mirror/php-adminer
1
0
Fork 0
mirror of https://github.com/vrana/adminer.git synced 2025-08-06 14:46:36 +02:00
Code Issues Releases Wiki Activity

Notices: Avoid accessing offset on null

Browse Source 
Thanks to @peterpp at 62017e3.
This commit is contained in:
Jakub Vrana
2025-03-26 04:16:17 +01:00
parent d3be21e000
commit 1b8a428d2f
16 changed files with 37 additions and 27 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
adminer/call.inc.php
View File

@@ -71,13 +71,13 @@ if ($in) {
$field = $routine["fields"][$key]; $field = $routine["fields"][$key];
$name = $field["field"]; $name = $field["field"];
echo "<tr><th>" . $adminer->fieldName($field); echo "<tr><th>" . $adminer->fieldName($field);
$value = $_POST["fields"][$name]; $value = idx($_POST["fields"], $name);
if ($value != "") { if ($value != "") {
if ($field["type"] == "set") { if ($field["type"] == "set") {
$value = implode(",", $value); $value = implode(",", $value);
} }
} }
input($field, $value, (string) $_POST["function"][$name]); // param name can be empty input($field, $value, idx($_POST["function"], $name, "")); // param name can be empty
echo "\n"; echo "\n";
} }
echo "</table>\n"; echo "</table>\n";

2
adminer/foreign.inc.php
View File

@@ -95,7 +95,7 @@ $j = 0;
foreach ($row["source"] as $key => $val) { foreach ($row["source"] as $key => $val) {
echo "<tr>"; echo "<tr>";
echo "<td>" . html_select("source[" . (+$key) . "]", array(-1 => "") + $source, $val, ($j == count($row["source"]) - 1 ? "foreignAddRow.call(this);" : ""), "label-source"); echo "<td>" . html_select("source[" . (+$key) . "]", array(-1 => "") + $source, $val, ($j == count($row["source"]) - 1 ? "foreignAddRow.call(this);" : ""), "label-source");
echo "<td>" . html_select("target[" . (+$key) . "]", $target, $row["target"][$key], "", "label-target"); echo "<td>" . html_select("target[" . (+$key) . "]", $target, idx($row["target"], $key), "", "label-target");
$j++; $j++;
} }
?> ?>

2
adminer/include/adminer.inc.php
View File

@@ -667,7 +667,7 @@ class Adminer {
global $driver; global $driver;
restart_session(); restart_session();
$history = &get_session("queries"); $history = &get_session("queries");
if (!$history[$_GET["db"]]) { if (!idx($history, $_GET["db"])) {
$history[$_GET["db"]] = array(); $history[$_GET["db"]] = array();
} }
if (strlen($query) > 1e6) { if (strlen($query) > 1e6) {

2
adminer/include/auth.inc.php
View File

@@ -62,7 +62,7 @@ function check_invalid_login() {
} }
} }
$invalid = ($invalids ? $invalids[$adminer->bruteForceKey()] : array()); $invalid = ($invalids ? $invalids[$adminer->bruteForceKey()] : array());
$next_attempt = ($invalid[1] > 29 ? $invalid[0] - time() : 0); // allow 30 invalid attempts $next_attempt = (idx($invalid, 1) > 29 ? $invalid[0] - time() : 0); // allow 30 invalid attempts
if ($next_attempt > 0) { //! do the same with permanent login if ($next_attempt > 0) { //! do the same with permanent login
auth_error(lang('Too many unsuccessful logins, try again in %d minute(s).', ceil($next_attempt / 60))); auth_error(lang('Too many unsuccessful logins, try again in %d minute(s).', ceil($next_attempt / 60)));
} }

2
adminer/include/coverage.inc.php
View File

@@ -8,7 +8,7 @@ if (extension_loaded("xdebug") && file_exists(sys_get_temp_dir() . "/adminer.cov
$coverage = unserialize(file_get_contents($coverage_filename)); $coverage = unserialize(file_get_contents($coverage_filename));
foreach (xdebug_get_code_coverage() as $filename => $lines) { foreach (xdebug_get_code_coverage() as $filename => $lines) {
foreach ($lines as $l => $val) { foreach ($lines as $l => $val) {
if (!$coverage[$filename][$l] || $val > 0) { if (!idx($coverage[$filename], $l) || $val > 0) {
$coverage[$filename][$l] = $val; $coverage[$filename][$l] = $val;
} }
} }

