.php', + 'server_binlog.php', + 'server_variables.php', + 'sql.php', + 'tbl_select.php', + 'transformation_overview.php', + 'transformation_wrapper.php', + 'user_password.php', + ); + + /** + * Test for Core::arrayRead + * + * @return void + */ + function testArrayRead() + { + $arr = array( + "int" => 1, + "str" => "str_val", + "arr" => array('val1', 'val2', 'val3'), + "sarr" => array( + 'arr1' => array(1, 2, 3), + array(3, array('a', 'b', 'c'), 4) + ) + ); + + $this->assertEquals( + Core::arrayRead('int', $arr), + $arr['int'] + ); + + $this->assertEquals( + Core::arrayRead('str', $arr), + $arr['str'] + ); + + $this->assertEquals( + Core::arrayRead('arr/0', $arr), + $arr['arr'][0] + ); + + $this->assertEquals( + Core::arrayRead('arr/1', $arr), + $arr['arr'][1] + ); + + $this->assertEquals( + Core::arrayRead('arr/2', $arr), + $arr['arr'][2] + ); + + $this->assertEquals( + Core::arrayRead('sarr/arr1/0', $arr), + $arr['sarr']['arr1'][0] + ); + + $this->assertEquals( + Core::arrayRead('sarr/arr1/1', $arr), + $arr['sarr']['arr1'][1] + ); + + $this->assertEquals( + Core::arrayRead('sarr/arr1/2', $arr), + $arr['sarr']['arr1'][2] + ); + + $this->assertEquals( + Core::arrayRead('sarr/0/0', $arr), + $arr['sarr'][0][0] + ); + + $this->assertEquals( + Core::arrayRead('sarr/0/1', $arr), + $arr['sarr'][0][1] + ); + + $this->assertEquals( + Core::arrayRead('sarr/0/1/2', $arr), + $arr['sarr'][0][1][2] + ); + + $this->assertEquals( + Core::arrayRead('sarr/not_exiting/1', $arr), + null + ); + + $this->assertEquals( + Core::arrayRead('sarr/not_exiting/1', $arr, 0), + 0 + ); + + $this->assertEquals( + Core::arrayRead('sarr/not_exiting/1', $arr, 'default_val'), + 'default_val' + ); + } + + /** + * Test for Core::arrayWrite + * + * @return void + */ + function testArrayWrite() + { + $arr = array( + "int" => 1, + "str" => "str_val", + "arr" => array('val1', 'val2', 'val3'), + "sarr" => array( + 'arr1' => array(1, 2, 3), + array(3, array('a', 'b', 'c'), 4) + ) + ); + + Core::arrayWrite('int', $arr, 5); + $this->assertEquals($arr['int'], 5); + + Core::arrayWrite('str', $arr, '_str'); + $this->assertEquals($arr['str'], '_str'); + + Core::arrayWrite('arr/0', $arr, 'val_arr_0'); + $this->assertEquals($arr['arr'][0], 'val_arr_0'); + + Core::arrayWrite('arr/1', $arr, 'val_arr_1'); + $this->assertEquals($arr['arr'][1], 'val_arr_1'); + + Core::arrayWrite('arr/2', $arr, 'val_arr_2'); + $this->assertEquals($arr['arr'][2], 'val_arr_2'); + + Core::arrayWrite('sarr/arr1/0', $arr, 'val_sarr_arr_0'); + $this->assertEquals($arr['sarr']['arr1'][0], 'val_sarr_arr_0'); + + Core::arrayWrite('sarr/arr1/1', $arr, 'val_sarr_arr_1'); + $this->assertEquals($arr['sarr']['arr1'][1], 'val_sarr_arr_1'); + + Core::arrayWrite('sarr/arr1/2', $arr, 'val_sarr_arr_2'); + $this->assertEquals($arr['sarr']['arr1'][2], 'val_sarr_arr_2'); + + Core::arrayWrite('sarr/0/0', $arr, 5); + $this->assertEquals($arr['sarr'][0][0], 5); + + Core::arrayWrite('sarr/0/1/0', $arr, 'e'); + $this->assertEquals($arr['sarr'][0][1][0], 'e'); + + Core::arrayWrite('sarr/not_existing/1', $arr, 'some_val'); + $this->assertEquals($arr['sarr']['not_existing'][1], 'some_val'); + + Core::arrayWrite('sarr/0/2', $arr, null); + $this->assertNull($arr['sarr'][0][2]); + } + + /** + * Test for Core::arrayRemove + * + * @return void + */ + function testArrayRemove() + { + $arr = array( + "int" => 1, + "str" => "str_val", + "arr" => array('val1', 'val2', 'val3'), + "sarr" => array( + 'arr1' => array(1, 2, 3), + array(3, array('a', 'b', 'c'), 4) + ) + ); + + Core::arrayRemove('int', $arr); + $this->assertArrayNotHasKey('int', $arr); + + Core::arrayRemove('str', $arr); + $this->assertArrayNotHasKey('str', $arr); + + Core::arrayRemove('arr/0', $arr); + $this->assertArrayNotHasKey(0, $arr['arr']); + + Core::arrayRemove('arr/1', $arr); + $this->assertArrayNotHasKey(1, $arr['arr']); + + Core::arrayRemove('arr/2', $arr); + $this->assertArrayNotHasKey('arr', $arr); + + $tmp_arr = $arr; + Core::arrayRemove('sarr/not_existing/1', $arr); + $this->assertEquals($tmp_arr, $arr); + + Core::arrayRemove('sarr/arr1/0', $arr); + $this->assertArrayNotHasKey(0, $arr['sarr']['arr1']); + + Core::arrayRemove('sarr/arr1/1', $arr); + $this->assertArrayNotHasKey(1, $arr['sarr']['arr1']); + + Core::arrayRemove('sarr/arr1/2', $arr); + $this->assertArrayNotHasKey('arr1', $arr['sarr']); + + Core::arrayRemove('sarr/0/0', $arr); + $this->assertArrayNotHasKey(0, $arr['sarr'][0]); + + Core::arrayRemove('sarr/0/1/0', $arr); + $this->assertArrayNotHasKey(0, $arr['sarr'][0][1]); + + Core::arrayRemove('sarr/0/1/1', $arr); + $this->assertArrayNotHasKey(1, $arr['sarr'][0][1]); + + Core::arrayRemove('sarr/0/1/2', $arr); + $this->assertArrayNotHasKey(1, $arr['sarr'][0]); + + Core::arrayRemove('sarr/0/2', $arr); + + $this->assertEmpty($arr); + } + + /** + * Test for Core::checkPageValidity + * + * @param string $page Page + * @param array|null $whiteList White list + * @param int $expected Expected value + * + * @return void + * + * @dataProvider providerTestGotoNowhere + */ + function testGotoNowhere($page, $whiteList, $expected) + { + $this->assertTrue($expected === Core::checkPageValidity($page, $whiteList)); + } + + /** + * Data provider for testGotoNowhere + * + * @return array + */ + public function providerTestGotoNowhere() + { + return array( + array(null, null, false), + array('export.php', $this->goto_whitelist, true), + array('shell.php', $this->goto_whitelist, false), + array('index.php?sql.php&test=true', $this->goto_whitelist, true), + array('index.php%3Fsql.php%26test%3Dtrue', $this->goto_whitelist, true), + ); + } + + /** + * Test for Core::cleanupPathInfo + * + * @param string $php_self The PHP_SELF value + * @param string $request The REQUEST_URI value + * @param string $path_info The PATH_INFO value + * @param string $expected Expected result + * + * @return void + * + * @dataProvider providerTestPathInfo + */ + public function testPathInfo($php_self, $request, $path_info, $expected) + { + $_SERVER['PHP_SELF'] = $php_self; + $_SERVER['REQUEST_URI'] = $request; + $_SERVER['PATH_INFO'] = $path_info; + Core::cleanupPathInfo(); + $this->assertEquals( + $expected, + $GLOBALS['PMA_PHP_SELF'] + ); + } + + /** + * Data provider for Core::cleanupPathInfo tests + * + * @return array + */ + public function providerTestPathInfo() + { + return array( + array( + '/phpmyadmin/index.php/; cookieinj=value/', + '/phpmyadmin/index.php/;%20cookieinj=value///', + '/; cookieinj=value/', + '/phpmyadmin/index.php' + ), + array( + '', + '/phpmyadmin/index.php/;%20cookieinj=value///', + '/; cookieinj=value/', + '/phpmyadmin/index.php' + ), + array( + '', + '//example.com/../phpmyadmin/index.php', + '', + '/phpmyadmin/index.php' + ), + array( + '', + '//example.com/../../.././phpmyadmin/index.php', + '', + '/phpmyadmin/index.php' + ), + array( + '', + '/page.php/malicouspathinfo?malicouspathinfo', + 'malicouspathinfo', + '/page.php' + ), + array( + '/phpmyadmin/./index.php', + '/phpmyadmin/./index.php', + '', + '/phpmyadmin/index.php' + ), + array( + '/phpmyadmin/index.php', + '/phpmyadmin/index.php', + '', + '/phpmyadmin/index.php' + ), + array( + '', + '/phpmyadmin/index.php', + '', + '/phpmyadmin/index.php' + ), + ); + } + + /** + * Test for Core::fatalError + * + * @return void + */ + public function testFatalErrorMessage() + { + $this->expectOutputRegex("/FatalError!/"); + Core::fatalError("FatalError!"); + } + + /** + * Test for Core::fatalError + * + * @return void + */ + public function testFatalErrorMessageWithArgs() + { + $message = "Fatal error #%d in file %s."; + $params = array(1, 'error_file.php'); + + $this->expectOutputRegex("/Fatal error #1 in file error_file.php./"); + Core::fatalError($message, $params); + + $message = "Fatal error in file %s."; + $params = 'error_file.php'; + + $this->expectOutputRegex("/Fatal error in file error_file.php./"); + Core::fatalError($message, $params); + } + + /** + * Test for Core::getRealSize + * + * @param string $size Size + * @param int $expected Expected value + * + * @return void + * + * @dataProvider providerTestGetRealSize + */ + public function testGetRealSize($size, $expected) + { + $this->assertEquals($expected, Core::getRealSize($size)); + } + + /** + * Data provider for testGetRealSize + * + * @return array + */ + public function providerTestGetRealSize() + { + return array( + array('0', 0), + array('1kb', 1024), + array('1024k', 1024 * 1024), + array('8m', 8 * 1024 * 1024), + array('12gb', 12 * 1024 * 1024 * 1024), + array('1024', 1024), + ); + } + + /** + * Test for Core::getPHPDocLink + * + * @return void + */ + public function testGetPHPDocLink() + { + $lang = _pgettext('PHP documentation language', 'en'); + $this->assertEquals( + Core::getPHPDocLink('function'), + './url.php?url=https%3A%2F%2Fsecure.php.net%2Fmanual%2F' + . $lang . '%2Ffunction' + ); + } + + /** + * Test for Core::linkURL + * + * @param string $link URL where to go + * @param string $url Expected value + * + * @return void + * + * @dataProvider providerTestLinkURL + */ + public function testLinkURL($link, $url) + { + $this->assertEquals(Core::linkURL($link), $url); + } + + /** + * Data provider for testLinkURL + * + * @return array + */ + public function providerTestLinkURL() + { + return array( + array('https://wiki.phpmyadmin.net', + './url.php?url=https%3A%2F%2Fwiki.phpmyadmin.net'), + array('https://wiki.phpmyadmin.net', + './url.php?url=https%3A%2F%2Fwiki.phpmyadmin.net'), + array('wiki.phpmyadmin.net', 'wiki.phpmyadmin.net'), + array('index.php?db=phpmyadmin', 'index.php?db=phpmyadmin') + ); + } + + /** + * Test for Core::sendHeaderLocation + * + * @return void + */ + public function testSendHeaderLocationWithoutSidWithIis() + { + $GLOBALS['server'] = 