| Server IP : 85.214.239.14 / Your IP : 3.147.44.55 Web Server : Apache/2.4.61 (Debian) System : Linux h2886529.stratoserver.net 4.9.0 #1 SMP Tue Jan 9 19:45:01 MSK 2024 x86_64 User : www-data ( 33) PHP Version : 7.4.18 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, MySQL : OFF | cURL : OFF | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : OFF Directory : /var/www/wordpress/phpMyAdmin/libraries/classes/ |
Upload File : |
<?php
/* vim: set expandtab sw=4 ts=4 sts=4: */
/**
* Configuration handling.
*
* @package PhpMyAdmin
*/
declare(strict_types=1);
namespace PhpMyAdmin;
use DirectoryIterator;
use PhpMyAdmin\Config;
use PhpMyAdmin\Core;
use PhpMyAdmin\Error;
use PhpMyAdmin\LanguageManager;
use PhpMyAdmin\Message;
use PhpMyAdmin\ThemeManager;
use PhpMyAdmin\Url;
use PhpMyAdmin\UserPreferences;
use PhpMyAdmin\Util;
use PhpMyAdmin\Utils\HttpRequest;
/**
* Indication for error handler (see end of this file).
*/
$GLOBALS['pma_config_loading'] = false;
/**
* Configuration class
*
* @package PhpMyAdmin
*/
class Config
{
/**
* @var string default config source
*/
public $default_source = ROOT_PATH . 'libraries/config.default.php';
/**
* @var array default configuration settings
*/
public $default = [];
/**
* @var array configuration settings, without user preferences applied
*/
public $base_settings = [];
/**
* @var array configuration settings
*/
public $settings = [];
/**
* @var string config source
*/
public $source = '';
/**
* @var int source modification time
*/
public $source_mtime = 0;
public $default_source_mtime = 0;
public $set_mtime = 0;
/**
* @var boolean
*/
public $error_config_file = false;
/**
* @var boolean
*/
public $error_config_default_file = false;
/**
* @var array
*/
public $default_server = [];
/**
* @var boolean whether init is done or not
* set this to false to force some initial checks
* like checking for required functions
*/
public $done = false;
/**
* constructor
*
* @param string $source source to read config from
*/
public function __construct(?string $source = null)
{
$this->settings = ['is_setup' => false];
// functions need to refresh in case of config file changed goes in
// PhpMyAdmin\Config::load()
$this->load($source);
// other settings, independent from config file, comes in
$this->checkSystem();
$this->base_settings = $this->settings;
}
/**
* sets system and application settings
*
* @return void
*/
public function checkSystem(): void
{
$this->set('PMA_VERSION', '5.0.2');
/* Major version */
$this->set(
'PMA_MAJOR_VERSION',
implode('.', array_slice(explode('.', $this->get('PMA_VERSION'), 3), 0, 2))
);
$this->checkWebServerOs();
$this->checkWebServer();
$this->checkGd2();
$this->checkClient();
$this->checkUpload();
$this->checkUploadSize();
$this->checkOutputCompression();
}
/**
* whether to use gzip output compression or not
*
* @return void
*/
public function checkOutputCompression(): void
{
// If zlib output compression is set in the php configuration file, no
// output buffering should be run
if (ini_get('zlib.output_compression')) {
$this->set('OBGzip', false);
}
// enable output-buffering (if set to 'auto')
if (strtolower((string) $this->get('OBGzip')) == 'auto') {
$this->set('OBGzip', true);
}
}
/**
* Sets the client platform based on user agent
*
* @param string $user_agent the user agent
*
* @return void
*/
private function _setClientPlatform(string $user_agent): void
{
if (mb_strstr($user_agent, 'Win')) {
$this->set('PMA_USR_OS', 'Win');
} elseif (mb_strstr($user_agent, 'Mac')) {
$this->set('PMA_USR_OS', 'Mac');
} elseif (mb_strstr($user_agent, 'Linux')) {
$this->set('PMA_USR_OS', 'Linux');
} elseif (mb_strstr($user_agent, 'Unix')) {
$this->set('PMA_USR_OS', 'Unix');
} elseif (mb_strstr($user_agent, 'OS/2')) {
$this->set('PMA_USR_OS', 'OS/2');
} else {
$this->set('PMA_USR_OS', 'Other');
}
}
/**
* Determines platform (OS), browser and version of the user
* Based on a phpBuilder article:
*
* @see http://www.phpbuilder.net/columns/tim20000821.php
*
* @return void
*/
public function checkClient(): void
{
if (Core::getenv('HTTP_USER_AGENT')) {
$HTTP_USER_AGENT = Core::getenv('HTTP_USER_AGENT');
} else {
$HTTP_USER_AGENT = '';
}
// 1. Platform
$this->_setClientPlatform($HTTP_USER_AGENT);
// 2. browser and version
// (must check everything else before Mozilla)
$is_mozilla = preg_match(
'@Mozilla/([0-9]\.[0-9]{1,2})@',
$HTTP_USER_AGENT,
$mozilla_version
);
if (preg_match(
'@Opera(/| )([0-9]\.[0-9]{1,2})@',
$HTTP_USER_AGENT,
$log_version
)) {
$this->set('PMA_USR_BROWSER_VER', $log_version[2]);
$this->set('PMA_USR_BROWSER_AGENT', 'OPERA');
} elseif (preg_match(
'@(MS)?IE ([0-9]{1,2}\.[0-9]{1,2})@',
$HTTP_USER_AGENT,
$log_version
)) {
$this->set('PMA_USR_BROWSER_VER', $log_version[2]);
$this->set('PMA_USR_BROWSER_AGENT', 'IE');
} elseif (preg_match(
'@Trident/(7)\.0@',
$HTTP_USER_AGENT,
$log_version
)) {
$this->set('PMA_USR_BROWSER_VER', intval($log_version[1]) + 4);
$this->set('PMA_USR_BROWSER_AGENT', 'IE');
} elseif (preg_match(
'@OmniWeb/([0-9]{1,3})@',
$HTTP_USER_AGENT,
$log_version
)) {
$this->set('PMA_USR_BROWSER_VER', $log_version[1]);