2
adminer/include/design.inc.php
View File

@@ -182,7 +182,7 @@ function get_nonce() {
function page_messages($error) { function page_messages($error) {
global $adminer; global $adminer;
$uri = preg_replace('~^[^?]*~', '', $_SERVER["REQUEST_URI"]); $uri = preg_replace('~^[^?]*~', '', $_SERVER["REQUEST_URI"]);
$messages = $_SESSION["messages"][$uri]; $messages = idx($_SESSION["messages"], $uri);
if ($messages) { if ($messages) {
echo "<div class='message'>" . implode("</div>\n<div class='message'>", $messages) . "</div>" . script("messagesPrint();"); echo "<div class='message'>" . implode("</div>\n<div class='message'>", $messages) . "</div>" . script("messagesPrint();");
unset($_SESSION["messages"][$uri]); unset($_SESSION["messages"][$uri]);

2
adminer/include/editing.inc.php
View File

@@ -353,7 +353,7 @@ function edit_fields($fields, $collations, $type = "TABLE", $foreign_keys = arra
foreach ($fields as $i => $field) { foreach ($fields as $i => $field) {
$i++; $i++;
$orig = $field[($_POST ? "orig" : "field")]; $orig = $field[($_POST ? "orig" : "field")];
$display = (isset($_POST["add"][$i-1]) || (isset($field["field"]) && !$_POST["drop_col"][$i])) && (support("drop_col") || $orig == ""); $display = (isset($_POST["add"][$i-1]) || (isset($field["field"]) && !idx($_POST["drop_col"], $i))) && (support("drop_col") || $orig == "");
echo "<tr" . ($display ? "" : " style='display: none;'") . ">\n"; echo "<tr" . ($display ? "" : " style='display: none;'") . ">\n";
echo ($type == "PROCEDURE" ? "<td>" . html_select("fields[$i][inout]", explode("|", $driver->inout), $field["inout"]) : "") . "<th>"; echo ($type == "PROCEDURE" ? "<td>" . html_select("fields[$i][inout]", explode("|", $driver->inout), $field["inout"]) : "") . "<th>";
if ($display) { if ($display) {

3
adminer/include/errors.inc.php
View File

@@ -3,8 +3,7 @@ namespace Adminer;
error_reporting(24575); // all but E_DEPRECATED (overriding mysqli methods without types is deprecated) error_reporting(24575); // all but E_DEPRECATED (overriding mysqli methods without types is deprecated)
set_error_handler(function ($errno, $errstr) { set_error_handler(function ($errno, $errstr) {
// "offset on null" mutes $_GET["fields"][0] if there's no ?fields[]= (62017e3 is a wrong fix for this)
// "Undefined array key" mutes $_GET["q"] if there's no ?q= // "Undefined array key" mutes $_GET["q"] if there's no ?q=
// "Undefined offset" and "Undefined index" are older messages for the same thing // "Undefined offset" and "Undefined index" are older messages for the same thing
return !!preg_match('~^(Trying to access array offset on( value of type)? null|Undefined (array key|offset|index))~', $errstr); return !!preg_match('~^(Undefined (array key|offset|index))~', $errstr);
}, E_WARNING | E_NOTICE); // warning since PHP 8.0 }, E_WARNING | E_NOTICE); // warning since PHP 8.0

