Release 4.7.8

adminer/db.inc.php

@@ -112,7 +112,7 @@ if ($adminer->homepage()) {
 			}
 
 			echo "<tr><td><th>" . lang('%d in total', count($tables_list));
-			echo "<td>" . h($jush == "sql" ? $connection->result("SELECT @@storage_engine") : "");
+			echo "<td>" . h($jush == "sql" ? $connection->result("SELECT @@default_storage_engine") : "");
 			echo "<td>" . h(db_collation(DB, collations()));
 			foreach (array("Data_length", "Index_length", "Data_free") as $key) {
 				echo "<td align='right' id='sum-$key'>";

adminer/drivers/clickhouse.inc.php

@@ -306,7 +306,7 @@ if (isset($_GET["clickhouse"])) {
 	function fields($table) {
 		$return = array();
 		$result = get_rows("SELECT name, type, default_expression FROM system.columns WHERE " . idf_escape('table') . " = " . q($table));
-		foreach($result as $row) {
+		foreach ($result as $row) {
 			$type = trim($row['type']);
 			$nullable = strpos($type, 'Nullable(') === 0;
 			$return[trim($row['name'])] = array(

adminer/drivers/mysql.inc.php

@@ -267,7 +267,7 @@ if (!defined("DRIVER")) {
 			}
 
 			function query($query, $unbuffered = false) {
-				$this->setAttribute(1000, !$unbuffered); // 1000 - PDO::MYSQL_ATTR_USE_BUFFERED_QUERY
+				$this->pdo->setAttribute(1000, !$unbuffered); // 1000 - PDO::MYSQL_ATTR_USE_BUFFERED_QUERY
 				return parent::query($query, $unbuffered);
 			}
 		}

adminer/include/auth.inc.php

@@ -162,7 +162,7 @@ stop_session(true);
 
 if (isset($_GET["username"]) && is_string(get_password())) {
 	list($host, $port) = explode(":", SERVER, 2);
-	if (is_numeric($port) && ($port < 1024 || $port > 65535)) {
+	if (+$port && ($port < 1024 || $port > 65535)) {
 		auth_error(lang('Connecting to privileged ports is not allowed.'));
 	}
 	check_invalid_login();

adminer/include/bootstrap.inc.php

@@ -1,5 +1,5 @@
 <?php
-error_reporting(6135); // errors and warnings
+error_reporting(6133); // errors
 
 include "../adminer/include/coverage.inc.php";
 
@@ -60,7 +60,7 @@ if (!defined("SID")) {
 
 // disable magic quotes to be able to use database escaping function
 remove_slashes(array(&$_GET, &$_POST, &$_COOKIE), $filter);
-if (get_magic_quotes_runtime()) {
+if (function_exists("get_magic_quotes_runtime") && get_magic_quotes_runtime()) {
 	set_magic_quotes_runtime(false);
 }
 @set_time_limit(0); // @ - can be disabled
@@ -84,7 +84,7 @@ include "../adminer/drivers/mysql.inc.php"; // must be included as last driver
 
 define("SERVER", $_GET[DRIVER]); // read from pgsql=localhost
 define("DB", $_GET["db"]); // for the sake of speed and size
-define("ME", str_replace(":", "%3a", preg_replace('~\?.*~', '', relative_uri())) . '?'
+define("ME", preg_replace('~\?.*~', '', relative_uri()) . '?'
 	. (sid() ? SID . '&' : '')
 	. (SERVER !== null ? DRIVER . "=" . urlencode(SERVER) . '&' : '')
 	. (isset($_GET["username"]) ? "username=" . urlencode($_GET["username"]) . '&' : '')

adminer/include/functions.inc.php

@@ -62,7 +62,7 @@ function number_type() {
 * @return null modified in place
 */
 function remove_slashes($process, $filter = false) {
-	if (get_magic_quotes_gpc()) {
+	if (function_exists("get_magic_quotes_gpc") && get_magic_quotes_gpc()) {
 		while (list($key, $val) = each($process)) {
 			foreach ($val as $k => $v) {
 				unset($process[$key][$k]);
@@ -725,7 +725,7 @@ function format_time($start) {
 * @return string
 */
 function relative_uri() {
-	return preg_replace('~^[^?]*/([^?]*)~', '\1', $_SERVER["REQUEST_URI"]);
+	return str_replace(":", "%3a", preg_replace('~^[^?]*/([^?]*)~', '\1', $_SERVER["REQUEST_URI"]));
 }
 