$this->set('PMA_USR_BROWSER_AGENT', 'OMNIWEB');
// Konqueror 2.2.2 says Konqueror/2.2.2
// Konqueror 3.0.3 says Konqueror/3
} elseif (preg_match(
'@(Konqueror/)(.*)(;)@',
$HTTP_USER_AGENT,
$log_version
)) {
$this->set('PMA_USR_BROWSER_VER', $log_version[2]);
$this->set('PMA_USR_BROWSER_AGENT', 'KONQUEROR');
// must check Chrome before Safari
} elseif ($is_mozilla
&& preg_match('@Chrome/([0-9.]*)@', $HTTP_USER_AGENT, $log_version)
) {
$this->set('PMA_USR_BROWSER_VER', $log_version[1]);
$this->set('PMA_USR_BROWSER_AGENT', 'CHROME');
// newer Safari
} elseif ($is_mozilla
&& preg_match('@Version/(.*) Safari@', $HTTP_USER_AGENT, $log_version)
) {
$this->set(
'PMA_USR_BROWSER_VER',
$log_version[1]
);
$this->set('PMA_USR_BROWSER_AGENT', 'SAFARI');
// older Safari
} elseif ($is_mozilla
&& preg_match('@Safari/([0-9]*)@', $HTTP_USER_AGENT, $log_version)
) {
$this->set(
'PMA_USR_BROWSER_VER',
$mozilla_version[1] . '.' . $log_version[1]
);
$this->set('PMA_USR_BROWSER_AGENT', 'SAFARI');
// Firefox
} elseif (! mb_strstr($HTTP_USER_AGENT, 'compatible')
&& preg_match('@Firefox/([\w.]+)@', $HTTP_USER_AGENT, $log_version)
) {
$this->set(
'PMA_USR_BROWSER_VER',
$log_version[1]
);
$this->set('PMA_USR_BROWSER_AGENT', 'FIREFOX');
} elseif (preg_match('@rv:1\.9(.*)Gecko@', $HTTP_USER_AGENT)) {
$this->set('PMA_USR_BROWSER_VER', '1.9');
$this->set('PMA_USR_BROWSER_AGENT', 'GECKO');
} elseif ($is_mozilla) {
$this->set('PMA_USR_BROWSER_VER', $mozilla_version[1]);
$this->set('PMA_USR_BROWSER_AGENT', 'MOZILLA');
} else {
$this->set('PMA_USR_BROWSER_VER', 0);
$this->set('PMA_USR_BROWSER_AGENT', 'OTHER');
}
}
/**
* Whether GD2 is present
*
* @return void
*/
public function checkGd2(): void
{
if ($this->get('GD2Available') == 'yes') {
$this->set('PMA_IS_GD2', 1);
return;
}
if ($this->get('GD2Available') == 'no') {
$this->set('PMA_IS_GD2', 0);
return;
}
if (! function_exists('imagecreatetruecolor')) {
$this->set('PMA_IS_GD2', 0);
return;
}
if (function_exists('gd_info')) {
$gd_nfo = gd_info();
if (mb_strstr($gd_nfo["GD Version"], '2.')) {
$this->set('PMA_IS_GD2', 1);
} else {
$this->set('PMA_IS_GD2', 0);
}
} else {
$this->set('PMA_IS_GD2', 0);
}
}
/**
* Whether the Web server php is running on is IIS
*
* @return void
*/
public function checkWebServer(): void
{
// some versions return Microsoft-IIS, some Microsoft/IIS
// we could use a preg_match() but it's slower
if (Core::getenv('SERVER_SOFTWARE')
&& false !== stripos(Core::getenv('SERVER_SOFTWARE'), 'Microsoft')
&& false !== stripos(Core::getenv('SERVER_SOFTWARE'), 'IIS')
) {
$this->set('PMA_IS_IIS', 1);
} else {
$this->set('PMA_IS_IIS', 0);
}
}
/**
* Whether the os php is running on is windows or not
*
* @return void
*/
public function checkWebServerOs(): void
{
// Default to Unix or Equiv
$this->set('PMA_IS_WINDOWS', 0);
// If PHP_OS is defined then continue
if (defined('PHP_OS')) {
if (false !== stripos(PHP_OS, 'win') && false === stripos(PHP_OS, 'darwin')) {
// Is it some version of Windows
$this->set('PMA_IS_WINDOWS', 1);
} elseif (false !== stripos(PHP_OS, 'OS/2')) {
// Is it OS/2 (No file permissions like Windows)
$this->set('PMA_IS_WINDOWS', 1);
}
}
}
/**
* detects if Git revision
* @param string $git_location (optional) verified git directory
* @return boolean
*/
public function isGitRevision(&$git_location = null): bool
{
// PMA config check
if (! $this->get('ShowGitRevision')) {
return false;
}
// caching
if (isset($_SESSION['is_git_revision'])
&& array_key_exists('git_location', $_SESSION)
) {
// Define location using cached value
$git_location = $_SESSION['git_location'];
return $_SESSION['is_git_revision'];
}
// find out if there is a .git folder
// or a .git file (--separate-git-dir)
$git = '.git';
if (is_dir($git)) {
if (@is_file($git . '/config')) {
$git_location = $git;
} else {
$_SESSION['git_location'] = null;
$_SESSION['is_git_revision'] = false;
return false;
}
} elseif (is_file($git)) {
$contents = file_get_contents($git);
$gitmatch = [];
// Matches expected format
if (! preg_match(
'/^gitdir: (.*)$/',
$contents,
$gitmatch
)) {
$_SESSION['git_location'] = null;
$_SESSION['is_git_revision'] = false;
return false;
} elseif (@is_dir($gitmatch[1])) {
//Detected git external folder location
$git_location = $gitmatch[1];
} else {
$_SESSION['git_location'] = null;
$_SESSION['is_git_revision'] = false;
return false;
}
} else {
$_SESSION['git_location'] = null;
$_SESSION['is_git_revision'] = false;
return false;
}
// Define session for caching
$_SESSION['git_location'] = $git_location;
$_SESSION['is_git_revision'] = true;
return true;
}
/**
* detects Git revision, if running inside repo
*
* @return void
*/
public function checkGitRevision(): void
{
// find out if there is a .git folder
$git_folder = '';
if (! $this->isGitRevision($git_folder)) {
$this->set('PMA_VERSION_GIT', 0);
return;
}
if (! $ref_head = @file_get_contents($git_folder . '/HEAD')) {
$this->set('PMA_VERSION_GIT', 0);
return;
}
if ($common_dir_contents = @file_get_contents($git_folder . '/commondir')) {
$git_folder = $git_folder . DIRECTORY_SEPARATOR . trim($common_dir_contents);
}
$branch = false;
// are we on any branch?
