Server IP : 85.214.239.14 / Your IP : 18.119.130.127 Web Server : Apache/2.4.62 (Debian) System : Linux h2886529.stratoserver.net 4.9.0 #1 SMP Tue Jan 9 19:45:01 MSK 2024 x86_64 User : www-data ( 33) PHP Version : 7.4.18 Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare, MySQL : OFF | cURL : OFF | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : OFF Directory : /var/www/wordpress/phpMyAdmin/libraries/classes/ |
Upload File : |
<?php /* vim: set expandtab sw=4 ts=4 sts=4: */ /** * Holds the PhpMyAdmin\UserPreferences class * * @package PhpMyAdmin */ declare(strict_types=1); namespace PhpMyAdmin; use PhpMyAdmin\Config\ConfigFile; use PhpMyAdmin\Config\Forms\User\UserFormList; use PhpMyAdmin\Core; use PhpMyAdmin\Message; use PhpMyAdmin\Relation; use PhpMyAdmin\Template; use PhpMyAdmin\Url; use PhpMyAdmin\Util; /** * Functions for displaying user preferences pages * * @package PhpMyAdmin */ class UserPreferences { /** * @var Relation */ private $relation; /** * @var Template */ public $template; /** * Constructor */ public function __construct() { $this->relation = new Relation($GLOBALS['dbi']); $this->template = new Template(); } /** * Common initialization for user preferences modification pages * * @param ConfigFile $cf Config file instance * * @return void */ public function pageInit(ConfigFile $cf) { $forms_all_keys = UserFormList::getFields(); $cf->resetConfigData(); // start with a clean instance $cf->setAllowedKeys($forms_all_keys); $cf->setCfgUpdateReadMapping( [ 'Server/hide_db' => 'Servers/1/hide_db', 'Server/only_db' => 'Servers/1/only_db', ] ); $cf->updateWithGlobalConfig($GLOBALS['cfg']); } /** * Loads user preferences * * Returns an array: * * config_data - path => value pairs * * mtime - last modification time * * type - 'db' (config read from pmadb) or 'session' (read from user session) * * @return array */ public function load() { $cfgRelation = $this->relation->getRelationsParam(); if (! $cfgRelation['userconfigwork']) { // no pmadb table, use session storage if (! isset($_SESSION['userconfig'])) { $_SESSION['userconfig'] = [ 'db' => [], 'ts' => time(), ]; } return [ 'config_data' => $_SESSION['userconfig']['db'], 'mtime' => $_SESSION['userconfig']['ts'], 'type' => 'session', ]; } // load configuration from pmadb $query_table = Util::backquote($cfgRelation['db']) . '.' . Util::backquote($cfgRelation['userconfig']); $query = 'SELECT `config_data`, UNIX_TIMESTAMP(`timevalue`) ts' . ' FROM ' . $query_table . ' WHERE `username` = \'' . $GLOBALS['dbi']->escapeString($cfgRelation['user']) . '\''; $row = $GLOBALS['dbi']->fetchSingleRow($query, 'ASSOC', DatabaseInterface::CONNECT_CONTROL); return [ 'config_data' => $row ? json_decode($row['config_data'], true) : [], 'mtime' => $row ? $row['ts'] : time(), 'type' => 'db', ]; } /** * Saves user preferences * * @param array $config_array configuration array * * @return true|Message */ public function save(array $config_array) { $cfgRelation = $this->relation->getRelationsParam(); $server = isset($GLOBALS['server']) ? $GLOBALS['server'] : $GLOBALS['cfg']['ServerDefault']; $cache_key = 'server_' . $server; if (! $cfgRelation['userconfigwork']) { // no pmadb table, use session storage $_SESSION['userconfig'] = [ 'db' => $config_array, 'ts' => time(), ]; if (isset($_SESSION['cache'][$cache_key]['userprefs'])) { unset($_SESSION['cache'][$cache_key]['userprefs']); } return true; } // save configuration to pmadb $query_table = Util::backquote($cfgRelation['db']) . '.' . Util::backquote($cfgRelation['userconfig']); $query = 'SELECT `username` FROM ' . $query_table . ' WHERE `username` = \'' . $GLOBALS['dbi']->escapeString($cfgRelation['user']) . '\''; $has_config = $GLOBALS['dbi']->fetchValue( $query, 0, 0, DatabaseInterface::CONNECT_CONTROL ); $config_data = json_encode($config_array); if ($has_config) { $query = 'UPDATE ' . $query_table . ' SET `timevalue` = NOW(), `config_data` = \'' . $GLOBALS['dbi']->escapeString($config_data) . '\'' . ' WHERE `username` = \'' . $GLOBALS['dbi']->escapeString($cfgRelation['user']) . '\''; } else { $query = 'INSERT INTO ' . $query_table . ' (`username`, `timevalue`,`config_data`) ' . 'VALUES (\'' . $GLOBALS['dbi']->escapeString($cfgRelation['user']) . '\', NOW(), ' . '\'' . $GLOBALS['dbi']->escapeString($config_data) . '\')'; } if (isset($_SESSION['cache'][$cache_key]['userprefs'])) { unset($_SESSION['cache'][$cache_key]['userprefs']); } if (! $GLOBALS['dbi']->tryQuery($query, DatabaseInterface::CONNECT_CONTROL)) { $message = Message::error(__('Could not save configuration')); $message->addMessage( Message::rawError( $GLOBALS['dbi']->getError(DatabaseInterface::CONNECT_CONTROL) ), '<br><br>' ); return $message; } return true; } /** * Returns a user preferences array filtered by $cfg['UserprefsDisallow'] * (blacklist) and keys from user preferences form (whitelist) * * @param array $config_data path => value pairs * * @return array */ public function apply(array $config_data) { $cfg = []; $blacklist = array_flip($GLOBALS['cfg']['UserprefsDisallow']); $whitelist = array_flip(UserFormList::getFields()); // whitelist some additional fields which are custom handled $whitelist['ThemeDefault'] = true; $whitelist['lang'] = true; $whitelist['Server/hide_db'] = true; $whitelist['Server/only_db'] = true; $whitelist['2fa'] = true; foreach ($config_data as $path => $value) { if (! isset($whitelist[$path]) || isset($blacklist[$path])) { continue; } Core::arrayWrite($path, $cfg, $value); } return $cfg; } /** * Updates one user preferences option (loads and saves to database). * * No validation is done! * * @param string $path configuration * @param mixed $value value * @param mixed $default_value default value * * @return true|Message */ public function persistOption($path, $value, $default_value) { $prefs = $this->load(); if ($value === $default_value) { if (isset($prefs['config_data'][$path])) { unset($prefs['config_data'][$path]); } else { return true; } } else { $prefs['config_data'][$path] = $value; } return $this->save($prefs['config_data']); } /** * Redirects after saving new user preferences * * @param string $file_name Filename * @param array|null $params URL parameters * @param string $hash Hash value * * @return void */ public function redirect( $file_name, $params = null, $hash = null ) { // redirect $url_params = ['saved' => 1]; if (is_array($params)) { $url_params = array_merge($params, $url_params); } if ($hash) { $hash = '#' . urlencode($hash); } Core::sendHeaderLocation('./' . $file_name . Url::getCommonRaw($url_params) . $hash); } /** * Shows form which allows to quickly load * settings stored in browser's local storage * * @return string */ public function autoloadGetHeader() { if (isset($_REQUEST['prefs_autoload']) && $_REQUEST['prefs_autoload'] == 'hide' ) { $_SESSION['userprefs_autoload'] = true; return ''; } $script_name = basename(basename($GLOBALS['PMA_PHP_SELF'])); $return_url = $script_name . '?' . http_build_query($_GET, '', '&'); return $this->template->render('preferences/autoload', [ 'hidden_inputs' => Url::getHiddenInputs(), 'return_url' => $return_url, ]); } }