0; + $GLOBALS['PMA_Config'] = new Config(); + $GLOBALS['PMA_Config']->enableBc(); + $GLOBALS['PMA_Config']->set('PMA_IS_IIS', true); + + $testUri = 'https://example.com/test.php'; + + $this->mockResponse('Location: ' . $testUri); + Core::sendHeaderLocation($testUri); // sets $GLOBALS['header'] + + $this->tearDown(); + + $this->mockResponse('Refresh: 0; ' . $testUri); + Core::sendHeaderLocation($testUri, true); // sets $GLOBALS['header'] + } + + /** + * Test for Core::sendHeaderLocation + * + * @return void + */ + public function testSendHeaderLocationWithoutSidWithoutIis() + { + $GLOBALS['server'] = 0; + $GLOBALS['PMA_Config'] = new Config(); + $GLOBALS['PMA_Config']->enableBc(); + $GLOBALS['PMA_Config']->set('PMA_IS_IIS', null); + + $testUri = 'https://example.com/test.php'; + + $this->mockResponse('Location: ' . $testUri); + Core::sendHeaderLocation($testUri); // sets $GLOBALS['header'] + } + + /** + * Test for Core::sendHeaderLocation + * + * @return void + */ + public function testSendHeaderLocationIisLongUri() + { + $GLOBALS['server'] = 0; + $GLOBALS['PMA_Config'] = new Config(); + $GLOBALS['PMA_Config']->enableBc(); + $GLOBALS['PMA_Config']->set('PMA_IS_IIS', true); + + // over 600 chars + $testUri = 'https://example.com/test.php?testlonguri=over600chars&test=test' + . '&test=test&test=test&test=test&test=test&test=test&test=test' + . '&test=test&test=test&test=test&test=test&test=test&test=test' + . '&test=test&test=test&test=test&test=test&test=test&test=test' + . '&test=test&test=test&test=test&test=test&test=test&test=test' + . '&test=test&test=test&test=test&test=test&test=test&test=test' + . '&test=test&test=test&test=test&test=test&test=test&test=test' + . '&test=test&test=test&test=test&test=test&test=test&test=test' + . '&test=test&test=test&test=test&test=test&test=test&test=test' + . '&test=test&test=test&test=test&test=test&test=test&test=test' + . '&test=test&test=test'; + $testUri_html = htmlspecialchars($testUri); + $testUri_js = Sanitize::escapeJsString($testUri); + + $header = "<html>\n<head>\n <title>- - -</title> + <meta http-equiv=\"expires\" content=\"0\" />" + . "\n <meta http-equiv=\"Pragma\" content=\"no-cache\" />" + . "\n <meta http-equiv=\"Cache-Control\" content=\"no-cache\" />" + . "\n <meta http-equiv=\"Refresh\" content=\"0;url=" . $testUri_html . "\" />" + . "\n <script type=\"text/javascript\">\n //<![CDATA[ + setTimeout(function() { window.location = decodeURI('" . $testUri_js . "'); }, 2000); + //]]>\n </script>\n</head> +<body>\n<script type=\"text/javascript\">\n //<![CDATA[ + document.write('<p><a href=\"" . $testUri_html . "\">" . __('Go') . "</a></p>'); + //]]>\n</script>\n</body>\n</html> +"; + + $this->expectOutputString($header); + + $this->mockResponse(); + + Core::sendHeaderLocation($testUri); + } + + /** + * Test for Core::ifSetOr + * + * @return void + */ + public function testVarSet() + { + $default = 'foo'; + $in = 'bar'; + $out = Core::ifSetOr($in, $default); + $this->assertEquals($in, $out); + } + + /** + * Test for Core::ifSetOr + * + * @return void + */ + public function testVarSetWrongType() + { + $default = 'foo'; + $in = 'bar'; + $out = Core::ifSetOr($in, $default, 'boolean'); + $this->assertEquals($out, $default); + } + + /** + * Test for Core::ifSetOr + * + * @return void + */ + public function testVarNotSet() + { + $default = 'foo'; + // $in is not set! + $out = Core::ifSetOr($in, $default); + $this->assertEquals($out, $default); + } + + /** + * Test for Core::ifSetOr + * + * @return void + */ + public function testVarNotSetNoDefault() + { + // $in is not set! + $out = Core::ifSetOr($in); + $this->assertEquals($out, null); + } + + /** + * Test for unserializing + * + * @param string $url URL to test + * @param mixed $expected Expected result + * + * @return void + * + * @dataProvider provideTestIsAllowedDomain + */ + function testIsAllowedDomain($url, $expected) + { + $_SERVER['SERVER_NAME'] = 'server.local'; + $this->assertEquals( + $expected, + Core::isAllowedDomain($url) + ); + } + + /** + * Test data provider + * + * @return array + */ + function provideTestIsAllowedDomain() + { + return array( + array('https://www.phpmyadmin.net/', true), + array('http://duckduckgo.com\\@github.com', false), + array('https://github.com/', true), + array('https://github.com:123/', false), + array('https://user:pass@github.com:123/', false), + array('https://user:pass@github.com/', false), + array('https://server.local/', true), + array('./relative/', false), + ); + } + + /** + * Test for Core::isValid + * + * @param mixed $var Variable to check + * @param mixed $type Type + * @param mixed $compare Compared value + * + * @return void + * + * @dataProvider providerTestNoVarType + */ + public function testNoVarType($var, $type, $compare) + { + $this->assertTrue(Core::isValid($var, $type, $compare)); + } + + /** + * Data provider for testNoVarType + * + * @return array + */ + public static function providerTestNoVarType() + { + return array( + array(0, false, 0), + array(0, false, 1), + array(1, false, null), + array(1.1, false, null), + array('', false, null), + array(' ', false, null), + array('0', false, null), + array('string', false, null), + array(array(), false, null), + array(array(1, 2, 3), false, null), + array(true, false, null), + array(false, false, null)); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testVarNotSetAfterTest() + { + Core::isValid($var); + $this->assertFalse(isset($var)); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testNotSet() + { + $this->assertFalse(Core::isValid($var)); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testEmptyString() + { + $var = ''; + $this->assertFalse(Core::isValid($var)); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testNotEmptyString() + { + $var = '0'; + $this->assertTrue(Core::isValid($var)); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testZero() + { + $var = 0; + $this->assertTrue(Core::isValid($var)); + $this->assertTrue(Core::isValid($var, 'int')); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testNullFail() + { + $var = null; + $this->assertFalse(Core::isValid($var)); + + $var = 'null_text'; + $this->assertFalse(Core::isValid($var, 'null')); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testNotSetArray() + { + /** @var $array undefined array */ + $this->assertFalse(Core::isValid($array['x'])); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testScalarString() + { + $var = 'string'; + $this->assertTrue(Core::isValid($var, 'len')); + $this->assertTrue(Core::isValid($var, 'scalar')); + $this->assertTrue(Core::isValid($var)); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testScalarInt() + { + $var = 1; + $this->assertTrue(Core::isValid($var, 'int')); + $this->assertTrue(Core::isValid($var, 'scalar')); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testScalarFloat() + { + $var = 1.1; + $this->assertTrue(Core::isValid($var, 'float')); + $this->assertTrue(Core::isValid($var, 'double')); + $this->assertTrue(Core::isValid($var, 'scalar')); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testScalarBool() + { + $var = true; + $this->assertTrue(Core::isValid($var, 'scalar')); + $this->assertTrue(Core::isValid($var, 'bool')); + $this->assertTrue(Core::isValid($var, 'boolean')); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testNotScalarArray() + { + $var = array('test'); + $this->assertFalse(Core::isValid($var, 'scalar')); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testNotScalarNull() + { + $var = null; + $this->assertFalse(Core::isValid($var, 'scalar')); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testNumericInt() + { + $var = 1; + $this->assertTrue(Core::isValid($var, 'numeric')); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testNumericFloat() + { + $var = 1.1; + $this->assertTrue(Core::isValid($var, 'numeric')); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testNumericZero() + { + $var = 0; + $this->assertTrue(Core::isValid($var, 'numeric')); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testNumericString() + { + $var = '+0.1'; + $this->assertTrue(Core::isValid($var, 'numeric')); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testValueInArray() + { + $var = 'a'; + $this->assertTrue(Core::isValid($var, array('a', 'b',))); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testValueNotInArray() + { + $var = 'c'; + $this->assertFalse(Core::isValid($var, array('a', 'b',))); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testNumericIdentical() + { + $var = 1; + $compare = 1; + $this->assertTrue(Core::isValid($var, 'identic', $compare)); + + $var = 1; + $compare += 2; + $this->assertFalse(Core::isValid($var, 'identic', $compare)); + + $var = 1; + $compare = '1'; + $this->assertFalse(Core::isValid($var, 'identic', $compare)); + } + + + /** + * Test for Core::isValid + * + * @param mixed $var Variable + * @param mixed $compare Compare + * + * @return void + * + * @dataProvider provideTestSimilarType + */ + public function testSimilarType($var, $compare) + { + $this->assertTrue(Core::isValid($var, 'similar', $compare)); + $this->assertTrue(Core::isValid($var, 'equal', $compare)); + $this->assertTrue(Core::isValid($compare, 'similar', $var)); + $this->assertTrue(Core::isValid($compare, 'equal', $var)); + } + + /** + * Data provider for testSimilarType + * + * @return array + */ + public function provideTestSimilarType() + { + return array( + array(1, 1), + array(1.5, 1.5), + array(true, true), + array('string', "string"), + array(array(1, 2, 3.4), array(1, 2, 3.4)), + array(array(1, '2', '3.4', 5, 'text'), array('1', '2', 3.4,'5')) + ); + } + + /** + * Test for Core::isValid + * + * @return void + */ + public function testOtherTypes() + { + $var = new