if (false !== strpos($ref_head, '/')) {
// remove ref: prefix
$ref_head = substr(trim($ref_head), 5);
if (substr($ref_head, 0, 11) === 'refs/heads/') {
$branch = substr($ref_head, 11);
} else {
$branch = basename($ref_head);
}
$ref_file = $git_folder . '/' . $ref_head;
if (@file_exists($ref_file)) {
$hash = @file_get_contents($ref_file);
if (! $hash) {
$this->set('PMA_VERSION_GIT', 0);
return;
}
$hash = trim($hash);
} else {
// deal with packed refs
$packed_refs = @file_get_contents($git_folder . '/packed-refs');
if (! $packed_refs) {
$this->set('PMA_VERSION_GIT', 0);
return;
}
// split file to lines
$ref_lines = explode(PHP_EOL, $packed_refs);
foreach ($ref_lines as $line) {
// skip comments
if ($line[0] == '#') {
continue;
}
// parse line
$parts = explode(' ', $line);
// care only about named refs
if (count($parts) != 2) {
continue;
}
// have found our ref?
if ($parts[1] == $ref_head) {
$hash = $parts[0];
break;
}
}
if (! isset($hash)) {
$this->set('PMA_VERSION_GIT', 0);
// Could not find ref
return;
}
}
} else {
$hash = trim($ref_head);
}
$commit = false;
if (! preg_match('/^[0-9a-f]{40}$/i', $hash)) {
$commit = false;
} elseif (isset($_SESSION['PMA_VERSION_COMMITDATA_' . $hash])) {
$commit = $_SESSION['PMA_VERSION_COMMITDATA_' . $hash];
} elseif (function_exists('gzuncompress')) {
$git_file_name = $git_folder . '/objects/'
. substr($hash, 0, 2) . '/' . substr($hash, 2);
if (@file_exists($git_file_name)) {
if (! $commit = @file_get_contents($git_file_name)) {
$this->set('PMA_VERSION_GIT', 0);
return;
}
$commit = explode("\0", gzuncompress($commit), 2);
$commit = explode("\n", $commit[1]);
$_SESSION['PMA_VERSION_COMMITDATA_' . $hash] = $commit;
} else {
$pack_names = [];
// work with packed data
$packs_file = $git_folder . '/objects/info/packs';
if (@file_exists($packs_file)
&& $packs = @file_get_contents($packs_file)
) {
// File exists. Read it, parse the file to get the names of the
// packs. (to look for them in .git/object/pack directory later)
foreach (explode("\n", $packs) as $line) {
// skip blank lines
if (strlen(trim($line)) == 0) {
continue;
}
// skip non pack lines
if ($line[0] != 'P') {
continue;
}
// parse names
$pack_names[] = substr($line, 2);
}
} else {
// '.git/objects/info/packs' file can be missing
// (atlease in mysGit)
// File missing. May be we can look in the .git/object/pack
// directory for all the .pack files and use that list of
// files instead
$dirIterator = new DirectoryIterator(
$git_folder . '/objects/pack'
);
foreach ($dirIterator as $file_info) {
$file_name = $file_info->getFilename();
// if this is a .pack file
if ($file_info->isFile() && substr($file_name, -5) == '.pack'
) {
$pack_names[] = $file_name;
}
}
}
$hash = strtolower($hash);
foreach ($pack_names as $pack_name) {
$index_name = str_replace('.pack', '.idx', $pack_name);
// load index
$index_data = @file_get_contents(
$git_folder . '/objects/pack/' . $index_name
);
if (! $index_data) {
continue;
}
// check format
if (substr($index_data, 0, 4) != "\377tOc") {
continue;
}
// check version
$version = unpack('N', substr($index_data, 4, 4));
if ($version[1] != 2) {
continue;
}
// parse fanout table
$fanout = unpack(
"N*",
substr($index_data, 8, 256 * 4)
);
// find where we should search
$firstbyte = intval(substr($hash, 0, 2), 16);
// array is indexed from 1 and we need to get
// previous entry for start
if ($firstbyte == 0) {
$start = 0;
} else {
$start = $fanout[$firstbyte];
}
$end = $fanout[$firstbyte + 1];
// stupid linear search for our sha
$found = false;
$offset = 8 + (256 * 4);
for ($position = $start; $position < $end; $position++) {
$sha = strtolower(
bin2hex(
substr($index_data, $offset + ($position * 20), 20)
)
);
if ($sha == $hash) {
$found = true;
break;
}
}
if (! $found) {
continue;
}
// read pack offset
$offset = 8 + (256 * 4) + (24 * $fanout[256]);
$pack_offset = unpack(
'N',
substr($index_data, $offset + ($position * 4), 4)
);
$pack_offset = $pack_offset[1];
// open pack file
$pack_file = fopen(
$git_folder . '/objects/pack/' . $pack_name,
'rb'
);
if ($pack_file === false) {
continue;
}
// seek to start
fseek($pack_file, $pack_offset);
// parse header
$header = ord(fread($pack_file, 1));
$type = ($header >> 4) & 7;
$hasnext = ($header & 128) >> 7;
$size = $header & 0xf;
$offset = 4;
while ($hasnext) {
$byte = ord(fread($pack_file, 1));
$size |= ($byte & 0x7f) << $offset;
$hasnext = ($byte & 128) >> 7;
$offset += 7;
}
// we care only about commit objects
if ($type != 1) {
continue;
}
// read data
$commit = fread($pack_file, $size);
$commit = gzuncompress($commit);
