From 49565e0563a851aa616bb7afe399b8b445efc00b Mon Sep 17 00:00:00 2001 From: Jakub Vrana Date: Fri, 15 Oct 2010 10:58:08 +0200 Subject: [PATCH] Rename variables to avoid conflict with Adminer 2 sessions and enabled register_globals --- adminer/database.inc.php | 6 +++--- adminer/db.inc.php | 6 +++--- adminer/drivers/mysql.inc.php | 6 +++--- adminer/include/adminer.inc.php | 6 +++--- adminer/include/auth.inc.php | 12 ++++++------ adminer/include/connect.inc.php | 4 ++-- adminer/include/design.inc.php | 2 +- adminer/sql.inc.php | 16 ++++++++-------- editor/include/adminer.inc.php | 10 +++++----- 9 files changed, 34 insertions(+), 34 deletions(-) diff --git a/adminer/database.inc.php b/adminer/database.inc.php index 8f61bbd2..0827c638 100644 --- a/adminer/database.inc.php +++ b/adminer/database.inc.php @@ -10,11 +10,11 @@ if ($_POST && !$error && !isset($_POST["add_x"])) { // add is an image and PHP c $_GET["db"] = $_POST["name"]; queries_redirect(preg_replace('~db=[^&]*&~', '', ME) . "db=" . urlencode($_POST["name"]), lang('Database has been renamed.'), rename_database($_POST["name"], $_POST["collation"])); } else { - $dbs = explode("\n", str_replace("\r", "", $_POST["name"])); + $databases = explode("\n", str_replace("\r", "", $_POST["name"])); $success = true; $last = ""; - foreach ($dbs as $db) { - if (count($dbs) == 1 || $db != "") { // ignore empty lines but always try to create single database + foreach ($databases as $db) { + if (count($databases) == 1 || $db != "") { // ignore empty lines but always try to create single database if (!create_database($db, $_POST["collation"])) { $success = false; } diff --git a/adminer/db.inc.php b/adminer/db.inc.php index 4e8061f3..a07da025 100644 --- a/adminer/db.inc.php +++ b/adminer/db.inc.php @@ -76,10 +76,10 @@ if ($_GET["ns"] !== "") { echo "\n"; if (!information_schema(DB)) { echo "

" . ($jush == "sql" ? " " : "") . " \n"; - $dbs = (support("scheme") ? schemas() : get_databases()); - if (count($dbs) != 1 && $jush != "sqlite") { + $databases = (support("scheme") ? schemas() : get_databases()); + if (count($databases) != 1 && $jush != "sqlite") { $db = (isset($_POST["target"]) ? $_POST["target"] : (support("scheme") ? $_GET["ns"] : DB)); - echo "

" . lang('Move to other database') . ($dbs ? ": " . html_select("target", $dbs, $db) : ': ') . " \n"; + echo "

