本文整理汇总了PHP中PMA_securePath函数的典型用法代码示例。如果您正苦于以下问题:PHP PMA_securePath函数的具体用法?PHP PMA_securePath怎么用?PHP PMA_securePath使用的例子?那么, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了PMA_securePath函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: PMA_processExportSchema
/**
* get all the export options and verify
* call and include the appropriate Schema Class depending on $export_type
*
* @param string $export_type format of the export
*
* @return void
*/
function PMA_processExportSchema($export_type)
{
/**
* default is PDF, otherwise validate it's only letters a-z
*/
if (!isset($export_type) || !preg_match('/^[a-zA-Z]+$/', $export_type)) {
$export_type = 'pdf';
}
// sanitize this parameter which will be used below in a file inclusion
$export_type = PMA_securePath($export_type);
// get the specific plugin
$export_plugin = PMA_getPlugin("schema", $export_type, 'libraries/plugins/schema/');
// Check schema export type
if (!isset($export_plugin)) {
PMA_fatalError(__('Bad type!'));
}
$GLOBALS['dbi']->selectDb($GLOBALS['db']);
$export_plugin->exportSchema($GLOBALS['db']);
}
示例2: PMA_generate_common_url
$err_url = 'server_export.php?' . PMA_generate_common_url();
} elseif ($export_type == 'database' && strlen($db)) {
$err_url = 'db_export.php?' . PMA_generate_common_url($db);
// Check if we have something to export
if (isset($table_select)) {
$tables = $table_select;
} else {
$tables = array();
}
} elseif ($export_type == 'table' && strlen($db) && strlen($table)) {
$err_url = 'tbl_export.php?' . PMA_generate_common_url($db, $table);
} else {
die('Bad parameters!');
}
// Get the functions specific to the export type
require './libraries/export/' . PMA_securePath($type) . '.php';
/**
* Increase time limit for script execution and initializes some variables
*/
@set_time_limit($cfg['ExecTimeLimit']);
if (!empty($cfg['MemoryLimit'])) {
@ini_set('memory_limit', $cfg['MemoryLimit']);
}
// Start with empty buffer
$dump_buffer = '';
$dump_buffer_len = 0;
// We send fake headers to avoid browser timeout when buffering
$time_start = time();
/**
* Output handler for all exports, if needed buffering, it stores data into
* $dump_buffer, otherwise it prints thems out.
示例3: setLocalSelectedFile
/**
*
* @access public
* @uses $GLOBALS['strFileCouldNotBeRead']
* @uses PMA_File::setName()
* @uses PMA_securePath()
* @uses PMA_userDir()
* @uses $GLOBALS['cfg']['UploadDir']
* @param string $name
* @return boolean success
*/
function setLocalSelectedFile($name)
{
if (empty($GLOBALS['cfg']['UploadDir'])) return false;
$this->setName(PMA_userDir($GLOBALS['cfg']['UploadDir']) . PMA_securePath($name));
if (! $this->isReadable()) {
$this->_error_message = $GLOBALS['strFileCouldNotBeRead'];
$this->setName(null);
return false;
}
return true;
}
示例4: array
}
/**
* Sets globals from $_POST
*
* - Please keep the parameters in order of their appearance in the form
* - Some of these parameters are not used, as the code below directly
* verifies from the superglobal $_POST or $_REQUEST
*/