CoreTest(); + $this->assertFalse(Core::isValid($var, 'class')); + } + + /** + * Test for unserializing + * + * @param string $data Serialized data + * @param mixed $expected Expected result + * + * @return void + * + * @dataProvider provideTestSafeUnserialize + */ + function testSafeUnserialize($data, $expected) + { + $this->assertEquals( + $expected, + Core::safeUnserialize($data) + ); + } + + /** + * Test data provider + * + * @return array + */ + function provideTestSafeUnserialize() + { + return array( + array('s:6:"foobar";', 'foobar'), + array('foobar', null), + array('b:0;', false), + array('O:1:"a":1:{s:5:"value";s:3:"100";}', null), + array('O:8:"stdClass":1:{s:5:"field";O:8:"stdClass":0:{}}', null), + array('a:2:{i:0;s:90:"1234567890;a345678901234567890123456789012345678901234567890123456789012345678901234567890";i:1;O:8:"stdClass":0:{}}', null), + array(serialize(array(1, 2, 3)), array(1, 2, 3)), + array(serialize('string""'), 'string""'), + array(serialize(array('foo' => 'bar')), array('foo' => 'bar')), + array(serialize(array('1', new stdClass(), '2')), null), + ); + } + + /** + * Test for MySQL host sanitizing + * + * @param string $host Test host name + * @param string $expected Expected result + * + * @return void + * + * @dataProvider provideTestSanitizeMySQLHost + */ + function testSanitizeMySQLHost($host, $expected) + { + $this->assertEquals( + $expected, + Core::sanitizeMySQLHost($host) + ); + } + + /** + * Test data provider + * + * @return array + */ + function provideTestSanitizeMySQLHost() + { + return array( + array('p:foo.bar', 'foo.bar'), + array('p:p:foo.bar', 'foo.bar'), + array('bar.baz', 'bar.baz'), + array('P:example.com', 'example.com'), + ); + } + + /** + * Test for replacing dots. + * + * @return void + */ + public function testReplaceDots() + { + $this->assertEquals( + Core::securePath('../../../etc/passwd'), + './././etc/passwd' + ); + $this->assertEquals( + Core::securePath('/var/www/../phpmyadmin'), + '/var/www/./phpmyadmin' + ); + $this->assertEquals( + Core::securePath('./path/with..dots/../../file..php'), + './path/with.dots/././file.php' + ); + } + + /** + * Test for Core::warnMissingExtension + * + * @return void + */ + function testMissingExtensionFatal() + { + $ext = 'php_ext'; + $warn = 'The <a href="' . Core::getPHPDocLink('book.' . $ext . '.php') + . '" target="Documentation"><em>' . $ext + . '</em></a> extension is missing. Please check your PHP configuration.'; + + $this->expectOutputRegex('@' . preg_quote($warn, '@') . '@'); + + Core::warnMissingExtension($ext, true); + } + + /** + * Test for Core::warnMissingExtension + * + * @return void + */ + function testMissingExtensionFatalWithExtra() + { + $ext = 'php_ext'; + $extra = 'Appended Extra String'; + + $warn = 'The <a href="' . Core::getPHPDocLink('book.' . $ext . '.php') + . '" target="Documentation"><em>' . $ext + . '</em></a> extension is missing. Please check your PHP configuration.' + . ' ' . $extra; + + ob_start(); + Core::warnMissingExtension($ext, true, $extra); + $printed = ob_get_contents(); + ob_end_clean(); + + $this->assertGreaterThan(0, mb_strpos($printed, $warn)); + } +} diff --git a/test/classes/DisplayResultsTest.php b/test/classes/DisplayResultsTest.php index e561734f7a..6127e6aff1 100644 --- a/test/classes/DisplayResultsTest.php +++ b/test/classes/DisplayResultsTest.php @@ -8,6 +8,7 @@ /* * Include to test. */ +use PMA\libraries\Core; use PMA\libraries\plugins\transformations\Text_Plain_Link; require_once 'libraries/relation.lib.php'; @@ -1311,9 +1312,9 @@ class DisplayResultsTest extends PMATestCase true, 'BLOB', '1001', - 'PMA_mimeDefaultFunction', + [Core::class, 'mimeDefaultFunction'], '', - 'PMA_mimeDefaultFunction', + [Core::class, 'mimeDefaultFunction'], $meta, $url_params, null, @@ -1326,9 +1327,9 @@ class DisplayResultsTest extends PMATestCase true, 'BLOB', hex2bin('123456'), - 'PMA_mimeDefaultFunction', + [Core::class, 'mimeDefaultFunction'], '', - 'PMA_mimeDefaultFunction', + [Core::class, 'mimeDefaultFunction'], $meta, $url_params, null, @@ -1341,9 +1342,9 @@ class DisplayResultsTest extends PMATestCase false, 'BLOB', '1001', - 'PMA_mimeDefaultFunction', + [Core::class, 'mimeDefaultFunction'], '', - 'PMA_mimeDefaultFunction', + [Core::class, 'mimeDefaultFunction'], $meta, $url_params, null, @@ -1358,7 +1359,7 @@ class DisplayResultsTest extends PMATestCase '1001', $transformation_plugin, '', - 'PMA_mimeDefaultFunction', + [Core::class, 'mimeDefaultFunction'], $meta, $url_params, null, @@ -1371,7 +1372,7 @@ class DisplayResultsTest extends PMATestCase null, '', '', - 'PMA_mimeDefaultFunction', + [Core::class, 'mimeDefaultFunction'], $meta, $url_params, null, @@ -1390,7 +1391,7 @@ class DisplayResultsTest extends PMATestCase * @param string $content the binary content * @param string $transformation_plugin transformation plugin. * Can also be the default function: - * PMA_mimeDefaultFunction + * PMA\libraries\Core::mimeDefaultFunction * @param string $transform_options transformation parameters * @param string $default_function default transformation function * @param object $meta the meta-information about the field @@ -1462,8 +1463,8 @@ class DisplayResultsTest extends PMATestCase array(), $url_params, false, - 'PMA_mimeDefaultFunction', - 'PMA_mimeDefaultFunction', + [Core::class, 'mimeDefaultFunction'], + [Core::class, 'mimeDefaultFunction'], array('https://www.example.com/'), false, array(), @@ -1484,7 +1485,7 @@ class DisplayResultsTest extends PMATestCase $url_params, false, $transformation_plugin, - 'PMA_mimeDefaultFunction', + [Core::class, 'mimeDefaultFunction'], '', false, array(), @@ -1502,7 +1503,7 @@ class DisplayResultsTest extends PMATestCase $url_params, false, $transformation_plugin, - 'PMA_mimeDefaultFunction', + [Core::class, 'mimeDefaultFunction'], '', false, array(), @@ -1519,8 +1520,8 @@ class DisplayResultsTest extends PMATestCase array(), $url_params, false, - 'PMA_mimeDefaultFunction', - 'PMA_mimeDefaultFunction', + [Core::class, 'mimeDefaultFunction'], + [Core::class, 'mimeDefaultFunction'], '', false, array(), diff --git a/test/classes/HeaderTest.php b/test/classes/HeaderTest.php index ed5e8d271f..fe45f3b8cd 100644 --- a/test/classes/HeaderTest.php +++ b/test/classes/HeaderTest.php @@ -9,6 +9,7 @@ /* * Include to test. */ +use PMA\libraries\Core; use PMA\libraries\Theme; require_once 'libraries/database_interface.inc.php'; @@ -36,7 +37,7 @@ class HeaderTest extends PMATestCase $GLOBALS['server'] = 0; $GLOBALS['message'] = 'phpmyadminmessage'; $GLOBALS['pmaThemePath'] = $_SESSION['PMA_Theme']->getPath(); - $GLOBALS['PMA_PHP_SELF'] = PMA_getenv('PHP_SELF'); + $GLOBALS['PMA_PHP_SELF'] = Core::getenv('PHP_SELF'); $GLOBALS['server'] = 'server'; $GLOBALS['db'] = 'pma_test'; $GLOBALS['table'] = 'table1'; diff --git a/test/classes/MenuTest.php b/test/classes/MenuTest.php index f7659b922c..c616b1a92a 100644 --- a/test/classes/MenuTest.php +++ b/test/classes/MenuTest.php @@ -9,6 +9,7 @@ /* * Include to test. */ +use PMA\libraries\Core; use PMA\libraries\Menu; use PMA\libraries\Theme; @@ -37,7 +38,7 @@ class MenuTest extends PMATestCase $GLOBALS['server'] = 0; $GLOBALS['cfg']['Server']['verbose'] = 'verbose host'; $GLOBALS['pmaThemePath'] = $_SESSION['PMA_Theme']->getPath(); - $GLOBALS['PMA_PHP_SELF'] = PMA_getenv('PHP_SELF'); + $GLOBALS['PMA_PHP_SELF'] = Core::getenv('PHP_SELF'); $GLOBALS['server'] = 'server'; $GLOBALS['db'] = 'pma_test'; $GLOBALS['table'] = 'table1'; diff --git a/test/classes/ServerStatusDataTest.php b/test/classes/ServerStatusDataTest.php index c39ba07a56..96196d8896 100644 --- a/test/classes/ServerStatusDataTest.php +++ b/test/classes/ServerStatusDataTest.php @@ -9,6 +9,7 @@ /* * Include to test. */ +use PMA\libraries\Core; use PMA\libraries\ServerStatusData; require_once 'libraries/database_interface.inc.php'; @@ -33,7 +34,7 @@ class ServerStatusDataTest extends PMATestCase */ function setup() { - $GLOBALS['PMA_PHP_SELF'] = PMA_getenv('PHP_SELF'); + $GLOBALS['PMA_PHP_SELF'] = Core::getenv('PHP_SELF'); $GLOBALS['cfg']['Server']['host'] = "::1"; $GLOBALS['replication_info']['master']['status'] = true; $GLOBALS['replication_info']['slave']['status'] = true; diff --git a/test/classes/controllers/ServerCollationsControllerTest.php b/test/classes/controllers/ServerCollationsControllerTest.php index 118c8babd9..d5d5d7a66b 100644 --- a/test/classes/controllers/ServerCollationsControllerTest.php +++ b/test/classes/controllers/ServerCollationsControllerTest.php @@ -6,18 +6,19 @@ * @package PhpMyAdmin-test */ +use PMA\libraries\controllers\server\ServerCollationsController; +use PMA\libraries\Core; +use PMA\libraries\Theme; + /* * Include to test. */ //$GLOBALS -use PMA\libraries\Theme; -use PMA\libraries\controllers\server\ServerCollationsController; - $GLOBALS['server'] = 1; $GLOBALS['is_superuser'] = false; $GLOBALS['cfg']['ServerDefault'] = 1; $GLOBALS['url_query'] = "url_query"; -$GLOBALS['PMA_PHP_SELF'] = PMA_getenv('PHP_SELF'); +$GLOBALS['PMA_PHP_SELF'] = Core::getenv('PHP_SELF'); $GLOBALS['lang'] = "en"; $GLOBALS['text_dir'] = "text_dir"; $GLOBALS['cfg']['Server'] = array( diff --git a/test/classes/controllers/ServerVariablesControllerTest.php b/test/classes/controllers/ServerVariablesControllerTest.php index e5b1bf5d54..9d9f4bb081 100644 --- a/test/classes/controllers/ServerVariablesControllerTest.php +++ b/test/classes/controllers/ServerVariablesControllerTest.php @@ -6,11 +6,11 @@ * @package PhpMyAdmin-test */ +use PMA\libraries\Core; use PMA\libraries\di\Container; use PMA\libraries\Theme; use PMA\libraries\URL; - require_once 'libraries/database_interface.inc.php'; require_once 'test/libraries/stubs/ResponseStub.php'; require_once 'test/PMATestCase.php'; @@ -39,7 +39,7 @@ class