$commit = explode("\n", $commit);
$_SESSION['PMA_VERSION_COMMITDATA_' . $hash] = $commit;
fclose($pack_file);
}
}
}
$httpRequest = new HttpRequest();
// check if commit exists in Github
if ($commit !== false
&& isset($_SESSION['PMA_VERSION_REMOTECOMMIT_' . $hash])
) {
$is_remote_commit = $_SESSION['PMA_VERSION_REMOTECOMMIT_' . $hash];
} else {
$link = 'https://www.phpmyadmin.net/api/commit/' . $hash . '/';
$is_found = $httpRequest->create($link, 'GET');
switch ($is_found) {
case false:
$is_remote_commit = false;
$_SESSION['PMA_VERSION_REMOTECOMMIT_' . $hash] = false;
break;
case null:
// no remote link for now, but don't cache this as Github is down
$is_remote_commit = false;
break;
default:
$is_remote_commit = true;
$_SESSION['PMA_VERSION_REMOTECOMMIT_' . $hash] = true;
if ($commit === false) {
// if no local commit data, try loading from Github
$commit_json = json_decode($is_found);
}
break;
}
}
$is_remote_branch = false;
if ($is_remote_commit && $branch !== false) {
// check if branch exists in Github
if (isset($_SESSION['PMA_VERSION_REMOTEBRANCH_' . $hash])) {
$is_remote_branch = $_SESSION['PMA_VERSION_REMOTEBRANCH_' . $hash];
} else {
$link = 'https://www.phpmyadmin.net/api/tree/' . $branch . '/';
$is_found = $httpRequest->create($link, 'GET', true);
switch ($is_found) {
case true:
$is_remote_branch = true;
$_SESSION['PMA_VERSION_REMOTEBRANCH_' . $hash] = true;
break;
case false:
$is_remote_branch = false;
$_SESSION['PMA_VERSION_REMOTEBRANCH_' . $hash] = false;
break;
case null:
// no remote link for now, but don't cache this as Github is down
$is_remote_branch = false;
break;
}
}
}
if ($commit !== false) {
$author = [
'name' => '',
'email' => '',
'date' => '',
];
$committer = [
'name' => '',
'email' => '',
'date' => '',
];
do {
$dataline = array_shift($commit);
$datalinearr = explode(' ', $dataline, 2);
$linetype = $datalinearr[0];
if (in_array($linetype, ['author', 'committer'])) {
$user = $datalinearr[1];
preg_match('/([^<]+)<([^>]+)> ([0-9]+)( [^ ]+)?/', $user, $user);
$user2 = [
'name' => trim($user[1]),
'email' => trim($user[2]),
'date' => date('Y-m-d H:i:s', (int) $user[3]),
];
if (isset($user[4])) {
$user2['date'] .= $user[4];
}
$$linetype = $user2;
}
} while ($dataline != '');
$message = trim(implode(' ', $commit));
} elseif (isset($commit_json) && isset($commit_json->author) && isset($commit_json->committer) && isset($commit_json->message)) {
$author = [
'name' => $commit_json->author->name,
'email' => $commit_json->author->email,
'date' => $commit_json->author->date,
];
$committer = [
'name' => $commit_json->committer->name,
'email' => $commit_json->committer->email,
'date' => $commit_json->committer->date,
];
$message = trim($commit_json->message);
} else {
$this->set('PMA_VERSION_GIT', 0);
return;
}
$this->set('PMA_VERSION_GIT', 1);
$this->set('PMA_VERSION_GIT_COMMITHASH', $hash);
$this->set('PMA_VERSION_GIT_BRANCH', $branch);
$this->set('PMA_VERSION_GIT_MESSAGE', $message);
$this->set('PMA_VERSION_GIT_AUTHOR', $author);
$this->set('PMA_VERSION_GIT_COMMITTER', $committer);
$this->set('PMA_VERSION_GIT_ISREMOTECOMMIT', $is_remote_commit);
$this->set('PMA_VERSION_GIT_ISREMOTEBRANCH', $is_remote_branch);
}
/**
* loads default values from default source
*
* @return boolean success
*/
public function loadDefaults(): bool
{
$cfg = [];
if (! @file_exists($this->default_source)) {
$this->error_config_default_file = true;
return false;
}
$canUseErrorReporting = function_exists('error_reporting');
$oldErrorReporting = null;
if ($canUseErrorReporting) {
$oldErrorReporting = error_reporting(0);
}
ob_start();
$GLOBALS['pma_config_loading'] = true;
$eval_result = include $this->default_source;
$GLOBALS['pma_config_loading'] = false;
ob_end_clean();
if ($canUseErrorReporting) {
error_reporting($oldErrorReporting);
}
if ($eval_result === false) {
$this->error_config_default_file = true;
return false;
}
$this->default_source_mtime = filemtime($this->default_source);
$this->default_server = $cfg['Servers'][1];
unset($cfg['Servers']);
$this->default = $cfg;
$this->settings = array_replace_recursive($this->settings, $cfg);
$this->error_config_default_file = false;
return true;
}
/**
* loads configuration from $source, usually the config file
* should be called on object creation
*
* @param string $source config file
*
* @return bool
*/
public function load(?string $source = null): bool
{
$this->loadDefaults();
if (null !== $source) {
$this->setSource($source);
}
if (! $this->checkConfigSource()) {
return false;
}
$cfg = [];
/**
* Parses the configuration file, we throw away any errors or
* output.