15
adminer/include/functions.inc.php
View File

@@ -65,6 +65,16 @@ function escape_string($val) {
return substr(q($val), 1, -1); return substr(q($val), 1, -1);
} }
/** Get a possibly missing item from a possibly missing array
* @param array|null
* @param string|int
* @param mixed
* @return mixed
*/
function idx($array, $key, $default = null) {
return ($array && array_key_exists($key, $array) ? $array[$key] : $default);
}
/** Remove non-digits from a string /** Remove non-digits from a string
* @param string * @param string
* @return string * @return string
@@ -302,12 +312,13 @@ function where($where, $fields = array()) {
foreach ((array) $where["where"] as $key => $val) { foreach ((array) $where["where"] as $key => $val) {
$key = bracket_escape($key, 1); // 1 - back $key = bracket_escape($key, 1); // 1 - back
$column = escape_key($key); $column = escape_key($key);
$field_type = $fields[$key]["type"]; $field = ($fields ? $fields[$key] : array());
$field_type = $field["type"];
$return[] = $column $return[] = $column
. (JUSH == "sql" && $field_type == "json" ? " = CAST(" . q($val) . " AS JSON)" . (JUSH == "sql" && $field_type == "json" ? " = CAST(" . q($val) . " AS JSON)"
: (JUSH == "sql" && is_numeric($val) && preg_match('~\.~', $val) ? " LIKE " . q($val) // LIKE because of floats but slow with ints : (JUSH == "sql" && is_numeric($val) && preg_match('~\.~', $val) ? " LIKE " . q($val) // LIKE because of floats but slow with ints
: (JUSH == "mssql" && strpos($field_type, "datetime") === false ? " LIKE " . q(preg_replace('~[_%[]~', '[\0]', $val)) // LIKE because of text but it does not work with datetime : (JUSH == "mssql" && strpos($field_type, "datetime") === false ? " LIKE " . q(preg_replace('~[_%[]~', '[\0]', $val)) // LIKE because of text but it does not work with datetime
: " = " . unconvert_field($fields[$key], q($val))))) : " = " . unconvert_field($field, q($val)))))
; //! enum and set ; //! enum and set
if (JUSH == "sql" && preg_match('~char|text~', $field_type) && preg_match("~[^ -@]~", $val)) { // not just [a-z] to catch non-ASCII characters if (JUSH == "sql" && preg_match('~char|text~', $field_type) && preg_match("~[^ -@]~", $val)) { // not just [a-z] to catch non-ASCII characters
$return[] = "$column = " . q($val) . " COLLATE " . charset($connection) . "_bin"; $return[] = "$column = " . q($val) . " COLLATE " . charset($connection) . "_bin";

6
adminer/include/html.inc.php
View File

@@ -352,7 +352,7 @@ function process_input($field) {
return null; return null;
} }
$idf = bracket_escape($field["field"]); $idf = bracket_escape($field["field"]);
$function = $_POST["function"][$idf]; $function = idx($_POST["function"], $idf);
$value = $_POST["fields"][$idf]; $value = $_POST["fields"][$idf];
if ($field["type"] == "enum" || $driver->enumLength($field)) { if ($field["type"] == "enum" || $driver->enumLength($field)) {
if ($value == -1) { if ($value == -1) {
@@ -453,7 +453,7 @@ function edit_form($table, $fields, $row, $update) {
$autofocus = !$_POST; $autofocus = !$_POST;
foreach ($fields as $name => $field) { foreach ($fields as $name => $field) {
echo "<tr><th>" . $adminer->fieldName($field); echo "<tr><th>" . $adminer->fieldName($field);
$default = $_GET["set"][bracket_escape($name)]; $default = idx($_GET["set"], bracket_escape($name));
if ($default === null) { if ($default === null) {
$default = $field["default"]; $default = $field["default"];
if ($field["type"] == "bit" && preg_match("~^b'([01]*)'\$~", $default, $regs)) { if ($field["type"] == "bit" && preg_match("~^b'([01]*)'\$~", $default, $regs)) {
@@ -477,7 +477,7 @@ function edit_form($table, $fields, $row, $update) {
$value = $adminer->editVal($value, $field); $value = $adminer->editVal($value, $field);
} }
$function = ($_POST["save"] $function = ($_POST["save"]
? (string) $_POST["function"][$name] ? idx($_POST["function"], $name, "")
: ($update && preg_match('~^CURRENT_TIMESTAMP~i', $field["on_update"]) : ($update && preg_match('~^CURRENT_TIMESTAMP~i', $field["on_update"])
? "now" ? "now"
: ($value === false ? null : ($value !== null ? '' : 'NULL')) : ($value === false ? null : ($value !== null ? '' : 'NULL'))