ServerVariablesControllerTest extends PMATestCase $_REQUEST['pos'] = 3; //$GLOBALS - $GLOBALS['PMA_PHP_SELF'] = PMA_getenv('PHP_SELF'); + $GLOBALS['PMA_PHP_SELF'] = Core::getenv('PHP_SELF'); $GLOBALS['server'] = 1; $GLOBALS['table'] = "table"; diff --git a/test/classes/engines/PbxtTest.php b/test/classes/engines/PbxtTest.php index 110a63200a..6a3371510e 100644 --- a/test/classes/engines/PbxtTest.php +++ b/test/classes/engines/PbxtTest.php @@ -10,6 +10,7 @@ * Include to test. */ +use PMA\libraries\Core; use PMA\libraries\engines\Pbxt; require_once 'libraries/database_interface.inc.php'; @@ -251,7 +252,7 @@ class PbxtTest extends PMATestCase 'Documentation and further information about PBXT' . ' can be found on the %sPrimeBase XT Home Page%s.' ), - '<a href="' . PMA_linkURL('https://mariadb.com/kb/en/mariadb/about-pbxt/') + '<a href="' . Core::linkURL('https://mariadb.com/kb/en/mariadb/about-pbxt/') . '" rel="noopener noreferrer" target="_blank">', '</a>' ) diff --git a/test/libraries/PMA_display_export_test.php b/test/libraries/PMA_display_export_test.php index c3c2d7ca84..2c4f7a728e 100644 --- a/test/libraries/PMA_display_export_test.php +++ b/test/libraries/PMA_display_export_test.php @@ -6,15 +6,11 @@ * @package PhpMyAdmin-test */ -/* - * Include to test. - */ +use PMA\libraries\Core; use PMA\libraries\Theme; use PMA\libraries\URL; - require_once 'libraries/display_export.lib.php'; - require_once 'libraries/database_interface.inc.php'; require_once 'libraries/plugin_interface.lib.php'; require_once 'libraries/relation.lib.php'; @@ -52,7 +48,7 @@ class PMA_DisplayExport_Test extends PHPUnit_Framework_TestCase $GLOBALS['cfg']['BZipDump'] = false; $GLOBALS['cfg']['Export']['asfile'] = true; $GLOBALS['cfg']['Export']['file_template_server'] = "file_template_server"; - $GLOBALS['PMA_PHP_SELF'] = PMA_getenv('PHP_SELF'); + $GLOBALS['PMA_PHP_SELF'] = Core::getenv('PHP_SELF'); $GLOBALS['PMA_recoding_engine'] = "InnerDB"; $GLOBALS['server'] = 0; diff --git a/test/libraries/PMA_ip_allow_deny_test.php b/test/libraries/PMA_ip_allow_deny_test.php index 9cc07ac0ef..988079602e 100644 --- a/test/libraries/PMA_ip_allow_deny_test.php +++ b/test/libraries/PMA_ip_allow_deny_test.php @@ -6,12 +6,9 @@ * @package PhpMyAdmin-test */ -/* - * Include to test. - */ +use PMA\libraries\Core; require_once 'libraries/database_interface.inc.php'; - require_once 'libraries/ip_allow_deny.lib.php'; /** @@ -47,7 +44,7 @@ class PMA_Ip_Allow_Deny_Test extends PHPUnit_Framework_TestCase } /** - * Test for PMA_getIp + * Test for Core::getIp * * @return void * @@ -73,7 +70,7 @@ class PMA_Ip_Allow_Deny_Test extends PHPUnit_Framework_TestCase $this->assertEquals( $expected, - PMA_getIp() + Core::getIp() ); unset($_SERVER['REMOTE_ADDR']); @@ -82,7 +79,7 @@ class PMA_Ip_Allow_Deny_Test extends PHPUnit_Framework_TestCase } /** - * Data provider for PMA_getIp tests + * Data provider for Core::getIp tests * * @return array */ diff --git a/test/libraries/PMA_server_privileges_test.php b/test/libraries/PMA_server_privileges_test.php index 0f8a4af6ef..2640a7c369 100644 --- a/test/libraries/PMA_server_privileges_test.php +++ b/test/libraries/PMA_server_privileges_test.php @@ -6,9 +6,7 @@ * @package PhpMyAdmin-test */ -/* - * Include to test. - */ +use PMA\libraries\Core; use PMA\libraries\Theme; use PMA\libraries\URL; @@ -72,7 +70,7 @@ class PMA_ServerPrivileges_Test extends PHPUnit_Framework_TestCase $GLOBALS['cfgRelation'] = array(); $GLOBALS['cfgRelation']['menuswork'] = false; $GLOBALS['table'] = "table"; - $GLOBALS['PMA_PHP_SELF'] = PMA_getenv('PHP_SELF'); + $GLOBALS['PMA_PHP_SELF'] = Core::getenv('PHP_SELF'); $GLOBALS['pmaThemeImage'] = 'image'; $GLOBALS['server'] = 1; $GLOBALS['hostname'] = "hostname"; diff --git a/test/libraries/PMA_server_status_advisor_test.php b/test/libraries/PMA_server_status_advisor_test.php index 336d2ba680..31172c1922 100644 --- a/test/libraries/PMA_server_status_advisor_test.php +++ b/test/libraries/PMA_server_status_advisor_test.php @@ -6,17 +6,11 @@ * @package PhpMyAdmin-test */ -/* - * Include to test. - */ +use PMA\libraries\Core; use PMA\libraries\ServerStatusData; use PMA\libraries\Theme; - - - require_once 'libraries/server_status_advisor.lib.php'; - require_once 'libraries/database_interface.inc.php'; /** @@ -59,7 +53,7 @@ class PMA_ServerStatusAdvisor_Test extends PHPUnit_Framework_TestCase $GLOBALS['cfg']['Server']['host'] = "localhost"; $GLOBALS['cfg']['ShowHint'] = true; $GLOBALS['cfg']['ActionLinksMode'] = 'icons'; - $GLOBALS['PMA_PHP_SELF'] = PMA_getenv('PHP_SELF'); + $GLOBALS['PMA_PHP_SELF'] = Core::getenv('PHP_SELF'); $GLOBALS['replication_info']['master']['status'] = false; $GLOBALS['replication_info']['slave']['status'] = false; diff --git a/test/libraries/PMA_server_status_monitor_test.php b/test/libraries/PMA_server_status_monitor_test.php index 9ba7acc482..9270105f84 100644 --- a/test/libraries/PMA_server_status_monitor_test.php +++ b/test/libraries/PMA_server_status_monitor_test.php @@ -6,15 +6,11 @@ * @package PhpMyAdmin-test */ -/* - * Include to test. - */ +use PMA\libraries\Core; use PMA\libraries\ServerStatusData; use PMA\libraries\Theme; - require_once 'libraries/server_status_monitor.lib.php'; - require_once 'libraries/database_interface.inc.php'; /** @@ -53,7 +49,7 @@ class PMA_ServerStatusMonitor_Test extends PHPUnit_Framework_TestCase $GLOBALS['cfg']['ShowSQL'] = true; $GLOBALS['cfg']['Server']['host'] = "localhost"; $GLOBALS['cfg']['ShowHint'] = true; - $GLOBALS['PMA_PHP_SELF'] = PMA_getenv('PHP_SELF'); + $GLOBALS['PMA_PHP_SELF'] = Core::getenv('PHP_SELF'); $GLOBALS['replication_info']['master']['status'] = false; $GLOBALS['replication_info']['slave']['status'] = false; diff --git a/test/libraries/PMA_server_status_processes_test.php b/test/libraries/PMA_server_status_processes_test.php index 41105654d4..56408bb191 100644 --- a/test/libraries/PMA_server_status_processes_test.php +++ b/test/libraries/PMA_server_status_processes_test.php @@ -6,9 +6,7 @@ * @package PhpMyAdmin-test */ -/* - * Include to test. - */ +use PMA\libraries\Core; use PMA\libraries\Theme; use PMA\libraries\URL; @@ -33,7 +31,7 @@ class PMA_ServerStatusProcesses_Test extends PHPUnit_Framework_TestCase public function setUp() { $GLOBALS['cfg']['Server']['host'] = "localhost"; - $GLOBALS['PMA_PHP_SELF'] = PMA_getenv('PHP_SELF'); + $GLOBALS['PMA_PHP_SELF'] = Core::getenv('PHP_SELF'); $GLOBALS['replication_info']['master']['status'] = true; $GLOBALS['replication_info']['slave']['status'] = false; $GLOBALS['replication_types'] = array(); diff --git a/test/libraries/PMA_server_status_queries_test.php b/test/libraries/PMA_server_status_queries_test.php index 2b443aa914..d051973ecd 100644 --- a/test/libraries/PMA_server_status_queries_test.php +++ b/test/libraries/PMA_server_status_queries_test.php @@ -6,16 +6,11 @@ * @package PhpMyAdmin-test */ -/* - * Include to test. - */ - +use PMA\libraries\Core; use PMA\libraries\ServerStatusData; use PMA\libraries\Theme; - require_once 'libraries/server_status_queries.lib.php'; - require_once 'libraries/database_interface.inc.php'; /** @@ -52,7 +47,7 @@ class PMA_ServerStatusQueries_Test extends PHPUnit_Framework_TestCase $GLOBALS['cfg']['LimitChars'] = 100; $GLOBALS['cfg']['DBG']['sql'] = false; $GLOBALS['cfg']['Server']['host'] = "localhost"; - $GLOBALS['PMA_PHP_SELF'] = PMA_getenv('PHP_SELF'); + $GLOBALS['PMA_PHP_SELF'] = Core::getenv('PHP_SELF'); $GLOBALS['replication_info']['master']['status'] = false; $GLOBALS['replication_info']['slave']['status'] = false; diff --git a/test/libraries/PMA_server_status_test.php b/test/libraries/PMA_server_status_test.php index f86e0fe561..8bd9bfe7e4 100644 --- a/test/libraries/PMA_server_status_test.php +++ b/test/libraries/PMA_server_status_test.php @@ -6,15 +6,11 @@ * @package PhpMyAdmin-test */ -/* - * Include to test. - */ +use PMA\libraries\Core; use PMA\libraries\ServerStatusData; use PMA\libraries\Theme; - require_once 'libraries/server_status.lib.php'; - require_once 'libraries/database_interface.inc.php'; /** @@ -43,7 +39,7 @@ class PMA_ServerStatus_Test extends PHPUnit_Framework_TestCase $GLOBALS['cfg']['Server']['host'] = "localhost"; $GLOBALS['cfg']['ShowHint'] = true; $GLOBALS['cfg']['ActionLinksMode'] = 'icons'; - $GLOBALS['PMA_PHP_SELF'] = PMA_getenv('PHP_SELF'); + $GLOBALS['PMA_PHP_SELF'] = Core::getenv('PHP_SELF'); $GLOBALS['replication_info']['master']['status'] = true; $GLOBALS['replication_info']['slave']['status'] = false; $GLOBALS['replication_types'] = array(); diff --git a/test/libraries/PMA_server_status_variables_test.php b/test/libraries/PMA_server_status_variables_test.php index c840c6de3a..b7dd84aea2 100644 --- a/test/libraries/PMA_server_status_variables_test.php +++ b/test/libraries/PMA_server_status_variables_test.php @@ -6,16 +6,11 @@ * @package PhpMyAdmin-test */ -/* - * Include to test. - */ +use PMA\libraries\Core; use PMA\libraries\ServerStatusData; use PMA\libraries\Theme; - - require_once 'libraries/server_status_variables.lib.php'; - require_once 'libraries/database_interface.inc.php'; /** @@ -56,7 +51,7 @@ class PMA_ServerStatusVariables_Test extends PHPUnit_Framework_TestCase $GLOBALS['cfg']['LimitChars'] = 100; $GLOBALS['cfg']['DBG']['sql'] = false; $GLOBALS['cfg']['Server']['host'] = "localhost"; - $GLOBALS['PMA_PHP_SELF'] = PMA_getenv('PHP_SELF'); + $GLOBALS['PMA_PHP_SELF'] = Core::getenv('PHP_SELF'); $GLOBALS['replication_info']['master']['status'] = false; $GLOBALS['replication_info']['slave']['status'] = false; diff --git a/test/libraries/PMA_sql_query_form_test.php b/test/libraries/PMA_sql_query_form_test.php index d067b00d07..2af4bc2a8d 100644 --- a/test/libraries/PMA_sql_query_form_test.php +++ b/test/libraries/PMA_sql_query_form_test.php @@ -6,6 +6,7 @@ * @package PhpMyAdmin-test */ +use PMA\libraries\Core; use PMA\libraries\Encoding; use PMA\libraries\Theme; use PMA\libraries\URL; @@ -39,7 +40,7 @@ class PMA_SqlQueryForm_Test extends PHPUnit_Framework_TestCase { //$GLOBALS $GLOBALS['max_upload_size'] = 100; - $GLOBALS['PMA_PHP_SELF'] = PMA_getenv('PHP_SELF'); + $GLOBALS['PMA_PHP_SELF'] = Core::getenv('PHP_SELF'); $GLOBALS['db'] = "PMA_db"; $GLOBALS['table'] = "PMA_table"; $GLOBALS['text_dir'] = "text_dir"; diff --git a/test/libraries/common/PMA_checkParameters_test.php b/test/libraries/common/PMA_checkParameters_test.php index 051686be91..0530e7644b 100644 --- a/test/libraries/common/PMA_checkParameters_test.php +++ b/test/libraries/common/PMA_checkParameters_test.php @@ -10,6 +10,7 @@ /* * Include to test. */ +use PMA\libraries\Core; use PMA\libraries\Theme; /** @@ -39,7 +40,7 @@ class PMA_CheckParameters_Test extends PHPUnit_Framework_TestCase */ function testCheckParameterMissing() { - $GLOBALS['PMA_PHP_SELF'] = PMA_getenv('PHP_SELF'); + $GLOBALS['PMA_PHP_SELF'] = Core::getenv('PHP_SELF'); $GLOBALS['pmaThemePath'] = $_SESSION['PMA_Theme']->getPath(); $this->expectOutputRegex("/Missing parameter: field/"); @@ -56,7 +57,7 @@ class PMA_CheckParameters_Test extends PHPUnit_Framework_TestCase */ function testCheckParameter() { - $GLOBALS['PMA_PHP_SELF'] = PMA_getenv('PHP_SELF'); + $GLOBALS['PMA_PHP_SELF'] = Core::getenv('PHP_SELF'); $GLOBALS['pmaThemePath'] = $_SESSION['PMA_Theme']->getPath(); $GLOBALS['db'] = "dbDatabase"; $GLOBALS['table'] = "tblTable"; diff --git a/test/libraries/core/PMA_array_test.php b/test/libraries/core/PMA_array_test.php deleted file mode 100644 index 654a3e1526..0000000000 --- a/test/libraries/core/PMA_array_test.php +++ /dev/null @@ -1,223 +0,0 @@ -<?php -/* vim: set expandtab sw=4 ts=4 sts=4: */ -/** - * Test for PMA_arrayRead(), PMA_arrayWrite(), PMA_arrayRemove() - * - * @package PhpMyAdmin-test - */ - -/* - * Include to test. - */ - -/** - * Test for PMA_arrayRead(), PMA_arrayWrite(), PMA_arrayRemove() - * - * @package PhpMyAdmin-test - */ -class PMA_Array_Test extends PHPUnit_Framework_TestCase -{ - /** - * Test for PMA_arrayRead - * - * @return void - */ - function testRead() - { - $arr = array( - "int" => 1, - "str" => "str_val", - "arr" => array('val1', 'val2', 'val3'), - "sarr" => array( - 'arr1' => array(1, 2, 3), - array(3, array('a', 'b', 'c'), 4) - ) - ); - - $this->assertEquals( - PMA_arrayRead('int', $arr), - $arr['int'] - ); - - $this->assertEquals( - PMA_arrayRead('str', $arr), - $arr['str'] - ); - - $this->assertEquals( - PMA_arrayRead('arr/0', $arr), - $arr['arr'][0] - ); - - $this->assertEquals( - PMA_arrayRead('arr/1', $arr), - $arr['arr'][1] - ); - - $this->assertEquals( - PMA_arrayRead('arr/2', $arr), - $arr['arr'][2] - ); - - $this->assertEquals( - PMA_arrayRead('sarr/arr1/0', $arr), - $arr['sarr']['arr1'][0] - ); - - $this->assertEquals( - PMA_arrayRead('sarr/arr1/1', $arr), - $arr['sarr']['arr1'][1] - ); - - $this->assertEquals( - PMA_arrayRead('sarr/arr1/2', $arr), - $arr['sarr']['arr1'][2] - ); - - $this->assertEquals( - PMA_arrayRead('sarr/0/0', $arr), - $arr['sarr'][0][0] - ); - - $this->assertEquals( - PMA_arrayRead('sarr/0/1', $arr), - $arr['sarr'][0][1] - ); - - $this->assertEquals( - PMA_arrayRead('sarr/0/1/2', $arr), - $arr['sarr'][0][1][2] - ); - - $this->assertEquals( - PMA_arrayRead('sarr/not_exiting/1', $arr), - null - ); - - $this->assertEquals( - PMA_arrayRead('sarr/not_exiting/1', $arr, 0), - 0 - ); - - $this->assertEquals( - PMA_arrayRead('sarr/not_exiting/1', $arr, 'default_val'), - 'default_val' - ); - } - - /** - * Test for PMA_arrayWrite - * - * @return void - */ - function testWrite() - { - $arr = array( - "int" => 1, - "str" => "str_val", - "arr" => array('val1', 'val2', 'val3'), - "sarr" => array( - 'arr1' => array(1, 2, 3), - array(3, array('a', 'b', 'c'), 4) - ) - ); - - PMA_arrayWrite('int', $arr, 5); - $this->assertEquals($arr['int'], 5); - - PMA_arrayWrite('str', $arr, '_str'); - $this->assertEquals($arr['str'], '_str'); - - PMA_arrayWrite('arr/0', $arr, 'val_arr_0'); - $this->assertEquals($arr['arr'][0], 'val_arr_0'); - - PMA_arrayWrite('arr/1', $arr, 'val_arr_1'); - $this->assertEquals($arr['arr'][1], 'val_arr_1'); - - PMA_arrayWrite('arr/2', $arr, 'val_arr_2'); - $this->assertEquals($arr['arr'][2], 'val_arr_2'); - - PMA_arrayWrite('sarr/arr1/0', $arr, 'val_sarr_arr_0'); - $this->assertEquals($arr['sarr']['arr1'][0], 'val_sarr_arr_0'); - - PMA_arrayWrite('sarr/arr1/1', $arr, 'val_sarr_arr_1'); - $this->assertEquals($arr['sarr']['arr1'][1], 'val_sarr_arr_1'); - - PMA_arrayWrite('sarr/arr1/2', $arr, 'val_sarr_arr_2'); - $this->assertEquals($arr['sarr']['arr1'][2], 'val_sarr_arr_2'); - - PMA_arrayWrite('sarr/0/0', $arr, 5); - $this->assertEquals($arr['sarr'][0][0], 5); - - PMA_arrayWrite('sarr/0/1/0', $arr, 'e'); - $this->assertEquals($arr['sarr'][0][1][0], 'e'); - - PMA_arrayWrite('sarr/not_existing/1', $arr, 'some_val'); - $this->assertEquals($arr['sarr']['not_existing'][1], 'some_val'); - - PMA_arrayWrite('sarr/0/2', $arr, null); - $this->assertNull($arr['sarr'][0][2]); - } - - /** - * Test for PMA_arrayRemove - * - * @return void - */ - function testRemove() - { - $arr = array( - "int" => 1, - "str" => "str_val", - "arr" => array('val1', 'val2', 'val3'), - "sarr" => array( - 'arr1' => array(1, 2, 3), - array(3, array('a', 'b', 'c'), 4) - ) - ); - - PMA_arrayRemove('int', $arr); - $this->assertArrayNotHasKey('int', $arr); - - PMA_arrayRemove('str', $arr); - $this->assertArrayNotHasKey('str', $arr); - - PMA_arrayRemove('arr/0', $arr); - $this->assertArrayNotHasKey(0, $arr['arr']); - - PMA_arrayRemove('arr/1', $arr); - $this->assertArrayNotHasKey(1, $arr['arr']); - - PMA_arrayRemove('arr/2', $arr); - $this->assertArrayNotHasKey('arr', $arr); - - $tmp_arr = $arr; - PMA_arrayRemove('sarr/not_existing/1', $arr); - $this->assertEquals($tmp_arr, $arr); - - PMA_arrayRemove('sarr/arr1/0', $arr); - $this->assertArrayNotHasKey(0, $arr['sarr']['arr1']); - - PMA_arrayRemove('sarr/arr1/1', $arr); - $this->assertArrayNotHasKey(1, $arr['sarr']['arr1']); - - PMA_arrayRemove('sarr/arr1/2', $arr); - $this->assertArrayNotHasKey('arr1', $arr['sarr']); - - PMA_arrayRemove('sarr/0/0', $arr); - $this->assertArrayNotHasKey(0, $arr['sarr'][0]); - - PMA_arrayRemove('sarr/0/1/0', $arr); - $this->assertArrayNotHasKey(0, $arr['sarr'][0][1]); - - PMA_arrayRemove('sarr/0/1/1', $arr); - $this->assertArrayNotHasKey(1, $arr['sarr'][0][1]); - - PMA_arrayRemove('sarr/0/1/2', $arr); - $this->assertArrayNotHasKey(1, $arr['sarr'][0]); - - PMA_arrayRemove('sarr/0/2', $arr); - - $this->assertEmpty($arr); - } -} diff --git a/test/libraries/core/PMA_checkPageValidity_test.php b/test/libraries/core/PMA_checkPageValidity_test.php deleted file mode 100644 index 8d4a090f9e..0000000000 --- a/test/libraries/core/PMA_checkPageValidity_test.php +++ /dev/null @@ -1,68 +0,0 @@ -<?php -/* vim: set expandtab sw=4 ts=4 sts=4: */ -/** - * - * @package PhpMyAdmin-test - */ - -/* - * Include to test. - */ - -/** - * - * @package PhpMyAdmin-test - */ -class PMA_CheckPageValidity_Test extends PHPUnit_Framework_TestCase -{ - protected $goto_whitelist = array( - 'db_datadict.php', - 'db_sql.php', - 'db_export.php', - 'db_search.php', - 'export.php', - 'import.php', - 'index.php', - 'pdf_pages.php', - 'pdf_schema.php', - 'server_binlog.php', - 'server_variables.php', - 'sql.php', - 'tbl_select.php', - 'transformation_overview.php', - 'transformation_wrapper.php', - 'user_password.php', - ); - - /** - * Test for PMA_checkPageValidity - * - * @param string $page Page - * @param array|null $whiteList White list - * @param int $expected Expected value - * - * @return void - * - * @dataProvider provider - */ - function testGotoNowhere($page, $whiteList, $expected) - { - $this->assertTrue($expected === PMA_checkPageValidity($page, $whiteList)); - } - - /** - * Data provider for testGotoNowhere - * - * @return array - */ - public function provider() - { - return array( - array(null, null, false), - array('export.php', $this->goto_whitelist, true), - array('shell.php', $this->goto_whitelist, false), - array('index.php?sql.php&test=true', $this->goto_whitelist, true), - array('index.php%3Fsql.php%26test%3Dtrue', $this->goto_whitelist, true), - ); - } -} diff --git a/test/libraries/core/PMA_cleanupPathInfo_test.php b/test/libraries/core/PMA_cleanupPathInfo_test.php deleted file mode 100644 index 3d40a91fb4..0000000000 --- a/test/libraries/core/PMA_cleanupPathInfo_test.php +++ /dev/null @@ -1,108 +0,0 @@ -<?php -/* vim: set expandtab sw=4 ts=4 sts=4: */ -/** - * - * PMA_fatalError() displays the given error message on phpMyAdmin error page in - * foreign language - * and ends script execution and closes session - * - * @package PhpMyAdmin-test - */ - - - - -/** - * - * PMA_fatalError() displays the given error message on phpMyAdmin error page in - * foreign language - * and ends script execution and closes session - * - * @package PhpMyAdmin-test - */ -class PMA_CleanupPathInfo_Test extends PHPUnit_Framework_TestCase -{ - /** - * Test for PMA_cleanupPathInfo - * - * @param string $php_self The PHP_SELF value - * @param string $request The REQUEST_URI value - * @param string $path_info The PATH_INFO value - * @param string $expected Expected result - * - * @return void - * - * @dataProvider pathsProvider - */ - public function testPahtInfo($php_self, $request, $path_info, $expected) - { - $_SERVER['PHP_SELF'] = $php_self; - $_SERVER['REQUEST_URI'] = $request; - $_SERVER['PATH_INFO'] = $path_info; - PMA_cleanupPathInfo(); - $this->assertEquals( - $expected, - $GLOBALS['PMA_PHP_SELF'] - ); - } - - /** - * Data provider for PMA_cleanupPathInfo tests - * - * @return array - */ - public function pathsProvider() - { - return array( - array( - '/phpmyadmin/index.php/; cookieinj=value/', - '/phpmyadmin/index.php/;%20cookieinj=value///', - '/; cookieinj=value/', - '/phpmyadmin/index.php' - ), - array( - '', - '/phpmyadmin/index.php/;%20cookieinj=value///', - '/; cookieinj=value/', - '/phpmyadmin/index.php' - ), - array( - '', - '//example.com/../phpmyadmin/index.php', - '', - '/phpmyadmin/index.php' - ), - array( - '', - '//example.com/../../.././phpmyadmin/index.php', - '', - '/phpmyadmin/index.php' - ), - array( - '', - '/page.php/malicouspathinfo?malicouspathinfo', - 'malicouspathinfo', - '/page.php' - ), - array( - '/phpmyadmin/./index.php', - '/phpmyadmin/./index.php', - '', - '/phpmyadmin/index.php' - ), - array( - '/phpmyadmin/index.php', - '/phpmyadmin/index.php', - '', - '/phpmyadmin/index.php' - ), - array( - '', - '/phpmyadmin/index.php', - '', - '/phpmyadmin/index.php' - ), - ); - } -} - diff --git a/test/libraries/core/PMA_fatalError_test.php b/test/libraries/core/PMA_fatalError_test.php deleted file mode 100644 index a952b7d91c..0000000000 --- a/test/libraries/core/PMA_fatalError_test.php +++ /dev/null @@ -1,78 +0,0 @@ -<?php -/* vim: set expandtab sw=4 ts=4 sts=4: */ -/** - * - * PMA_fatalError() displays the given error message on phpMyAdmin error page in - * foreign language - * and ends script execution and closes session - * - * @package PhpMyAdmin-test - */ - -/* - * Include to test. - */ -use PMA\libraries\Theme; - -/** - * - * PMA_fatalError() displays the given error message on phpMyAdmin error page in - * foreign language - * and ends script execution and closes session - * - * @package PhpMyAdmin-test - */ -class PMA_FatalError_Test extends PHPUnit_Framework_TestCase -{ - /** - * Set up - * - * @return void - */ - public function setup() - { - $GLOBALS['PMA_Config'] = new PMA\libraries\Config(); - $GLOBALS['PMA_Config']->enableBc(); - $GLOBALS['cfg']['Server'] = array( - 'host' => 'host', - 'verbose' => 'verbose', - ); - $GLOBALS['cfg']['OBGzip'] = false; - $GLOBALS['pmaThemePath'] = $_SESSION['PMA_Theme']->getPath(); - $GLOBALS['server'] = 1; - $GLOBALS['db'] = ''; - $GLOBALS['table'] = ''; - } - - /** - * Test for PMA_fatalError - * - * @return void - */ - public function testFatalErrorMessage() - { - $this->expectOutputRegex("/FatalError!/"); - PMA_fatalError("FatalError!"); - } - - /** - * Test for PMA_fatalError - * - * @return void - */ - public function testFatalErrorMessageWithArgs() - { - $message = "Fatal error #%d in file %s."; - $params = array(1, 'error_file.php'); - - $this->expectOutputRegex("/Fatal error #1 in file error_file.php./"); - PMA_fatalError($message, $params); - - $message = "Fatal error in file %s."; - $params = 'error_file.php'; - - $this->expectOutputRegex("/Fatal error in file error_file.php./"); - PMA_fatalError($message, $params); - } - -} diff --git a/test/libraries/core/PMA_getLinks_test.php b/test/libraries/core/PMA_getLinks_test.php deleted file mode 100644 index 4ae0959b2e..0000000000 --- a/test/libraries/core/PMA_getLinks_test.php +++ /dev/null @@ -1,72 +0,0 @@ -<?php -/* vim: set expandtab sw=4 ts=4 sts=4: */ -/** - * - * @package PhpMyAdmin-test - */ - - -/** - * - * @package PhpMyAdmin-test - */ -class PMA_GetLinks_Test extends PHPUnit_Framework_TestCase -{ - /** - * Set up - * - * @return void - */ - function setUp() - { - $GLOBALS['server'] = 99; - $GLOBALS['cfg']['ServerDefault'] = 0; - } - - /** - * Test for PMA_getPHPDocLink - * - * @return void - */ - public function testGetPHPDocLink() - { - $lang = _pgettext('PHP documentation language', 'en'); - $this->assertEquals( - PMA_getPHPDocLink('function'), - './url.php?url=https%3A%2F%2Fsecure.php.net%2Fmanual%2F' - . $lang . '%2Ffunction' - ); - } - - /** - * Data provider for testLinkURL - * - * @return array - */ - public function providerLinkURL() - { - return array( - array('https://wiki.phpmyadmin.net', - './url.php?url=https%3A%2F%2Fwiki.phpmyadmin.net'), - array('https://wiki.phpmyadmin.net', - './url.php?url=https%3A%2F%2Fwiki.phpmyadmin.net'), - array('wiki.phpmyadmin.net', 'wiki.phpmyadmin.net'), - array('index.php?db=phpmyadmin', 'index.php?db=phpmyadmin') - ); - } - - /** - * Test for PMA_linkURL - * - * @param string $link URL where to go - * @param string $url Expected value - * - * @return void - * - * @dataProvider providerLinkURL - */ - public function testLinkURL($link, $url) - { - $this->assertEquals(PMA_linkURL($link), $url); - } -} diff --git a/test/libraries/core/PMA_getTableCount_test_dis.php b/test/libraries/core/PMA_getTableCount_test_dis.php deleted file mode 100644 index e4bdf38977..0000000000 --- a/test/libraries/core/PMA_getTableCount_test_dis.php +++ /dev/null @@ -1,59 +0,0 @@ -<?php -/* vim: set expandtab sw=4 ts=4 sts=4: */ -/** - * PMA_getTableCount_test returns count of tables in given db - * - * @package PhpMyAdmin-test - */ - -/* - * Include to test. - */ - -use PMA\libraries\Theme; - -require_once 'libraries/select_lang.inc.php'; -require_once 'libraries/config.default.php'; - - - -require_once 'libraries/database_interface.inc.php'; - -require_once 'config.sample.inc.php'; - -/** - * PMA_getTableCount_test returns count of tables in given db - * - * @package PhpMyAdmin-test - */ -class PMA_GetTableCount_Test extends PHPUnit_Framework_TestCase -{ - /** - * Set up - * - * @return void - */ - public function setUp() - { - $GLOBALS['PMA_Config'] = new PMA\libraries\Config(); - $GLOBALS['PMA_Config']->enableBc(); - $GLOBALS['cfg']['OBGzip'] = false; - $GLOBALS['pmaThemePath'] = $_SESSION['PMA_Theme']->getPath(); - $GLOBALS['server'] = 1; - $GLOBALS['db'] = ''; - $GLOBALS['table'] = ''; - } - - /** - * Test for PMA_getTableCount - * - * @return void - */ - function testTableCount() - { - $GLOBALS['cfg']['Server']['host'] = 'localhost'; - $GLOBALS['cfg']['Server']['user'] = 'root'; - - $this->assertEquals(5, PMA_getTableCount('meddb')); - } -} diff --git a/test/libraries/core/PMA_get_real_size_test.php b/test/libraries/core/PMA_get_real_size_test.php deleted file mode 100644 index 78c2a103d3..0000000000 --- a/test/libraries/core/PMA_get_real_size_test.php +++ /dev/null @@ -1,50 +0,0 @@ -<?php -/* vim: set expandtab sw=4 ts=4 sts=4: */ -/** - * - * @package PhpMyAdmin-test - */ - -/* - * Include to test. - */ - -/** - * - * @package PhpMyAdmin-test - */ -class PMA_GetRealSize_Test extends PHPUnit_Framework_TestCase -{ - /** - * Test for - * - * @param string $size Size - * @param int $expected Expected value - * - * @return void - * - * @dataProvider provider - */ - public function testNull($size, $expected) - { - $this->assertEquals($expected, PMA_getRealSize($size)); - } - - /** - * Data provider for testExtractValueFromFormattedSize - * - * @return array - */ - public function provider() - { - return array( - array('0', 0), - array('1kb', 1024), - array('1024k', 1024 * 1024), - array('8m', 8 * 1024 * 1024), - array('12gb', 12 * 1024 * 1024 * 1024), - array('1024', 1024), - ); - } - -} diff --git a/test/libraries/core/PMA_headerLocation_test.php b/test/libraries/core/PMA_headerLocation_test.php deleted file mode 100644 index adb760f168..0000000000 --- a/test/libraries/core/PMA_headerLocation_test.php +++ /dev/null @@ -1,133 +0,0 @@ -<?php -/* vim: set expandtab sw=4 ts=4 sts=4: */ -/** - * Test for PMA_sendHeaderLocation - * - * @package PhpMyAdmin-test - */ - -/* - * Include to test. - */ -use PMA\libraries\Theme; -use PMA\libraries\URL; -use PMA\libraries\Sanitize; - -/** - * Test function sending headers. - * Warning - these tests set constants, so it can interfere with other tests - * If you have runkit extension, then it is possible to back changes made on - * constants rest of options can be tested only with apd, when functions header - * and headers_sent are redefined rename_function() of header and headers_sent - * may cause CLI error report in Windows XP (but tests are done correctly) - * additional functions which were created during tests must be stored to - * coverage test e.g. - * - * <code> - * rename_function( - * 'headers_sent', - * 'headers_sent'.str_replace(array('.', ' '),array('', ''),microtime()) - * ); - * </code> - * - * @package PhpMyAdmin-test - */ - -class PMA_HeaderLocation_Test extends PMATestCase -{ - - protected $runkitExt; - protected $apdExt; - - /** - * Set up - * - * @return void - */ - public function setUp() - { - //session_start(); - - $GLOBALS['server'] = 0; - $GLOBALS['PMA_Config'] = new PMA\libraries\Config(); - $GLOBALS['PMA_Config']->enableBc(); - $GLOBALS['PMA_Config']->set('PMA_IS_IIS', null); - } - - /** - * Test for PMA_sendHeaderLocation - * - * @return void - */ - public function testSendHeaderLocationWithoutSidWithIis() - { - $GLOBALS['PMA_Config']->set('PMA_IS_IIS', true); - - $testUri = 'https://example.com/test.php'; - - $this->mockResponse('Location: ' . $testUri); - PMA_sendHeaderLocation($testUri); // sets $GLOBALS['header'] - - $this->tearDown(); - - $this->mockResponse('Refresh: 0; ' . $testUri); - PMA_sendHeaderLocation($testUri, true); // sets $GLOBALS['header'] - } - - /** - * Test for PMA_sendHeaderLocation - * - * @return void - */ - public function testSendHeaderLocationWithoutSidWithoutIis() - { - $testUri = 'https://example.com/test.php'; - - $this->mockResponse('Location: ' . $testUri); - PMA_sendHeaderLocation($testUri); // sets $GLOBALS['header'] - } - - /** - * Test for PMA_sendHeaderLocation - * - * @return void - */ - public function testSendHeaderLocationIisLongUri() - { - $GLOBALS['PMA_Config']->set('PMA_IS_IIS', true); - - // over 600 chars - $testUri = 