mirror of
https://github.com/vrana/adminer.git
synced 2025-08-18 12:21:24 +02:00
Merge branch 'master' into ajax
This commit is contained in:
Jakub Vrana
@@ -32,6 +32,13 @@ class Adminer {
|
||||
return DB;
|
||||
}
|
||||
|
||||
/** Headers to send before HTML output
|
||||
* @return null
|
||||
*/
|
||||
function headers() {
|
||||
header("X-Frame-Options: deny"); // ClickJacking protection in IE8, Safari 4, Chrome 2, Firefox NoScript plugin
|
||||
}
|
||||
|
||||
/** Print login form
|
||||
* @return null
|
||||
*/
|
||||
@@ -484,7 +491,7 @@ document.getElementById('username').focus();
|
||||
}
|
||||
|
||||
/** Prints navigation after Adminer title
|
||||
* @param string can be "auth" if there is no database connection or "db" if there is no database selected
|
||||
* @param string can be "auth" if there is no database connection, "db" if there is no database selected, "ns" with invalid schema
|
||||
* @return null
|
||||
*/
|
||||
function navigation($missing) {
|
||||
@@ -516,10 +523,14 @@ document.getElementById('username').focus();
|
||||
?>
|
||||
<form action="" method="post">
|
||||
<p class="logout">
|
||||
<a href="<?php echo h(ME); ?>sql="><?php echo bold(lang('SQL command'), isset($_GET["sql"])); ?></a>
|
||||
<?php if (support("dump")) { ?>
|
||||
<a href="<?php echo h(ME); ?>dump=<?php echo urlencode(isset($_GET["table"]) ? $_GET["table"] : $_GET["select"]); ?>"><?php echo bold(lang('Dump'), isset($_GET["dump"])); ?></a>
|
||||
<?php } ?>
|
||||
<?php
|
||||
if (DB == "" || !$missing) {
|
||||
echo "<a href='" . h(ME) . "sql='>" . bold(lang('SQL command'), isset($_GET["sql"])) . "</a>\n";
|
||||
if (support("dump")) {
|
||||
echo "<a href='" . h(ME) . "dump=" . urlencode(isset($_GET["table"]) ? $_GET["table"] : $_GET["select"]) . "'>" . bold(lang('Dump'), isset($_GET["dump"])) . "</a>\n";
|
||||
}
|
||||
}
|
||||
?>
|
||||
<input type="hidden" name="token" value="<?php echo $token; ?>">
|
||||
<input type="submit" name="logout" value="<?php echo lang('Logout'); ?>">
|
||||
</p>
|
||||
@@ -537,7 +548,7 @@ document.getElementById('username').focus();
|
||||
set_schema($_GET["ns"]);
|
||||
}
|
||||
}
|
||||
if ($_GET["ns"] !== "") {
|
||||
if ($_GET["ns"] !== "" && !$missing) {
|
||||
$tables = tables_list();
|
||||
if (!$tables) {
|
||||
echo "<p class='message'>" . lang('No tables.') . "\n";
|
||||
|
||||
@@ -6,7 +6,6 @@ function connect_error() {
|
||||
page_header(lang('Database') . ": " . h(DB), lang('Invalid database.'), true);
|
||||
} else {
|
||||
if ($_POST["db"] && !$error) {
|
||||
set_session("dbs", null);
|
||||
queries_redirect(substr(ME, 0, -1), lang('Databases have been dropped.'), drop_databases($_POST["db"]));
|
||||
}
|
||||
|
||||
@@ -26,6 +25,7 @@ function connect_error() {
|
||||
echo "<p>" . lang('Logged as: %s', "<b>" . h(logged_user()) . "</b>") . "\n";
|
||||
$databases = get_databases();
|
||||
if ($databases) {
|
||||
$scheme = support("scheme");
|
||||
$collations = collations();
|
||||
echo "<form action='' method='post'>\n";
|
||||
echo "<table cellspacing='0' onclick='tableClick(event);'>\n";
|
||||
@@ -34,7 +34,7 @@ function connect_error() {
|
||||
$root = h(ME) . "db=" . urlencode($db);
|
||||
echo "<tr" . odd() . "><td>" . checkbox("db[]", $db, in_array($db, (array) $_POST["db"]));
|
||||
echo "<th><a href='$root'>" . h($db) . "</a>";
|
||||
echo "<td><a href='$root&database='>" . nbsp(db_collation($db, $collations)) . "</a>";
|
||||
echo "<td><a href='$root" . ($scheme ? "&ns=" : "") . "&database='>" . nbsp(db_collation($db, $collations)) . "</a>";
|
||||
echo "<td align='right'><a href='$root&schema=' id='tables-" . h($db) . "'>?</a>";
|
||||
echo "\n";
|
||||
}
|
||||
@@ -44,7 +44,9 @@ function connect_error() {
|
||||
}
|
||||
}
|
||||
page_footer("db");
|
||||
echo "<script type='text/javascript' src='" . h(ME) . "script=connect'></script>\n";
|
||||
if ($databases) {
|
||||
echo "<script type='text/javascript' src='" . h(ME . "script=connect&token=$token") . "'></script>\n";
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($_GET["status"])) {
|
||||
@@ -58,6 +60,13 @@ if (!(DB != "" ? $connection->select_db(DB) : isset($_GET["sql"]) || isset($_GET
|
||||
exit;
|
||||
}
|
||||
|
||||
if (support("scheme") && DB != "" && $_GET["ns"] !== "" && (!isset($_GET["ns"]) || !set_schema($_GET["ns"]))) {
|
||||
redirect(preg_replace('~ns=[^&]*&~', '', ME) . "ns=" . get_schema());
|
||||
if (support("scheme") && DB != "" && $_GET["ns"] !== "") {
|
||||
if (!isset($_GET["ns"])) {
|
||||
redirect(preg_replace('~ns=[^&]*&~', '', ME) . "ns=" . get_schema());
|
||||
}
|
||||
if (!set_schema($_GET["ns"])) {
|
||||
page_header(lang('Schema') . ": " . h($_GET["ns"]), lang('Invalid schema.'), true);
|
||||
page_footer("ns");
|
||||
exit;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -9,7 +9,7 @@
|
||||
function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") {
|
||||
global $LANG, $HTTPS, $adminer, $connection, $drivers;
|
||||
header("Content-Type: text/html; charset=utf-8");
|
||||
header("X-Frame-Options: deny"); // ClickJacking protection in IE8, Safari 4, Chrome 2, Firefox NoScript plugin
|
||||
$adminer->headers();
|
||||
if ($_SERVER["HTTP_X_REQUESTED_WITH"] != "XMLHttpRequest") {
|
||||
$title_all = $title . ($title2 != "" ? ": " . h($title2) : "");
|
||||
$protocol = ($HTTPS ? "https" : "http");
|
||||
@@ -76,7 +76,7 @@ function page_header($title, $error = "", $breadcrumb = array(), $title2 = "") {
|
||||
}
|
||||
|
||||
/** Print HTML footer
|
||||
* @param string auth|db
|
||||
* @param string "auth", "db", "ns"
|
||||
* @return null
|
||||
*/
|
||||
function page_footer($missing = "") {
|
||||
|
||||
Reference in New Issue
Block a user