*/
$canUseErrorReporting = function_exists('error_reporting');
$oldErrorReporting = null;
if ($canUseErrorReporting) {
$oldErrorReporting = error_reporting(0);
}
ob_start();
$GLOBALS['pma_config_loading'] = true;
$eval_result = include $this->getSource();
$GLOBALS['pma_config_loading'] = false;
ob_end_clean();
if ($canUseErrorReporting) {
error_reporting($oldErrorReporting);
}
if ($eval_result === false) {
$this->error_config_file = true;
} else {
$this->error_config_file = false;
$this->source_mtime = filemtime($this->getSource());
}
/**
* Ignore keys with / as we do not use these
*
* These can be confusing for user configuration layer as it
* flatten array using / and thus don't see difference between
* $cfg['Export/method'] and $cfg['Export']['method'], while rest
* of thre code uses the setting only in latter form.
*
* This could be removed once we consistently handle both values
* in the functional code as well.
*
* It could use array_filter(...ARRAY_FILTER_USE_KEY), but it's not
* supported on PHP 5.5 and HHVM.
*/
$matched_keys = array_filter(
array_keys($cfg),
function ($key) {
return strpos($key, '/') === false;
}
);
$cfg = array_intersect_key($cfg, array_flip($matched_keys));
/**
* Backward compatibility code
*/
if (! empty($cfg['DefaultTabTable'])) {
$cfg['DefaultTabTable'] = str_replace(
[
'tbl_properties.php',
'_properties',
],
[
'tbl_sql.php',
'',
],
$cfg['DefaultTabTable']
);
}
if (! empty($cfg['DefaultTabDatabase'])) {
$cfg['DefaultTabDatabase'] = str_replace(
[
'db_details.php',
'_details',
],
[
'db_sql.php',
'',
],
$cfg['DefaultTabDatabase']
);
}
$this->settings = array_replace_recursive($this->settings, $cfg);
return true;
}
/**
* Sets the connection collation
*
* @return void
*/
private function _setConnectionCollation(): void
{
$collation_connection = $this->get('DefaultConnectionCollation');
if (! empty($collation_connection)
&& $collation_connection != $GLOBALS['collation_connection']
) {
$GLOBALS['dbi']->setCollation($collation_connection);
}
}
/**
* Loads user preferences and merges them with current config
* must be called after control connection has been established
*
* @return void
*/
public function loadUserPreferences(): void
{
$userPreferences = new UserPreferences();
// index.php should load these settings, so that phpmyadmin.css.php
// will have everything available in session cache
$server = isset($GLOBALS['server'])
? $GLOBALS['server']
: (! empty($GLOBALS['cfg']['ServerDefault'])
? $GLOBALS['cfg']['ServerDefault']
: 0);
$cache_key = 'server_' . $server;
if ($server > 0 && ! defined('PMA_MINIMUM_COMMON')) {
$config_mtime = max($this->default_source_mtime, $this->source_mtime);
// cache user preferences, use database only when needed
if (! isset($_SESSION['cache'][$cache_key]['userprefs'])
|| $_SESSION['cache'][$cache_key]['config_mtime'] < $config_mtime
) {
$prefs = $userPreferences->load();
$_SESSION['cache'][$cache_key]['userprefs']
= $userPreferences->apply($prefs['config_data']);
$_SESSION['cache'][$cache_key]['userprefs_mtime'] = $prefs['mtime'];
$_SESSION['cache'][$cache_key]['userprefs_type'] = $prefs['type'];
$_SESSION['cache'][$cache_key]['config_mtime'] = $config_mtime;
}
} elseif ($server == 0
|| ! isset($_SESSION['cache'][$cache_key]['userprefs'])
) {
$this->set('user_preferences', false);
return;
}
$config_data = $_SESSION['cache'][$cache_key]['userprefs'];
// type is 'db' or 'session'
$this->set(
'user_preferences',
$_SESSION['cache'][$cache_key]['userprefs_type']
);
$this->set(
'user_preferences_mtime',
$_SESSION['cache'][$cache_key]['userprefs_mtime']
);
// load config array
$this->settings = array_replace_recursive($this->settings, $config_data);
$GLOBALS['cfg'] = array_replace_recursive($GLOBALS['cfg'], $config_data);
if (defined('PMA_MINIMUM_COMMON')) {
return;
}
// settings below start really working on next page load, but
// changes are made only in index.php so everything is set when
// in frames
// save theme
/** @var ThemeManager $tmanager */
$tmanager = ThemeManager::getInstance();
if ($tmanager->getThemeCookie() || isset($_REQUEST['set_theme'])) {
if ((! isset($config_data['ThemeDefault'])
&& $tmanager->theme->getId() != 'original')
|| isset($config_data['ThemeDefault'])
&& $config_data['ThemeDefault'] != $tmanager->theme->getId()
) {
// new theme was set in common.inc.php
$this->setUserValue(
null,
'ThemeDefault',
$tmanager->theme->getId(),
'original'
);
}
} else {
// no cookie - read default from settings
if ($this->settings['ThemeDefault'] != $tmanager->theme->getId()
&& $tmanager->checkTheme($this->settings['ThemeDefault'])
) {
$tmanager->setActiveTheme($this->settings['ThemeDefault']);
$tmanager->setThemeCookie();
}
}
// save language
if ($this->issetCookie('pma_lang') || isset($_POST['lang'])) {
if ((! isset($config_data['lang'])
&& $GLOBALS['lang'] != 'en')
|| isset($config_data['lang'])
&& $GLOBALS['lang'] != $config_data['lang']
) {
$this->setUserValue(null, 'lang', $GLOBALS['lang'], 'en');
}
} else {
// read language from settings
if (isset($config_data['lang'])) {
$language = LanguageManager::getInstance()->getLanguage(
$config_data['lang']
);
if ($language !== false) {
$language->activate();
$this->setCookie('pma_lang', $language->getCode());
}
}
}
// set connection collation
$this->_setConnectionCollation();
}
/**
* Sets config value which is stored in user preferences (if available)
* or in a cookie.
