Cricao de Sites - 650 Layouts Prontos

home *** CD-ROM | disk | FTP | other *** search

/ Cricao de Sites - 650 Layouts Prontos / WebMasters.iso / Servidores / xampp-win32-1.6.7-installer.exe / phpMyAdmin / libraries / core.lib.php < prev next >

Wrap

PHP Script | 2008-06-23 | 18.1 KB | 616 lines

<?php /* vim: set expandtab sw=4 ts=4 sts=4: */ /** * Core functions used all over the scripts. * * @version $Id: core.lib.php 10420 2007-06-03 23:30:40Z lem9 $ */ /** * checks given $var and returns it if valid, or $default of not valid * given $var is also checked for type being 'similar' as $default * or against any other type if $type is provided * * <code> * // $_REQUEST['db'] not set * echo PMA_ifSetOr($_REQUEST['db'], ''); // '' * // $_REQUEST['sql_query'] not set * echo PMA_ifSetOr($_REQUEST['sql_query']); // null * // $cfg['ForceSSL'] not set * echo PMA_ifSetOr($cfg['ForceSSL'], false, 'boolean'); // false * echo PMA_ifSetOr($cfg['ForceSSL']); // null * // $cfg['ForceSSL'] set to 1 * echo PMA_ifSetOr($cfg['ForceSSL'], false, 'boolean'); // false * echo PMA_ifSetOr($cfg['ForceSSL'], false, 'similar'); // 1 * echo PMA_ifSetOr($cfg['ForceSSL'], false); // 1 * // $cfg['ForceSSL'] set to true * echo PMA_ifSetOr($cfg['ForceSSL'], false, 'boolean'); // true * </code> * * @todo create some testsuites * @uses PMA_isValid() * @see PMA_isValid() * @param mixed $var param to check * @param mixed $default default value * @param mixed $type var type or array of values to check against $var * @return mixed $var or $default */ function PMA_ifSetOr(&$var, $default = null, $type = 'similar') { if (! PMA_isValid($var, $type, $default)) { return $default; } return $var; } /** * checks given $var against $type or $compare * * $type can be: * - false : no type checking * - 'scalar' : whether type of $var is integer, float, string or boolean * - 'numeric' : whether type of $var is any number repesentation * - 'length' : whether type of $var is scalar with a string length > 0 * - 'similar' : whether type of $var is similar to type of $compare * - 'equal' : whether type of $var is identical to type of $compare * - 'identical' : whether $var is identical to $compare, not only the type! * - or any other valid PHP variable type * * <code> * // $_REQUEST['doit'] = true; * PMA_isValid($_REQUEST['doit'], 'identical', 'true'); // false * // $_REQUEST['doit'] = 'true'; * PMA_isValid($_REQUEST['doit'], 'identical', 'true'); // true * </code> * * NOTE: call-by-reference is used to not get NOTICE on undefined vars, * but the var is not altered inside this function, also after checking a var * this var exists nut is not set, example: * <code> * // $var is not set * isset($var); // false * functionCallByReference($var); // false * isset($var); // true * functionCallByReference($var); // true * </code> * * to avoid this we set this var to null if not isset * * @todo create some testsuites * @todo add some more var types like hex, bin, ...? * @uses is_scalar() * @uses is_numeric() * @uses is_array() * @uses in_array() * @uses gettype() * @uses strtolower() * @see http://php.net/gettype * @param mixed $var variable to check * @param mixed $type var type or array of valid values to check against $var * @param mixed $compare var to compare with $var * @return boolean whether valid or not */ function PMA_isValid(&$var, $type = 'length', $compare = null) { if (! isset($var)) { // var is not even set return false; } if ($type === false) { // no vartype requested return true; } if (is_array($type)) { return in_array($var, $type); } // allow some aliaes of var types $type = strtolower($type); switch ($type) { case 'identic' : $type = 'identical'; break; case 'len' : $type = 'length'; break; case 'bool' : $type = 'boolean'; break; case 'float' : $type = 'double'; break; case 'int' : $type = 'integer'; break; case 'null' : $type = 'NULL'; break; } if ($type === 'identical') { return $var === $compare; } // whether we should check against given $compare if ($type === 'similar') { switch (gettype($compare)) { case 'string': case 'boolean': $type = 'scalar'; break; case 'integer': case 'double': $type = 'numeric'; break; default: $type = gettype($compare); } } elseif ($type === 'equal') { $type = gettype($compare); } // do the check if ($type === 'length' || $type === 'scalar') { $is_scalar = is_scalar($var); if ($is_scalar && $type === 'length') { return (bool) strlen($var); } return $is_scalar; } if ($type === 'numeric') { return is_numeric($var); } if (gettype($var) === $type) { return true; } return false; } /** * Removes insecure parts in a path; used before include() or * require() when a part of the path comes from an insecure source * like a cookie or form. * * @param string The path to check * * @return string The secured path * * @access public * @author Marc Delisle (lem9@users.sourceforge.net) */ function PMA_securePath($path) { // change .. to . $path = preg_replace('@\.\.*@', '.', $path); return $path; } // end function /** * displays the given error message on phpMyAdmin error page in foreign language, * ends script execution and closes session * * @todo use detected argument separator (PMA_Config) * @uses $GLOBALS['session_name'] * @uses $GLOBALS['text_dir'] * @uses $GLOBALS['strError'] * @uses $GLOBALS['available_languages'] * @uses $GLOBALS['lang'] * @uses PMA_removeCookie() * @uses select_lang.lib.php * @uses $_COOKIE * @uses substr() * @uses header() * @uses urlencode() * @param string $error_message the error message or named error message */ function PMA_fatalError($error_message, $message_args = null) { if (! isset($GLOBALS['available_languages'])) { $GLOBALS['cfg'] = array('DefaultLang' => 'en-iso-8859-1', 'AllowAnywhereRecoding' => false); // Loads the language file require_once './libraries/select_lang.lib.php'; if (isset($strError)) { $GLOBALS['strError'] = $strError; } if (isset($text_dir)) { $GLOBALS['text_dir'] = $text_dir; } } if (substr($error_message, 0, 3) === 'str') { if (isset($$error_message)) { $error_message = $$error_message; } elseif (isset($GLOBALS[$error_message])) { $error_message = $GLOBALS[$error_message]; } } if (is_string($message_args)) { $error_message = sprintf($error_message, $message_args); } elseif (is_array($message_args)) { $error_message = vsprintf($error_message, $message_args); } $error_message = strtr($error_message, array('<br />' => '[br]')); // Displays the error message // (do not use & for parameters sent by header) header('Location: ' . (defined('PMA_SETUP') ? '../' : '') . 'error.php' . '?lang=' . urlencode($GLOBALS['available_languages'][$GLOBALS['lang']][2]) . '&dir=' . urlencode($GLOBALS['text_dir']) . '&type=' . urlencode($GLOBALS['strError']) . '&error=' . urlencode($error_message)); // on fatal errors it cannot hurt to always delete the current session if (isset($GLOBALS['session_name']) && isset($_COOKIE[$GLOBALS['session_name']])) { PMA_removeCookie($GLOBALS['session_name']); } exit; } /** * returns count of tables in given db * * @uses PMA_DBI_try_query() * @uses PMA_backquote() * @uses PMA_DBI_QUERY_STORE() * @uses PMA_DBI_num_rows() * @uses PMA_DBI_free_result() * @param string $db database to count tables for * @return integer count of tables in $db */ function PMA_getTableCount($db) { $tables = PMA_DBI_try_query( 'SHOW TABLES FROM ' . PMA_backquote($db) . ';', null, PMA_DBI_QUERY_STORE); if ($tables) { $num_tables = PMA_DBI_num_rows($tables); PMA_DBI_free_result($tables); } else { $num_tables = 0; } return $num_tables; } /** * Converts numbers like 10M into bytes * Used with permission from Moodle (http://moodle.org) by Martin Dougiamas * (renamed with PMA prefix to avoid double definition when embedded * in Moodle) * * @uses each() * @uses strlen() * @uses substr() * @param string $size * @return integer $size */ function PMA_get_real_size($size = 0) { if (! $size) { return 0; } $scan['gb'] = 1073741824; //1024 * 1024 * 1024; $scan['g'] = 1073741824; //1024 * 1024 * 1024; $scan['mb'] = 1048576; $scan['m'] = 1048576; $scan['kb'] = 1024; $scan['k'] = 1024; $scan['b'] = 1; foreach ($scan as $unit => $factor) { if (strlen($size) > strlen($unit) && strtolower(substr($size, strlen($size) - strlen($unit))) == $unit) { return substr($size, 0, strlen($size) - strlen($unit)) * $factor; } } return $size; } // end function PMA_get_real_size() /** * loads php module * * @uses PHP_OS * @uses extension_loaded() * @uses ini_get() * @uses function_exists() * @uses ob_start() * @uses phpinfo() * @uses strip_tags() * @uses ob_get_contents() * @uses ob_end_clean() * @uses preg_match() * @uses strtoupper() * @uses substr() * @uses dl() * @param string $module name if module to load * @return boolean success loading module */ function PMA_dl($module) { static $dl_allowed = null; if (extension_loaded($module)) { return true; } if (null === $dl_allowed) { if (!@ini_get('safe_mode') && @ini_get('enable_dl') && @function_exists('dl')) { ob_start(); phpinfo(INFO_GENERAL); /* Only general info */ $a = strip_tags(ob_get_contents()); ob_end_clean(); if (preg_match('@Thread Safety[[:space:]]*enabled@', $a)) { if (preg_match('@Server API[[:space:]]*$CGI\|CLI$@', $a)) { $dl_allowed = true; } else { $dl_allowed = false; } } else { $dl_allowed = true; } } else { $dl_allowed = false; } } if (!$dl_allowed) { return false; } /* Once we require PHP >= 4.3, we might use PHP_SHLIB_SUFFIX here */ if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') { $module_file = 'php_' . $module . '.dll'; } elseif (PHP_OS=='HP-UX') { $module_file = $module . '.sl'; } else { $module_file = $module . '.so'; } return @dl($module_file); } /** * merges array recursive like array_merge_recursive() but keyed-values are * always overwritten. * * array PMA_array_merge_recursive(array $array1[, array $array2[, array ...]]) * * @see http://php.net/array_merge * @see http://php.net/array_merge_recursive * @uses func_num_args() * @uses func_get_arg() * @uses is_array() * @uses call_user_func_array() * @param array array to merge * @param array array to merge * @param array ... * @return array merged array */ function PMA_array_merge_recursive() { switch(func_num_args()) { case 0 : return false; break; case 1 : // when does that happen? return func_get_arg(0); break; case 2 : $args = func_get_args(); if (!is_array($args[0]) || !is_array($args[1])) { return $args[1]; } foreach ($args[1] as $key2 => $value2) { if (isset($args[0][$key2]) && !is_int($key2)) { $args[0][$key2] = PMA_array_merge_recursive($args[0][$key2], $value2); } else { // we erase the parent array, otherwise we cannot override a directive that // contains array elements, like this: // (in config.default.php) $cfg['ForeignKeyDropdownOrder'] = array('id-content','content-id'); // (in config.inc.php) $cfg['ForeignKeyDropdownOrder'] = array('content-id'); if (is_int($key2) && $key2 == 0) { unset($args[0]); } $args[0][$key2] = $value2; } } return $args[0]; break; default : $args = func_get_args(); $args[1] = PMA_array_merge_recursive($args[0], $args[1]); array_shift($args); return call_user_func_array('PMA_array_merge_recursive', $args); break; } } /** * calls $function vor every element in $array recursively * * this function is protected against deep recursion attack CVE-2006-1549, * 1000 seems to be more than enough * * @see http://www.php-security.org/MOPB/MOPB-02-2007.html * @see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1549 * * @uses PMA_arrayWalkRecursive() * @uses is_array() * @uses is_string() * @param array $array array to walk * @param string $function function to call for every array element */ function PMA_arrayWalkRecursive(&$array, $function, $apply_to_keys_also = false) { static $recursive_counter = 0; if (++$recursive_counter > 1000) { die('possible deep