4
adminer/indexes.inc.php
View File

@@ -33,8 +33,8 @@ if ($_POST && !$error && !$_POST["add"] && !$_POST["drop_col"]) {
ksort($index["columns"]); ksort($index["columns"]);
foreach ($index["columns"] as $key => $column) { foreach ($index["columns"] as $key => $column) {
if ($column != "") { if ($column != "") {
$length = $index["lengths"][$key]; $length = idx($index["lengths"], $key);
$desc = $index["descs"][$key]; $desc = idx($index["descs"], $key);
$set[] = idf_escape($column) . ($length ? "(" . (+$length) . ")" : "") . ($desc ? " DESC" : ""); $set[] = idf_escape($column) . ($length ? "(" . (+$length) . ")" : "") . ($desc ? " DESC" : "");
$columns[] = $column; $columns[] = $column;
$lengths[] = ($length ?: null); $lengths[] = ($length ?: null);

8
adminer/schema.inc.php
View File

@@ -32,8 +32,8 @@ foreach (table_status('', true) as $table => $table_status) {
foreach ($adminer->foreignKeys($table) as $val) { foreach ($adminer->foreignKeys($table) as $val) {
if (!$val["db"]) { if (!$val["db"]) {
$left = $base_left; $left = $base_left;
if ($table_pos[$table][1] || $table_pos[$val["table"]][1]) { if (idx($table_pos[$table], 1) || idx($table_pos[$val["table"]], 1)) {
$left = min(floatval($table_pos[$table][1]), floatval($table_pos[$val["table"]][1])) - 1; $left = min(idx($table_pos[$table], 1, 0), idx($table_pos[$val["table"]], 1, 0)) - 1;
} else { } else {
$base_left -= .1; $base_left -= .1;
} }
@@ -71,7 +71,7 @@ foreach ($schema as $name => $table) {
foreach ((array) $table["references"] as $target_name => $refs) { foreach ((array) $table["references"] as $target_name => $refs) {
foreach ($refs as $left => $ref) { foreach ($refs as $left => $ref) {
$left1 = $left - $table_pos[$name][1]; $left1 = $left - idx($table_pos[$name], 1);
$i = 0; $i = 0;
foreach ($ref[0] as $source) { foreach ($ref[0] as $source) {
echo "\n<div class='references' title='" . h($target_name) . "' id='refs$left-" . ($i++) . "' style='left: $left1" . "em; top: " . $table["fields"][$source]["pos"] . "em; padding-top: .5em;'>" echo "\n<div class='references' title='" . h($target_name) . "' id='refs$left-" . ($i++) . "' style='left: $left1" . "em; top: " . $table["fields"][$source]["pos"] . "em; padding-top: .5em;'>"
@@ -83,7 +83,7 @@ foreach ($schema as $name => $table) {
foreach ((array) $referenced[$name] as $target_name => $refs) { foreach ((array) $referenced[$name] as $target_name => $refs) {
foreach ($refs as $left => $columns) { foreach ($refs as $left => $columns) {
$left1 = $left - $table_pos[$name][1]; $left1 = $left - idx($table_pos[$name], 1);
$i = 0; $i = 0;
foreach ($columns as $target) { foreach ($columns as $target) {
echo "\n<div class='references arrow' title='" . h($target_name) . "' id='refd$left-" . ($i++) . "' style='left: $left1" . "em; top: " . $table["fields"][$target]["pos"] . "em;'>" echo "\n<div class='references arrow' title='" . h($target_name) . "' id='refd$left-" . ($i++) . "' style='left: $left1" . "em; top: " . $table["fields"][$target]["pos"] . "em;'>"