*
* If user preferences are not yet initialized, option is applied to
* global config and added to a update queue, which is processed
* by {@link loadUserPreferences()}
*
* @param string|null $cookie_name can be null
* @param string $cfg_path configuration path
* @param mixed $new_cfg_value new value
* @param mixed $default_value default value
*
* @return true|Message
*/
public function setUserValue(
?string $cookie_name,
string $cfg_path,
$new_cfg_value,
$default_value = null
) {
$userPreferences = new UserPreferences();
$result = true;
// use permanent user preferences if possible
$prefs_type = $this->get('user_preferences');
if ($prefs_type) {
if ($default_value === null) {
$default_value = Core::arrayRead($cfg_path, $this->default);
}
$result = $userPreferences->persistOption($cfg_path, $new_cfg_value, $default_value);
}
if ($prefs_type != 'db' && $cookie_name) {
// fall back to cookies
if ($default_value === null) {
$default_value = Core::arrayRead($cfg_path, $this->settings);
}
$this->setCookie($cookie_name, $new_cfg_value, $default_value);
}
Core::arrayWrite($cfg_path, $GLOBALS['cfg'], $new_cfg_value);
Core::arrayWrite($cfg_path, $this->settings, $new_cfg_value);
return $result;
}
/**
* Reads value stored by {@link setUserValue()}
*
* @param string $cookie_name cookie name
* @param mixed $cfg_value config value
*
* @return mixed
*/
public function getUserValue(string $cookie_name, $cfg_value)
{
$cookie_exists = isset($_COOKIE) && ! empty($this->getCookie($cookie_name));
$prefs_type = $this->get('user_preferences');
if ($prefs_type == 'db') {
// permanent user preferences value exists, remove cookie
if ($cookie_exists) {
$this->removeCookie($cookie_name);
}
} elseif ($cookie_exists) {
return $this->getCookie($cookie_name);
}
// return value from $cfg array
return $cfg_value;
}
/**
* set source
*
* @param string $source source
*
* @return void
*/
public function setSource(string $source): void
{
$this->source = trim($source);
}
/**
* check config source
*
* @return boolean whether source is valid or not
*/
public function checkConfigSource(): bool
{
if (! $this->getSource()) {
// no configuration file set at all
return false;
}
if (! @file_exists($this->getSource())) {
$this->source_mtime = 0;
return false;
}
if (! @is_readable($this->getSource())) {
// manually check if file is readable
// might be bug #3059806 Supporting running from CIFS/Samba shares
$contents = false;
$handle = @fopen($this->getSource(), 'r');
if ($handle !== false) {
$contents = @fread($handle, 1); // reading 1 byte is enough to test
fclose($handle);
}
if ($contents === false) {
$this->source_mtime = 0;
Core::fatalError(
sprintf(
function_exists('__')
? __('Existing configuration file (%s) is not readable.')
: 'Existing configuration file (%s) is not readable.',
$this->getSource()
)
);
return false;
}
}
return true;
}
/**
* verifies the permissions on config file (if asked by configuration)
* (must be called after config.inc.php has been merged)
*
* @return void
*/
public function checkPermissions(): void
{
// Check for permissions (on platforms that support it):
if ($this->get('CheckConfigurationPermissions') && @file_exists($this->getSource())) {
$perms = @fileperms($this->getSource());
if (! ($perms === false) && ($perms & 2)) {
// This check is normally done after loading configuration
$this->checkWebServerOs();
if ($this->get('PMA_IS_WINDOWS') == 0) {
$this->source_mtime = 0;
Core::fatalError(
__(
'Wrong permissions on configuration file, '
. 'should not be world writable!'
)
);
}
}
}
}
/**
* Checks for errors
* (must be called after config.inc.php has been merged)
*
* @return void
*/
public function checkErrors(): void
{
if ($this->error_config_default_file) {
Core::fatalError(
sprintf(
__('Could not load default configuration from: %1$s'),
$this->default_source
)
);
}
if ($this->error_config_file) {
$error = '[strong]' . __('Failed to read configuration file!') . '[/strong]'
. '[br][br]'
. __(
'This usually means there is a syntax error in it, '
. 'please check any errors shown below.'
)
. '[br][br]'
. '[conferr]';
trigger_error($error, E_USER_ERROR);
}
}
/**
* returns specific config setting
*
* @param string $setting config setting
*
* @return mixed value
*/
public function get(string $setting)
{
if (isset($this->settings[$setting])) {
return $this->settings[$setting];
}
return null;
}
/**
* sets configuration variable
*
* @param string $setting configuration option
* @param mixed $value new value for configuration option
*
* @return void
*/
public function set(string $setting, $value): void
{
if (! isset($this->settings[$setting])
|| $this->settings[$setting] !== $value
) {
$this->settings[$setting] = $value;
$this->set_mtime = time();
}
}
/**
* returns source for current config
*
* @return string config source
*/
public function getSource(): string
{
return $this->source;
}
/**
* returns a unique value to force a CSS reload if either the config
* or the theme changes
*
* @return int Summary of unix timestamps, to be unique on theme parameters
* change
*/
public function getThemeUniqueValue(): int
{
return (int) (
$this->source_mtime +
$this->default_source_mtime +
$this->get('user_preferences_mtime') +
$GLOBALS['PMA_Theme']->mtime_info +
$GLOBALS['PMA_Theme']->filesize_info
);
}
/**
* checks if upload is enabled
*
* @return void
*/
public function checkUpload(): void
{
if (! ini_get('file_uploads')) {
$this->set('enable_upload', false);
return;
}
$this->set('enable_upload', true);
// if set "php_admin_value file_uploads Off" in httpd.conf
// ini_get() also returns the string "Off" in this case:
if ('off' == strtolower(ini_get('file_uploads'))) {
$this->set('enable_upload', false);
}
}
/**
* Maximum upload size as limited by PHP
* Used with permission from Moodle (https://moodle.org/) by Martin Dougiamas
*
* this section generates $max_upload_size in bytes
*
* @return void
*/
public function checkUploadSize(): void
{
if (! $filesize = ini_get('upload_max_filesize')) {
$filesize = "5M";
}
if ($postsize = ini_get('post_max_size')) {
$this->set(
'max_upload_size',
min(Core::getRealSize($filesize), Core::getRealSize($postsize))
);
} else {
$this->set('max_upload_size', Core::getRealSize($filesize));
}
}
/**
* Checks if protocol is https
*
* This function checks if the https protocol on the active connection.