'https://example.com/test.php?testlonguri=over600chars&test=test' - . '&test=test&test=test&test=test&test=test&test=test&test=test' - . '&test=test&test=test&test=test&test=test&test=test&test=test' - . '&test=test&test=test&test=test&test=test&test=test&test=test' - . '&test=test&test=test&test=test&test=test&test=test&test=test' - . '&test=test&test=test&test=test&test=test&test=test&test=test' - . '&test=test&test=test&test=test&test=test&test=test&test=test' - . '&test=test&test=test&test=test&test=test&test=test&test=test' - . '&test=test&test=test&test=test&test=test&test=test&test=test' - . '&test=test&test=test&test=test&test=test&test=test&test=test' - . '&test=test&test=test'; - $testUri_html = htmlspecialchars($testUri); - $testUri_js = Sanitize::escapeJsString($testUri); - - $header = "<html>\n<head>\n <title>- - -</title> - <meta http-equiv=\"expires\" content=\"0\" />" - . "\n <meta http-equiv=\"Pragma\" content=\"no-cache\" />" - . "\n <meta http-equiv=\"Cache-Control\" content=\"no-cache\" />" - . "\n <meta http-equiv=\"Refresh\" content=\"0;url=" . $testUri_html . "\" />" - . "\n <script type=\"text/javascript\">\n //<![CDATA[ - setTimeout(function() { window.location = decodeURI('" . $testUri_js . "'); }, 2000); - //]]>\n </script>\n</head> -<body>\n<script type=\"text/javascript\">\n //<![CDATA[ - document.write('<p><a href=\"" . $testUri_html . "\">" . __('Go') . "</a></p>'); - //]]>\n</script>\n</body>\n</html> -"; - - $this->expectOutputString($header); - - $this->mockResponse(); - - PMA_sendHeaderLocation($testUri); - } -} diff --git a/test/libraries/core/PMA_ifSetOr_test.php b/test/libraries/core/PMA_ifSetOr_test.php deleted file mode 100644 index 62cff93694..0000000000 --- a/test/libraries/core/PMA_ifSetOr_test.php +++ /dev/null @@ -1,69 +0,0 @@ -<?php -/* vim: set expandtab sw=4 ts=4 sts=4: */ -/** - * - * @package PhpMyAdmin-test - */ - -/* - * Include to test. - */ - -/** - * - * @package PhpMyAdmin-test - */ -class PMA_IfSetOr_Test extends PHPUnit_Framework_TestCase -{ - /** - * Test for PMA_ifSetOr - * - * @return void - */ - public function testVarSet() - { - $default = 'foo'; - $in = 'bar'; - $out = PMA_ifSetOr($in, $default); - $this->assertEquals($in, $out); - } - - /** - * Test for PMA_ifSetOr - * - * @return void - */ - public function testVarSetWrongType() - { - $default = 'foo'; - $in = 'bar'; - $out = PMA_ifSetOr($in, $default, 'boolean'); - $this->assertEquals($out, $default); - } - - /** - * Test for PMA_ifSetOr - * - * @return void - */ - public function testVarNotSet() - { - $default = 'foo'; - // $in is not set! - $out = PMA_ifSetOr($in, $default); - $this->assertEquals($out, $default); - } - - /** - * Test for PMA_ifSetOr - * - * @return void - */ - public function testVarNotSetNoDefault() - { - // $in is not set! - $out = PMA_ifSetOr($in); - $this->assertEquals($out, null); - } - -} diff --git a/test/libraries/core/PMA_isAllowedDomain_test.php b/test/libraries/core/PMA_isAllowedDomain_test.php deleted file mode 100644 index 9f544c0d9c..0000000000 --- a/test/libraries/core/PMA_isAllowedDomain_test.php +++ /dev/null @@ -1,56 +0,0 @@ -<?php -/* vim: set expandtab sw=4 ts=4 sts=4: */ -/** - * Test for PMA_isAllowedDomain - * - * @package PhpMyAdmin-test - */ - -/* - * Include to test. - */ -require_once 'libraries/core.lib.php'; - -class PMA_isAllowedDomain_test extends PHPUnit_Framework_TestCase -{ - /** - * Test for unserializing - * - * @param string $url URL to test - * @param mixed $expected Expected result - * - * @return void - * - * @dataProvider provideURLs - */ - function testIsAllowedDomain($url, $expected) - { - $_SERVER['SERVER_NAME'] = 'server.local'; - $this->assertEquals( - $expected, - PMA_isAllowedDomain($url) - ); - } - - /** - * Test data provider - * - * @return array - */ - function provideURLs() - { - return array( - array('https://www.phpmyadmin.net/', true), - array('http://duckduckgo.com\\@github.com', false), - array('https://github.com/', true), - array('https://github.com:123/', false), - array('https://user:pass@github.com:123/', false), - array('https://user:pass@github.com/', false), - array('https://server.local/', true), - array('./relative/', false), - ); - } - -} - - diff --git a/test/libraries/core/PMA_isValid_test.php b/test/libraries/core/PMA_isValid_test.php deleted file mode 100644 index 297391cd1b..0000000000 --- a/test/libraries/core/PMA_isValid_test.php +++ /dev/null @@ -1,343 +0,0 @@ -<?php -/* vim: set expandtab sw=4 ts=4 sts=4: */ -/** - * - * @package PhpMyAdmin-test - */ - -/* - * Include to test. - */ - -/** - * - * @package PhpMyAdmin-test - */ -class PMA_IsValid_Test extends PHPUnit_Framework_TestCase -{ - /** - * Data provider for testNoVarType - * - * @return array - */ - public static function providerNoVarTypeProvider() - { - return array( - array(0, false, 0), - array(0, false, 1), - array(1, false, null), - array(1.1, false, null), - array('', false, null), - array(' ', false, null), - array('0', false, null), - array('string', false, null), - array(array(), false, null), - array(array(1, 2, 3), false, null), - array(true, false, null), - array(false, false, null)); - } - - /** - * Test for PMA_isValid - * - * @param mixed $var Variable to check - * @param mixed $type Type - * @param mixed $compare Compared value - * - * @return void - * - * @dataProvider providerNoVarTypeProvider - */ - public function testNoVarType($var, $type, $compare) - { - $this->assertTrue(PMA_isValid($var, $type, $compare)); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testVarNotSetAfterTest() - { - PMA_isValid($var); - $this->assertFalse(isset($var)); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testNotSet() - { - $this->assertFalse(PMA_isValid($var)); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testEmptyString() - { - $var = ''; - $this->assertFalse(PMA_isValid($var)); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testNotEmptyString() - { - $var = '0'; - $this->assertTrue(PMA_isValid($var)); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testZero() - { - $var = 0; - $this->assertTrue(PMA_isValid($var)); - $this->assertTrue(PMA_isValid($var, 'int')); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testNullFail() - { - $var = null; - $this->assertFalse(PMA_isValid($var)); - - $var = 'null_text'; - $this->assertFalse(PMA_isValid($var, 'null')); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testNotSetArray() - { - /** @var $array undefined array */ - $this->assertFalse(PMA_isValid($array['x'])); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testScalarString() - { - $var = 'string'; - $this->assertTrue(PMA_isValid($var, 'len')); - $this->assertTrue(PMA_isValid($var, 'scalar')); - $this->assertTrue(PMA_isValid($var)); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testScalarInt() - { - $var = 1; - $this->assertTrue(PMA_isValid($var, 'int')); - $this->assertTrue(PMA_isValid($var, 'scalar')); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testScalarFloat() - { - $var = 1.1; - $this->assertTrue(PMA_isValid($var, 'float')); - $this->assertTrue(PMA_isValid($var, 'double')); - $this->assertTrue(PMA_isValid($var, 'scalar')); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testScalarBool() - { - $var = true; - $this->assertTrue(PMA_isValid($var, 'scalar')); - $this->assertTrue(PMA_isValid($var, 'bool')); - $this->assertTrue(PMA_isValid($var, 'boolean')); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testNotScalarArray() - { - $var = array('test'); - $this->assertFalse(PMA_isValid($var, 'scalar')); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testNotScalarNull() - { - $var = null; - $this->assertFalse(PMA_isValid($var, 'scalar')); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testNumericInt() - { - $var = 1; - $this->assertTrue(PMA_isValid($var, 'numeric')); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testNumericFloat() - { - $var = 1.1; - $this->assertTrue(PMA_isValid($var, 'numeric')); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testNumericZero() - { - $var = 0; - $this->assertTrue(PMA_isValid($var, 'numeric')); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testNumericString() - { - $var = '+0.1'; - $this->assertTrue(PMA_isValid($var, 'numeric')); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testValueInArray() - { - $var = 'a'; - $this->assertTrue(PMA_isValid($var, array('a', 'b',))); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testValueNotInArray() - { - $var = 'c'; - $this->assertFalse(PMA_isValid($var, array('a', 'b',))); - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testNumericIdentical() - { - $var = 1; - $compare = 1; - $this->assertTrue(PMA_isValid($var, 'identic', $compare)); - - $var = 1; - $compare += 2; - $this->assertFalse(PMA_isValid($var, 'identic', $compare)); - - $var = 1; - $compare = '1'; - $this->assertFalse(PMA_isValid($var, 'identic', $compare)); - } - - /** - * Data provider for testSimilarType - * - * @return array - */ - public function providerSimilarType() - { - return array( - array(1, 1), - array(1.5, 1.5), - array(true, true), - array('string', "string"), - array(array(1, 2, 3.4), array(1, 2, 3.4)), - array(array(1, '2', '3.4', 5, 'text'), array('1', '2', 3.4,'5')) - ); - } - - /** - * Test for PMA_isValid - * - * @param mixed $var Variable - * @param mixed $compare Compare - * - * @return void - * - * @dataProvider providerSimilarType - */ - public function testSimilarType($var, $compare) - { - $this->assertTrue(PMA_isValid($var, 'similar', $compare)); - $this->assertTrue(PMA_isValid($var, 'equal', $compare)); - $this->assertTrue(PMA_isValid($compare, 'similar', $var)); - $this->assertTrue(PMA_isValid($compare, 'equal', $var)); - - } - - /** - * Test for PMA_isValid - * - * @return void - */ - public function testOtherTypes() - { - $var = new PMA_isValid_test(); - $this->assertFalse(PMA_isValid($var, 