recursion attack'); } foreach ($array as $key => $value) { if (is_array($value)) { PMA_arrayWalkRecursive($array[$key], $function, $apply_to_keys_also); } else { $array[$key] = $function($value); } if ($apply_to_keys_also && is_string($key)) { $new_key = $function($key); if ($new_key != $key) { $array[$new_key] = $array[$key]; unset($array[$key]); } } } $recursive_counter--; } /** * boolean phpMyAdmin.PMA_checkPageValidity(string &$page, array $whitelist) * * checks given given $page against given $whitelist and returns true if valid * it ignores optionaly query paramters in $page (script.php?ignored) * * @uses in_array() * @uses urldecode() * @uses substr() * @uses strpos() * @param string &$page page to check * @param array $whitelist whitelist to check page against * @return boolean whether $page is valid or not (in $whitelist or not) */ function PMA_checkPageValidity(&$page, $whitelist) { if (! isset($page) || !is_string($page)) { return false; } if (in_array($page, $whitelist)) { return true; } elseif (in_array(substr($page, 0, strpos($page . '?', '?')), $whitelist)) { return true; } else { $_page = urldecode($page); if (in_array(substr($_page, 0, strpos($_page . '?', '?')), $whitelist)) { return true; } } return false; } /** * trys to find the value for the given environment vriable name * * searchs in $_SERVER, $_ENV than trys getenv() and apache_getenv() * in this order * * @uses $_SERVER * @uses $_ENV * @uses getenv() * @uses function_exists() * @uses apache_getenv() * @param string $var_name variable name * @return string value of $var or empty string */ function PMA_getenv($var_name) { if (isset($_SERVER[$var_name])) { return $_SERVER[$var_name]; } elseif (isset($_ENV[$var_name])) { return $_ENV[$var_name]; } elseif (getenv($var_name)) { return getenv($var_name); } elseif (function_exists('apache_getenv') && apache_getenv($var_name, true)) { return apache_getenv($var_name, true); } return ''; } /** * removes cookie * * @uses PMA_Config::isHttps() * @uses PMA_Config::getCookiePath() * @uses setcookie() * @uses time() * @param string $cookie name of cookie to remove * @return boolean result of setcookie() */ function PMA_removeCookie($cookie) { return setcookie($cookie, '', time() - 3600, PMA_Config::getCookiePath(), '', PMA_Config::isHttps()); } /** * sets cookie if value is different from current cokkie value, * or removes if value is equal to default * * @uses PMA_Config::isHttps() * @uses PMA_Config::getCookiePath() * @uses $_COOKIE * @uses PMA_removeCookie() * @uses setcookie() * @uses time() * @param string $cookie name of cookie to remove * @param mixed $value new cookie value * @param string $default default value * @param int $validity validity of cookie in seconds (default is one month) * @param bool $httponlt whether cookie is only for HTTP (and not for scripts) * @return boolean result of setcookie() */ function PMA_setCookie($cookie, $value, $default = null, $validity = null, $httponly = true) { if ($validity == null) { $validity = 2592000; } if (strlen($value) && null !== $default && $value === $default && isset($_COOKIE[$cookie])) { // remove cookie, default value is used return PMA_removeCookie($cookie); } if (! strlen($value) && isset($_COOKIE[$cookie])) { // remove cookie, value is empty return PMA_removeCookie($cookie); } if (! isset($_COOKIE[$cookie]) || $_COOKIE[$cookie] !== $value) { // set cookie with new value /* Calculate cookie validity */ if ($validity == 0) { $v = 0; } else { $v = time() + $validity; } /* Use native support for httponly cookies if available */ if (version_compare(PHP_VERSION, '5.2.0', 'ge')) { return setcookie($cookie, $value, $v, PMA_Config::getCookiePath(), '', PMA_Config::isHttps(), $httponly); } else { return setcookie($cookie, $value, $v, PMA_Config::getCookiePath() . ($httponly ? '; HttpOnly' : ''), '', PMA_Config::isHttps()); } } // cookie has already $value as value return true; } ?>