 /** Remove parameter from query string
@@ -849,19 +849,18 @@ function friendly_url($val) {
 /** Print hidden fields
 * @param array
 * @param array
+* @param string
 * @return bool
 */
-function hidden_fields($process, $ignore = array()) {
+function hidden_fields($process, $ignore = array(), $prefix = '') {
 	$return = false;
-	while (list($key, $val) = each($process)) {
+	foreach ($process as $key => $val) {
 		if (!in_array($key, $ignore)) {
 			if (is_array($val)) {
-				foreach ($val as $k => $v) {
+				hidden_fields($val, array(), $key);
-					$process[$key . "[$k]"] = $v;
-				}
 			} else {
 				$return = true;
-				echo '<input type="hidden" name="' . h($key) . '" value="' . h($val) . '">';
+				echo '<input type="hidden" name="' . h($prefix ? $prefix . "[$key]" : $key) . '" value="' . h($val) . '">';
 			}
 		}
 	}

adminer/include/pdo.inc.php

@@ -1,8 +1,8 @@
 <?php
 // PDO can be used in several database drivers
 if (extension_loaded('pdo')) {
-	/*abstract*/ class Min_PDO extends PDO {
+	/*abstract*/ class Min_PDO {
-		var $_result, $server_info, $affected_rows, $errno, $error;
+		var $_result, $server_info, $affected_rows, $errno, $error, $pdo;
 		
 		function __construct() {
 			global $adminer;
@@ -14,21 +14,26 @@ if (extension_loaded('pdo')) {
 		
 		function dsn($dsn, $username, $password, $options = array()) {
 			try {
-				parent::__construct($dsn, $username, $password, $options);
+				$this->pdo = new PDO($dsn, $username, $password, $options);
 			} catch (Exception $ex) {
 				auth_error(h($ex->getMessage()));
 			}
-			$this->setAttribute(13, array('Min_PDOStatement')); // 13 - PDO::ATTR_STATEMENT_CLASS
+			$this->pdo->setAttribute(3, 1); //  3 - PDO::ATTR_ERRMODE, 1 - PDO::ERRMODE_WARNING
-			$this->server_info = @$this->getAttribute(4); // 4 - PDO::ATTR_SERVER_VERSION
+			$this->pdo->setAttribute(13, array('Min_PDOStatement')); // 13 - PDO::ATTR_STATEMENT_CLASS
+			$this->server_info = @$this->pdo->getAttribute(4); // 4 - PDO::ATTR_SERVER_VERSION
 		}
 		
 		/*abstract function select_db($database);*/
 		
+		function quote($string) {
+			return $this->pdo->quote($string);
+		}
+		
 		function query($query, $unbuffered = false) {
-			$result = parent::query($query);
+			$result = $this->pdo->query($query);
 			$this->error = "";
 			if (!$result) {
-				list(, $this->errno, $this->error) = $this->errorInfo();
+				list(, $this->errno, $this->error) = $this->pdo->errorInfo();
 				if (!$this->error) {
 					$this->error = lang('Unknown error.');
 				}

adminer/include/version.inc.php

@@ -1,2 +1,2 @@
 <?php
-$VERSION = "4.7.7";
+$VERSION = "4.7.8";

changes.txt

@@ -1,3 +1,7 @@
+Adminer 4.7.8 (released 2020-12-06):
+Support PHP 8
+Disallow connecting to privileged ports (bug #769)
+
 Adminer 4.7.7 (released 2020-05-11):
 Fix open redirect if Adminer is accessible at //adminer.php%2F@
 

compile.php

@@ -1,6 +1,6 @@
 #!/usr/bin/env php
 <?php
-error_reporting(6135); // errors and warnings
+error_reporting(6133); // errors
 include dirname(__FILE__) . "/adminer/include/version.inc.php";
 include dirname(__FILE__) . "/externals/JsShrink/jsShrink.php";
 
@@ -233,7 +233,7 @@ function php_shrink($input) {
 		$short_variables[$key] = short_identifier($number, $chars); // could use also numbers and \x7f-\xff
 	}
 	
-	$set = array_flip(preg_split('//', '!"#$%&\'()*+,-./:;<=>?@[\]^`{|}'));
+	$set = array_flip(preg_split('//', '!"#$%&\'()*+,-./:;<=>?@[]^`{|}'));
 	$space = '';
 	$output = '';
 	$in_echo = false;
@@ -315,6 +315,14 @@ function compile_file($match) {
 	return '"' . add_quo_slashes($file) . '"';
 }
 
+if (!function_exists("each")) {
+	function each(&$arr) {
+		$key = key($arr);
+		next($arr);
+		return $key === null ? false : array($key, $arr[$key]);
+	}
+}
+
 function min_version() {
 	return true;
 }