'class')); - } - -} - diff --git a/test/libraries/core/PMA_safeUnserialize_test.php b/test/libraries/core/PMA_safeUnserialize_test.php deleted file mode 100644 index f589361b93..0000000000 --- a/test/libraries/core/PMA_safeUnserialize_test.php +++ /dev/null @@ -1,56 +0,0 @@ -<?php -/* vim: set expandtab sw=4 ts=4 sts=4: */ -/** - * Test for PMA_safeUnserialize - * - * @package PhpMyAdmin-test - */ - -/* - * Include to test. - */ -require_once 'libraries/core.lib.php'; - -class PMA_safeUnserialize_test extends PHPUnit_Framework_TestCase -{ - /** - * Test for unserializing - * - * @param string $data Serialized data - * @param mixed $expected Expected result - * - * @return void - * - * @dataProvider provideMySQLHosts - */ - function testSanitizeMySQLHost($data, $expected) - { - $this->assertEquals( - $expected, - PMA_safeUnserialize($data) - ); - } - - /** - * Test data provider - * - * @return array - */ - function provideMySQLHosts() - { - return array( - array('s:6:"foobar";', 'foobar'), - array('foobar', null), - array('b:0;', false), - array('O:1:"a":1:{s:5:"value";s:3:"100";}', null), - array('O:8:"stdClass":1:{s:5:"field";O:8:"stdClass":0:{}}', null), - array('a:2:{i:0;s:90:"1234567890;a345678901234567890123456789012345678901234567890123456789012345678901234567890";i:1;O:8:"stdClass":0:{}}', null), - array(serialize(array(1, 2, 3)), array(1, 2, 3)), - array(serialize('string""'), 'string""'), - array(serialize(array('foo' => 'bar')), array('foo' => 'bar')), - array(serialize(array('1', new stdClass(), '2')), null), - ); - } - -} - diff --git a/test/libraries/core/PMA_sanitizeMySQLHost_test.php b/test/libraries/core/PMA_sanitizeMySQLHost_test.php deleted file mode 100644 index d17ca530d0..0000000000 --- a/test/libraries/core/PMA_sanitizeMySQLHost_test.php +++ /dev/null @@ -1,49 +0,0 @@ -<?php -/* vim: set expandtab sw=4 ts=4 sts=4: */ -/** - * Test for PMA_sanitizeMySQLHost - * - * @package PhpMyAdmin-test - */ - -/* - * Include to test. - */ -require_once 'libraries/core.lib.php'; - -class PMA_sanitizeMySQLHost_test extends PHPUnit_Framework_TestCase -{ - /** - * Test for MySQL host sanitizing - * - * @param string $host Test host name - * @param string $expected Expected result - * - * @return void - * - * @dataProvider provideMySQLHosts - */ - function testSanitizeMySQLHost($host, $expected) - { - $this->assertEquals( - $expected, - PMA_sanitizeMySQLHost($host) - ); - } - - /** - * Test data provider - * - * @return array - */ - function provideMySQLHosts() - { - return array( - array('p:foo.bar', 'foo.bar'), - array('p:p:foo.bar', 'foo.bar'), - array('bar.baz', 'bar.baz'), - array('P:example.com', 'example.com'), - ); - } - -} diff --git a/test/libraries/core/PMA_securePath_test.php b/test/libraries/core/PMA_securePath_test.php deleted file mode 100644 index c3663b8ea4..0000000000 --- a/test/libraries/core/PMA_securePath_test.php +++ /dev/null @@ -1,38 +0,0 @@ -<?php -/* vim: set expandtab sw=4 ts=4 sts=4: */ -/** - * PMA_securePath changes .. to . - * - * @package PhpMyAdmin-test - */ - - -/** - * Test for securing path. - * - * @package PhpMyAdmin-test - */ -class PMA_SecurePath extends PHPUnit_Framework_TestCase -{ - /** - * Test for replacing dots. - * - * @return void - */ - public function testReplaceDots() - { - $this->assertEquals( - PMA_securePath('../../../etc/passwd'), - './././etc/passwd' - ); - $this->assertEquals( - PMA_securePath('/var/www/../phpmyadmin'), - '/var/www/./phpmyadmin' - ); - $this->assertEquals( - PMA_securePath('./path/with..dots/../../file..php'), - './path/with.dots/././file.php' - ); - } - -} diff --git a/test/libraries/core/PMA_warnMissingExtension_test.php b/test/libraries/core/PMA_warnMissingExtension_test.php deleted file mode 100644 index 95cdbdbcdf..0000000000 --- a/test/libraries/core/PMA_warnMissingExtension_test.php +++ /dev/null @@ -1,83 +0,0 @@ -<?php -/* vim: set expandtab sw=4 ts=4 sts=4: */ -/** - * PMA_warnMissingExtension warns or fails on missing extension. - * - * @package PhpMyAdmin-test - */ - -/* - * Include to test. - */ -use PMA\libraries\Theme; - -/** - * PMA_warnMissingExtension warns or fails on missing extension. - * - * @package PhpMyAdmin-test - */ -class PMA_WarnMissingExtension_Test extends PHPUnit_Framework_TestCase -{ - /** - * Set up - * - * @return void - */ - public function setUp() - { - $GLOBALS['PMA_Config'] = new PMA\libraries\Config(); - $GLOBALS['PMA_Config']->enableBc(); - $GLOBALS['cfg']['Server'] = array( - 'host' => 'host', - 'verbose' => 'verbose', - ); - $GLOBALS['cfg']['OBGzip'] = false; - $GLOBALS['pmaThemePath'] = $_SESSION['PMA_Theme']->getPath(); - $GLOBALS['server'] = 1; - $GLOBALS['db'] = ''; - $GLOBALS['table'] = ''; - - include_once './libraries/ErrorHandler.php'; - $GLOBALS['error_handler'] = new PMA\libraries\ErrorHandler(); - } - - /** - * Test for PMA_warnMissingExtension - * - * @return void - */ - function testMissingExtensionFatal() - { - $ext = 'php_ext'; - $warn = 'The <a href="' . PMA_getPHPDocLink('book.' . $ext . '.php') - . '" target="Documentation"><em>' . $ext - . '</em></a> extension is missing. Please check your PHP configuration.'; - - $this->expectOutputRegex('@' . preg_quote($warn, '@') . '@'); - - PMA_warnMissingExtension($ext, true); - } - - /** - * Test for PMA_warnMissingExtension - * - * @return void - */ - function testMissingExtensionFatalWithExtra() - { - $ext = 'php_ext'; - $extra = 'Appended Extra String'; - - $warn = 'The <a href="' . PMA_getPHPDocLink('book.' . $ext . '.php') - . '" target="Documentation"><em>' . $ext - . '</em></a> extension is missing. Please check your PHP configuration.' - . ' ' . $extra; - - ob_start(); - PMA_warnMissingExtension($ext, true, $extra); - $printed = ob_get_contents(); - ob_end_clean(); - - $this->assertGreaterThan(0, mb_strpos($printed, $warn)); - } -} diff --git a/themes.php b/themes.php index e57e34f37b..e159deedb8 100644 --- a/themes.php +++ b/themes.php @@ -5,6 +5,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\ThemeManager; use PMA\libraries\Response; @@ -21,7 +23,7 @@ $header->setTitle('phpMyAdmin - ' . __('Theme')); $header->disableMenuAndConsole(); $hash = '#pma_' . preg_replace('/([0-9]*)\.([0-9]*)\..*/', '\1_\2', PMA_VERSION); -$url = PMA_linkURL('https://www.phpmyadmin.net/themes/') . $hash; +$url = Core::linkURL('https://www.phpmyadmin.net/themes/') . $hash; $output = '<h1>phpMyAdmin - ' . __('Theme') . '</h1>'; $output .= '<p>'; $output .= '<a href="' . $url . '" rel="noopener noreferrer" target="_blank">'; diff --git a/transformation_wrapper.php b/transformation_wrapper.php index 3172a1faf5..cd80b36620 100644 --- a/transformation_wrapper.php +++ b/transformation_wrapper.php @@ -6,6 +6,7 @@ * @package PhpMyAdmin */ +use PMA\libraries\Core; use PMA\libraries\Response; use PMA\libraries\Transformations; @@ -111,7 +112,7 @@ if (isset($ct) && ! empty($ct)) { . (isset($mime_options['charset']) ? $mime_options['charset'] : ''); } -PMA_downloadHeader($cn, $mime_type); +Core::downloadHeader($cn, $mime_type); if (! isset($_REQUEST['resize'])) { if (stripos($mime_type, 'html') === false) { @@ -5,6 +5,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\Sanitize; use PMA\libraries\Response; @@ -19,11 +21,11 @@ $response = Response::getInstance(); $response->getHeader()->sendHttpHeaders(); $response->disable(); -if (! PMA_isValid($_REQUEST['url']) +if (! Core::isValid($_REQUEST['url']) || ! preg_match('/^https:\/\/[^\n\r]*$/', $_REQUEST['url']) - || ! PMA_isAllowedDomain($_REQUEST['url']) + || ! Core::isAllowedDomain($_REQUEST['url']) ) { - PMA_sendHeaderLocation('./'); + Core::sendHeaderLocation('./'); } else { // JavaScript redirection is necessary. Because if header() is used // then web browser sometimes does not change the HTTP_REFERER diff --git a/user_password.php b/user_password.php index 5cd725cd4e..413bea3e9d 100644 --- a/user_password.php +++ b/user_password.php @@ -6,6 +6,8 @@ * * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\URL; use PMA\libraries\Response; @@ -203,7 +205,7 @@ function PMA_changePassword($password, $message, $change_password_message) */ function PMA_changePassHashingFunction() { - if (PMA_isValid( + if (Core::isValid( $_REQUEST['authentication_plugin'], 'identical', 'mysql_old_password' )) { $hashing_function = 'OLD_PASSWORD'; diff --git a/version_check.php b/version_check.php index c62d128e8c..ac06b80cd5 100644 --- a/version_check.php +++ b/version_check.php @@ -6,7 +6,7 @@ * @package PhpMyAdmin */ -// Sets up the session +use PMA\libraries\Core; use PMA\libraries\VersionInformation; use PMA\libraries\Response; @@ -18,7 +18,7 @@ require_once 'libraries/common.inc.php'; Response::getInstance()->disable(); // Always send the correct headers -PMA_headerJSON(); +Core::headerJSON(); $versionInformation = new VersionInformation(); $versionDetails = $versionInformation->getLatestVersion(); diff --git a/view_create.php b/view_create.php index 8fca46c9af..2b865b450a 100644 --- a/view_create.php +++ b/view_create.php @@ -7,6 +7,8 @@ * @todo (also validate if js is disabled, after form submission?) * @package PhpMyAdmin */ + +use PMA\libraries\Core; use PMA\libraries\URL; use PMA\libraries\Response; @@ -69,7 +71,7 @@ if (isset($_REQUEST['createview']) || isset($_REQUEST['alterview'])) { $sql_query = 'ALTER'; } - if (PMA_isValid($_REQUEST['view']['algorithm'], $view_algorithm_options)) { + if (Core::isValid($_REQUEST['view']['algorithm'], $view_algorithm_options)) { $sql_query .= $sep . ' ALGORITHM = ' . $_REQUEST['view']['algorithm']; } @@ -185,7 +187,7 @@ $view = array( 'with' => '', ); -if (PMA_isValid($_REQUEST['view'], 'array')) { +if (Core::isValid($_REQUEST['view'], 'array')) { $view = array_merge($view, $_REQUEST['view']); } |