" . lang('Move to other database') . ($databases ? ": " . html_select("target", $databases, $db) : ': ') . " \n"; } } echo "\n"; diff --git a/adminer/drivers/mysql.inc.php b/adminer/drivers/mysql.inc.php index f8b232ed..a86fa0cb 100644 --- a/adminer/drivers/mysql.inc.php +++ b/adminer/drivers/mysql.inc.php @@ -266,7 +266,7 @@ if (!defined("DRIVER")) { */ function get_databases($flush = true) { // SHOW DATABASES can take a very long time so it is cached - $return = &get_session("databases"); + $return = &get_session("dbs"); if (!isset($return)) { if ($flush) { restart_session(); @@ -523,7 +523,7 @@ if (!defined("DRIVER")) { * @return string */ function create_database($db, $collation) { - set_session("databases", null); + set_session("dbs", null); return queries("CREATE DATABASE " . idf_escape($db) . ($collation ? " COLLATE " . q($collation) : "")); } @@ -532,7 +532,7 @@ if (!defined("DRIVER")) { * @return bool */ function drop_databases($databases) { - set_session("databases", null); + set_session("dbs", null); return apply_queries("DROP DATABASE", $databases, 'idf_escape'); } diff --git a/adminer/include/adminer.inc.php b/adminer/include/adminer.inc.php index a0eb80d8..d9692133 100644 --- a/adminer/include/adminer.inc.php +++ b/adminer/include/adminer.inc.php @@ -14,7 +14,7 @@ class Adminer { * @return array ($server, $username, $password) */ function credentials() { - return array(SERVER, $_GET["username"], get_session("passwords")); + return array(SERVER, $_GET["username"], get_session("pwds")); } /** Get key used for permanent login @@ -386,7 +386,7 @@ document.getElementById('username').focus(); global $jush; restart_session(); $id = "sql-" . count($_SESSION["messages"]); - $history = &get_session("history"); + $history = &get_session("queries"); $history[$_GET["db"]][] = (strlen($query) > 1e6 // not DB - reset in drop database ? ereg_replace('[\x80-\xFF]+$', '', substr($query, 0, 1e6)) . "\n..." // [\x80-\xFF] - valid UTF-8, \n - can end by one-line comment : $query @@ -498,7 +498,7 @@ document.getElementById('username').focus(); $servers) { + foreach ((array) $_SESSION["pwds"] as $driver => $servers) { foreach ($servers as $server => $usernames) { foreach ($usernames as $username => $password) { if (isset($password)) { diff --git a/adminer/include/auth.inc.php b/adminer/include/auth.inc.php index 4e1352d3..156593bc 100644 --- a/adminer/include/auth.inc.php +++ b/adminer/include/auth.inc.php @@ -22,7 +22,7 @@ if ($_COOKIE["adminer_permanent"]) { if (isset($_POST["server"])) { session_regenerate_id(); // defense against session fixation - $_SESSION["passwords"][$_POST["driver"]][$_POST["server"]][$_POST["username"]] = $_POST["password"]; + $_SESSION["pwds"][$_POST["driver"]][$_POST["server"]][$_POST["username"]] = $_POST["password"]; if ($_POST["permanent"]) { $key = base64_encode($_POST["driver"]) . "-" . base64_encode($_POST["server"]) . "-" . base64_encode($_POST["username"]); $private = $adminer->permanentLogin(); @@ -42,7 +42,7 @@ if (isset($_POST["server"])) { page_footer("db"); exit; } else { - foreach (array("passwords", "databases", "history") as $key) { + foreach (array("pwds", "dbs", "queries") as $key) { set_session($key, null); } $key = base64_encode(DRIVER) . "-" . base64_encode(SERVER) . "-" . base64_encode($_GET["username"]); @@ -52,13 +52,13 @@ if (isset($_POST["server"])) { } redirect(substr(preg_replace('~(username|db|ns)=[^&]*&~', '', ME), 0, -1), lang('Logout successful.')); } -} elseif ($permanent && !$_SESSION["passwords"]) { +} elseif ($permanent && !$_SESSION["pwds"]) { session_regenerate_id(); $private = $adminer->permanentLogin(); // try to decode even if not set foreach ($permanent as $key => $val) { list(, $cipher) = explode(":", $val); list($driver, $server, $username) = array_map('base64_decode', explode("-", $key)); - $_SESSION["passwords"][$driver][$server][$username] = decrypt_string(base64_decode($cipher), $private); + $_SESSION["pwds"][$driver][$server][$username] = decrypt_string(base64_decode($cipher), $private); } } @@ -72,7 +72,7 @@ function auth_error($exception = null) { if (($_COOKIE[$session_name] || $_GET[$session_name]) && !$token) { $error = lang('Session expired, please login again.'); } else { - $password = &get_session("passwords"); + $password = &get_session("pwds"); if (isset($password)) { $error = h($exception ? $exception->getMessage() : (is_string($connection) ? $connection : lang('Invalid credentials.'))); $password = null; @@ -92,7 +92,7 @@ function auth_error($exception = null) { if (isset($_GET["username"]) && class_exists("Min_DB")) { // doesn't exists with passing wrong driver $connection = connect(); } -if (is_string($connection) || !$adminer->login($_GET["username"], get_session("passwords"))) { +if (is_string($connection) || !$adminer->login($_GET["username"], get_session("pwds"))) { auth_error(); exit; } diff --git a/adminer/include/connect.inc.php b/adminer/include/connect.inc.php index 0ae6cb86..ffa2b137 100644 --- a/adminer/include/connect.inc.php +++ b/adminer/include/connect.inc.php @@ -6,7 +6,7 @@ function connect_error() { page_header(lang('Database') . ": " . h(DB), lang('Invalid database.'), true); } else { if ($_POST["db"] && !$error) { - set_session("databases", null); + set_session("dbs", null); queries_redirect(substr(ME, 0, -1), lang('Databases have been dropped.'), drop_databases($_POST["db"])); } @@ -56,7 +56,7 @@ if (isset($_GET["status"])) { } if (!(DB != "" ? $connection->select_db(DB) : isset($_GET["sql"]) || isset($_GET["dump"]) || isset($_GET["database"]) || isset($_GET["processlist"]) || isset($_GET["privileges"]) || isset($_GET["user"]) || isset($_GET["variables"]))) { if (DB != "") { - set_session("databases", null); + set_session("dbs", null); } connect_error(); // separate function to catch SQLite error exit; diff --git a/adminer/include/design.inc.php b/adminer/include/design.inc.php index 9f8bc085..68ae314f 100644 --- a/adminer/include/design.inc.php +++ b/adminer/include/design.inc.php @@ -63,7 +63,7 @@ function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") { echo "

" . implode("
\n
", $_SESSION["messages"]) . "
\n"; $_SESSION["messages"] = array(); } - $databases = &get_session("databases"); + $databases = &get_session("dbs"); if (DB != "" && $databases && !in_array(DB, $databases, true)) { $databases = null; } diff --git a/adminer/sql.inc.php b/adminer/sql.inc.php index ccc1341e..69f9a1d9 100644 --- a/adminer/sql.inc.php +++ b/adminer/sql.inc.php @@ -1,6 +1,6 @@ select_db(DB); } - $queries = 0; + $commands = 0; $errors = ""; while ($query != "") { if (!$offset && preg_match('~^\\s*DELIMITER\\s+(.+)~i', $query, $match)) { @@ -58,15 +58,15 @@ if (!$error && $_POST) { if (!$found || $found == $delimiter) { // end of a query $empty = false; $q = substr($query, 0, $match[0][1]); - $queries++; - echo "
" . shorten_utf8(trim($q), 1000) . "
\n"; + $commands++; + echo "
" . shorten_utf8(trim($q), 1000) . "
\n"; ob_flush(); flush(); // can take a long time - show the running query $start = explode(" ", microtime()); // microtime(true) is available since PHP 5 //! don't allow changing of character_set_results, convert encoding of displayed query if (!$connection->multi_query($q)) { echo "

" . lang('Error in query') . ": " . error() . "\n"; - $errors .= " $queries"; + $errors .= " $commands"; if ($_POST["error_stops"]) { break; } @@ -82,7 +82,7 @@ if (!$error && $_POST) { select($result, $connection2); echo "

" . ($result->num_rows ? lang('%d row(s)', $result->num_rows) : "") . $time; if ($connection2 && preg_match("~^($space|\\()*SELECT\\b~isU", $q)) { - $id = "explain-$queries"; + $id = "explain-$commands"; echo ", EXPLAIN\n"; echo "