4
adminer/select.inc.php
View File

@@ -339,7 +339,7 @@ if (!$columns && support("table")) {
$rank = 1; $rank = 1;
foreach ($rows[0] as $key => $val) { foreach ($rows[0] as $key => $val) {
if (!isset($unselected[$key])) { if (!isset($unselected[$key])) {
$val = $_GET["columns"][key($select)]; $val = idx($_GET["columns"], key($select)) ?: array();
$field = $fields[$select ? ($val ? $val["col"] : current($select)) : $key]; $field = $fields[$select ? ($val ? $val["col"] : current($select)) : $key];
$name = ($field ? $adminer->fieldName($field, $rank) : ($val["fun"] ? "*" : h($key))); $name = ($field ? $adminer->fieldName($field, $rank) : ($val["fun"] ? "*" : h($key)));
if ($name != "") { if ($name != "") {
@@ -450,7 +450,7 @@ if (!$columns && support("table")) {
$val = select_value($val, $link, $field, $text_length); $val = select_value($val, $link, $field, $text_length);
$id = h("val[$unique_idf][" . bracket_escape($key) . "]"); $id = h("val[$unique_idf][" . bracket_escape($key) . "]");
$value = $_POST["val"][$unique_idf][bracket_escape($key)]; $value = idx(idx($_POST["val"], $unique_idf), bracket_escape($key));
$editable = !is_array($row[$key]) && is_utf8($val) && $rows[$n][$key] == $row[$key] && !$functions[$key] && !$field["generated"]; $editable = !is_array($row[$key]) && is_utf8($val) && $rows[$n][$key] == $row[$key] && !$functions[$key] && !$field["generated"];
$text = preg_match('~text|json|lob~', $field["type"]); $text = preg_match('~text|json|lob~', $field["type"]);
echo "<td id='$id'" . (preg_match(number_type(), $field["type"]) && is_numeric(strip_tags($val)) ? " class='number'" : ""); echo "<td id='$id'" . (preg_match(number_type(), $field["type"]) && is_numeric(strip_tags($val)) ? " class='number'" : "");

2
coverage.php
View File

@@ -40,7 +40,7 @@ if (!extension_loaded("xdebug")) {
for ($l=0; $l <= count($file); $l++) { for ($l=0; $l <= count($file); $l++) {
$line = $file[$l]; $line = $file[$l];
$color = "#C0FFC0"; // tested $color = "#C0FFC0"; // tested
switch ($coverage[realpath($filename)][$l+1]) { switch ($coverage[realpath($filename)][$l+1] ?? null) {
case -1: // untested case -1: // untested
$color = "#FFC0C0"; $color = "#FFC0C0";
break; break;

4
editor/include/adminer.inc.php
View File

@@ -259,7 +259,7 @@ ORDER BY ORDINAL_POSITION", null, "") as $row
} }
$key = $keys[$name]; $key = $keys[$name];
$i--; $i--;
echo "<div>" . h($desc) . input_hidden("where[$i][col]", $name) . input_hidden("where[$i][op]", "=") . ": <select name='where[$i][val]'>" . optionlist($options, $where[$key]["val"], true) . "</select></div>\n"; echo "<div>" . h($desc) . input_hidden("where[$i][col]", $name) . input_hidden("where[$i][op]", "=") . ": <select name='where[$i][val]'>" . optionlist($options, idx($where[$key], "val"), true) . "</select></div>\n";
unset($columns[$name]); unset($columns[$name]);
} }
} }
@@ -294,7 +294,7 @@ ORDER BY ORDINAL_POSITION", null, "") as $row
} }
if ($orders) { if ($orders) {
echo '<fieldset><legend>' . lang('Sort') . "</legend><div>"; echo '<fieldset><legend>' . lang('Sort') . "</legend><div>";
echo "<select name='index_order'>" . optionlist(array("" => "") + $orders, ($_GET["order"][0] != "" ? "" : $_GET["index_order"]), true) . "</select>"; echo "<select name='index_order'>" . optionlist(array("" => "") + $orders, (idx($_GET["order"], 0) != "" ? "" : $_GET["index_order"]), true) . "</select>";
echo "</div></fieldset>\n"; echo "</div></fieldset>\n";
} }
if ($_GET["order"]) { if ($_GET["order"]) {

2
plugins/drivers/elastic.php
View File

@@ -274,7 +274,7 @@ if (isset($_GET["elastic"])) {
function delete($table, $queryWhere, $limit = 0) { function delete($table, $queryWhere, $limit = 0) {
//! use $limit //! use $limit
$ids = array(); $ids = array();
if (isset($_GET["where"]["_id"]) && $_GET["where"]["_id"]) { if (idx($_GET["where"], "_id")) {
$ids[] = $_GET["where"]["_id"]; $ids[] = $_GET["where"]["_id"];
} }
if (isset($_POST['check'])) { if (isset($_POST['check'])) {