*
* @return bool
*/
public function isHttps(): bool
{
if (null !== $this->get('is_https')) {
return $this->get('is_https');
}
$url = $this->get('PmaAbsoluteUri');
$is_https = false;
if (! empty($url) && parse_url($url, PHP_URL_SCHEME) === 'https') {
$is_https = true;
} elseif (strtolower(Core::getenv('HTTP_SCHEME')) == 'https') {
$is_https = true;
} elseif (strtolower(Core::getenv('HTTPS')) == 'on') {
$is_https = true;
} elseif (substr(strtolower(Core::getenv('REQUEST_URI')), 0, 6) == 'https:') {
$is_https = true;
} elseif (strtolower(Core::getenv('HTTP_HTTPS_FROM_LB')) == 'on') {
// A10 Networks load balancer
$is_https = true;
} elseif (strtolower(Core::getenv('HTTP_FRONT_END_HTTPS')) == 'on') {
$is_https = true;
} elseif (strtolower(Core::getenv('HTTP_X_FORWARDED_PROTO')) == 'https') {
$is_https = true;
} elseif (strtolower(Core::getenv('HTTP_CLOUDFRONT_FORWARDED_PROTO')) === 'https') {
// Amazon CloudFront, issue #15621
$is_https = true;
} elseif (Util::getProtoFromForwardedHeader(Core::getenv('HTTP_FORWARDED')) === 'https') {
// RFC 7239 Forwarded header
$is_https = true;
} elseif (Core::getenv('SERVER_PORT') == 443) {
$is_https = true;
}
$this->set('is_https', $is_https);
return $is_https;
}
/**
* Get phpMyAdmin root path
*
* @return string
*/
public function getRootPath(): string
{
static $cookie_path = null;
if (null !== $cookie_path && ! defined('TESTSUITE')) {
return $cookie_path;
}
$url = $this->get('PmaAbsoluteUri');
if (! empty($url)) {
$path = parse_url($url, PHP_URL_PATH);
if (! empty($path)) {
if (substr($path, -1) != '/') {
return $path . '/';
}
return $path;
}
}
$parsed_url = parse_url($GLOBALS['PMA_PHP_SELF']);
$parts = explode(
'/',
rtrim(str_replace('\\', '/', $parsed_url['path']), '/')
);
/* Remove filename */
if (substr($parts[count($parts) - 1], -4) == '.php') {
$parts = array_slice($parts, 0, count($parts) - 1);
}
/* Remove extra path from javascript calls */
if (defined('PMA_PATH_TO_BASEDIR')) {
$parts = array_slice($parts, 0, count($parts) - 1);
}
$parts[] = '';
return implode('/', $parts);
}
/**
* enables backward compatibility
*
* @return void
*/
public function enableBc(): void
{
$GLOBALS['cfg'] = $this->settings;
$GLOBALS['default_server'] = $this->default_server;
unset($this->default_server);
$GLOBALS['is_upload'] = $this->get('enable_upload');
$GLOBALS['max_upload_size'] = $this->get('max_upload_size');
$GLOBALS['is_https'] = $this->get('is_https');
$defines = [
'PMA_VERSION',
'PMA_MAJOR_VERSION',
'PMA_THEME_VERSION',
'PMA_THEME_GENERATION',
'PMA_IS_WINDOWS',
'PMA_IS_GD2',
'PMA_USR_OS',
'PMA_USR_BROWSER_VER',
'PMA_USR_BROWSER_AGENT',
];
foreach ($defines as $define) {
if (! defined($define)) {
define($define, $this->get($define));
}
}
}
/**
* removes cookie
*
* @param string $cookieName name of cookie to remove
*
* @return boolean result of setcookie()
*/
public function removeCookie(string $cookieName): bool
{
$httpCookieName = $this->getCookieName($cookieName);
if ($this->issetCookie($cookieName)) {
unset($_COOKIE[$httpCookieName]);
}
if (defined('TESTSUITE')) {
return true;
}
return setcookie(
$httpCookieName,
'',
time() - 3600,
$this->getRootPath(),
'',
$this->isHttps()
);
}
/**
* sets cookie if value is different from current cookie value,
* or removes if value is equal to default
*
* @param string $cookie name of cookie to remove
* @param mixed $value new cookie value
* @param string $default default value
* @param int $validity validity of cookie in seconds (default is one month)
* @param bool $httponly whether cookie is only for HTTP (and not for scripts)
*
* @return boolean result of setcookie()
*/
public function setCookie(
string $cookie,
$value,
?string $default = null,
?int $validity = null,
bool $httponly = true
): bool {
if (strlen($value) > 0 && null !== $default && $value === $default
) {
// default value is used
if ($this->issetCookie($cookie)) {
// remove cookie
return $this->removeCookie($cookie);
}
return false;
}
if (strlen($value) === 0 && $this->issetCookie($cookie)) {
// remove cookie, value is empty
return $this->removeCookie($cookie);
}
$httpCookieName = $this->getCookieName($cookie);
if (! $this->issetCookie($cookie) || $this->getCookie($cookie) !== $value) {
// set cookie with new value
/* Calculate cookie validity */
if ($validity === null) {
/* Valid for one month */
$validity = time() + 2592000;
} elseif ($validity == 0) {
/* Valid for session */
$validity = 0;
} else {
$validity = time() + $validity;
}
if (defined('TESTSUITE')) {
$_COOKIE[$httpCookieName] = $value;
return true;
}
return setcookie(
$httpCookieName,
$value,
$validity,
$this->getRootPath(),
'',
$this->isHttps(),
$httponly
);
}
// cookie has already $value as value
return true;
}
/**
* get cookie
*
* @param string $cookieName The name of the cookie to get
*
* @return mixed result of getCookie()
*/
public function getCookie(string $cookieName)
{
if (isset($_COOKIE[$this->getCookieName($cookieName)])) {
return $_COOKIE[$this->getCookieName($cookieName)];
} else {
return null;
}
}
/**
* Get the real cookie name
*
* @param string $cookieName The name of the cookie
* @return string
*/
public function getCookieName(string $cookieName): string
{
return $cookieName . ( ($this->isHttps()) ? '_https' : '' );
}
/**
* isset cookie
*
* @param string $cookieName The name of the cookie to check
*
* @return bool result of issetCookie()
*/
public function issetCookie(string $cookieName): bool
{
return isset($_COOKIE[$this->getCookieName($cookieName)]);
}
/**
* Error handler to catch fatal errors when loading configuration
* file
*
* @return void
*/
public static function fatalErrorHandler(): void
{
if (! isset($GLOBALS['pma_config_loading'])
|| ! $GLOBALS['pma_config_loading']
) {
return;
}
$error = error_get_last();
if ($error === null) {
return;
}
Core::fatalError(
sprintf(
'Failed to load phpMyAdmin configuration (%s:%s): %s',
Error::relPath($error['file']),
$error['line'],
$error['message']
)
);
}
/**
* Wrapper for footer/header rendering
*
* @param string $filename File to check and render
* @param string $id Div ID
*
* @return string
*/
private static function _renderCustom(string $filename, string $id): string
{
$retval = '';
if (@file_exists($filename)) {
$retval .= '<div id="' . $id . '">';
ob_start();
include $filename;
$retval .= ob_get_contents();
ob_end_clean();
$retval .= '</div>';
}
return $retval;
}
/**
* Renders user configured footer
*
* @return string
*/
public static function renderFooter(): string
{
return self::_renderCustom(CUSTOM_FOOTER_FILE, 'pma_footer');
}
/**
* Renders user configured footer
*
* @return string
*/
public static function renderHeader(): string
{
return self::_renderCustom(CUSTOM_HEADER_FILE, 'pma_header');
}
/**
* Returns temporary dir path
*
* @param string $name Directory name
*
* @return string|null
*/
public function getTempDir(string $name): ?string
{
static $temp_dir = [];
if (isset($temp_dir[$name]) && ! defined('TESTSUITE')) {
return $temp_dir[$name];
}
$path = $this->get('TempDir');
if (empty($path)) {
$path = null;
} else {
$path = rtrim($path, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR . $name;
if (! @is_dir($path)) {
@mkdir($path, 0770, true);
}
if (! @is_dir($path) || ! @is_writable($path)) {
$path = null;
}
}
$temp_dir[$name] = $path;
return $path;
}
/**
* Returns temporary directory
*
* @return string|null
*/
public function getUploadTempDir(): ?string
{
// First try configured temp dir
// Fallback to PHP upload_tmp_dir
$dirs = [
$this->getTempDir('upload'),
ini_get('upload_tmp_dir'),
sys_get_temp_dir(),
];
foreach ($dirs as $dir) {
if (! empty($dir) && @is_writable($dir)) {
return realpath($dir);
}
}
return null;
}
/**
* Selects server based on request parameters.
*
* @return integer
*/
public function selectServer(): int
{
$request = empty($_REQUEST['server']) ? 0 : $_REQUEST['server'];
/**
* Lookup server by name
* (see FAQ 4.8)
*/
if (! is_numeric($request)) {
foreach ($this->settings['Servers'] as $i => $server) {
$verboseToLower = mb_strtolower($server['verbose']);
$serverToLower = mb_strtolower($request);
if ($server['host'] == $request
|| $server['verbose'] == $request
|| $verboseToLower == $serverToLower
|| md5($verboseToLower) === $serverToLower
) {
$request = $i;
break;
}
}
if (is_string($request)) {
$request = 0;
}
}
/**
* If no server is selected, make sure that $this->settings['Server'] is empty (so
* that nothing will work), and skip server authentication.
* We do NOT exit here, but continue on without logging into any server.
* This way, the welcome page will still come up (with no server info) and
* present a choice of servers in the case that there are multiple servers
* and '$this->settings['ServerDefault'] = 0' is set.
*/
if (is_numeric($request) && ! empty($request) && ! empty($this->settings['Servers'][$request])) {
$server = $request;
$this->settings['Server'] = $this->settings['Servers'][$server];
} else {
if (! empty($this->settings['Servers'][$this->settings['ServerDefault']])) {
$server = $this->settings['ServerDefault'];
$this->settings['Server'] = $this->settings['Servers'][$server];
} else {
$server = 0;
$this->settings['Server'] = [];
}
}
return (int) $server;
}
/**
* Checks whether Servers configuration is valid and possibly apply fixups.
*
* @return void
*/
public function checkServers(): void
{
// Do we have some server?
if (! isset($this->settings['Servers']) || count($this->settings['Servers']) === 0) {
// No server => create one with defaults
$this->settings['Servers'] = [1 => $this->default_server];
} else {
// We have server(s) => apply default configuration
$new_servers = [];
foreach ($this->settings['Servers'] as $server_index => $each_server) {
// Detect wrong configuration
if (! is_int($server_index) || $server_index < 1) {
trigger_error(
sprintf(__('Invalid server index: %s'), $server_index),
E_USER_ERROR
);
}
$each_server = array_merge($this->default_server, $each_server);
// Final solution to bug #582890
// If we are using a socket connection
// and there is nothing in the verbose server name
// or the host field, then generate a name for the server
// in the form of "Server 2", localized of course!
if (empty($each_server['host']) && empty($each_server['verbose'])) {
$each_server['verbose'] = sprintf(__('Server %d'), $server_index);
}
$new_servers[$server_index] = $each_server;
}
$this->settings['Servers'] = $new_servers;
}
}
}
if (! defined('TESTSUITE')) {
register_shutdown_function([Config::class, 'fatalErrorHandler']);
}