$post_params = array('db', 'table', 'single_table', 'export_type', 'export_method', 'quick_or_custom', 'db_select', 'table_select', 'limit_to', 'limit_from', 'allrows', 'output_format', 'filename_template', 'maxsize', 'remember_template', 'charset_of_file', 'compression', 'what', 'knjenc', 'xkana', 'htmlword_structure_or_data', 'htmlword_null', 'htmlword_columns', 'mediawiki_headers', 'mediawiki_structure_or_data', 'mediawiki_caption', 'pdf_structure_or_data', 'odt_structure_or_data', 'odt_relation', 'odt_comments', 'odt_mime', 'odt_columns', 'odt_null', 'codegen_structure_or_data', 'codegen_format', 'excel_null', 'excel_removeCRLF', 'excel_columns', 'excel_edition', 'excel_structure_or_data', 'yaml_structure_or_data', 'ods_null', 'ods_structure_or_data', 'ods_columns', 'json_structure_or_data', 'xml_structure_or_data', 'xml_export_events', 'xml_export_functions', 'xml_export_procedures', 'xml_export_tables', 'xml_export_triggers', 'xml_export_views', 'xml_export_contents', 'texytext_structure_or_data', 'texytext_columns', 'texytext_null', 'phparray_structure_or_data', 'sql_include_comments', 'sql_header_comment', 'sql_dates', 'sql_relation', 'sql_mime', 'sql_use_transaction', 'sql_disable_fk', 'sql_compatibility', 'sql_structure_or_data', 'sql_create_database', 'sql_drop_table', 'sql_procedure_function', 'sql_create_table_statements', 'sql_create_table', 'sql_create_view', 'sql_create_trigger', 'sql_if_not_exists', 'sql_auto_increment', 'sql_backquotes', 'sql_truncate', 'sql_delayed', 'sql_ignore', 'sql_type', 'sql_insert_syntax', 'sql_max_query_size', 'sql_hex_for_binary', 'sql_utc_time', 'sql_drop_database', 'sql_views_as_tables', 'csv_separator', 'csv_enclosed', 'csv_escaped', 'csv_terminated', 'csv_null', 'csv_removeCRLF', 'csv_columns', 'csv_structure_or_data', 'latex_caption', 'latex_structure_or_data', 'latex_structure_caption', 'latex_structure_continued_caption', 'latex_structure_label', 'latex_relation', 'latex_comments', 'latex_mime', 'latex_columns', 'latex_data_caption', 'latex_data_continued_caption', 'latex_data_label', 'latex_null');
foreach ($post_params as $one_post_param) {
if (isset($_POST[$one_post_param])) {
$GLOBALS[$one_post_param] = $_POST[$one_post_param];
}
}
// sanitize this parameter which will be used below in a file inclusion
$what = PMA_securePath($what);
PMA_Util::checkParameters(array('what', 'export_type'));
// export class instance, not array of properties, as before
$export_plugin = PMA_getPlugin("export", $what, 'libraries/plugins/export/', array('export_type' => $export_type, 'single_table' => isset($single_table)));
// Backward compatibility
$type = $what;
// Check export type
if (!isset($export_plugin)) {
PMA_fatalError(__('Bad type!'));
}
/**
* valid compression methods
*/
$compression_methods = array('zip', 'gzip');
/**
* init and variable checking
示例5: PMA_securePath
$ThemeDefaultOk = TRUE;
}
}
}
if ($ThemeDefaultOk == TRUE) {
$GLOBALS['theme'] = $cfg['ThemeDefault'];
} else {
$GLOBALS['theme'] = 'original';
}
} else {
// if we just changed theme, we must take the new one so that
// index.php takes the correct one for height computing
if (isset($_POST['set_theme'])) {
$GLOBALS['theme'] = PMA_securePath($_POST['set_theme']);
} else {
$GLOBALS['theme'] = PMA_securePath($_COOKIE[$theme_cookie_name]);
}
}
// check for theme requires/name
unset($theme_name, $theme_generation, $theme_version);
@(include $cfg['ThemePath'] . '/' . $GLOBALS['theme'] . '/info.inc.php');
// did it set correctly?
if (!isset($theme_name, $theme_generation, $theme_version)) {
$GLOBALS['theme'] = 'original';
// invalid theme
} elseif ($theme_generation != PMA_THEME_GENERATION) {
$GLOBALS['theme'] = 'original';
// different generation
} elseif ($theme_version < PMA_THEME_VERSION) {
$GLOBALS['theme'] = 'original';
// too old version
示例6: PMA_DBI_free_result
PMA_DBI_free_result($result);
unset($result);
}
if ($total_affected_rows != 0) {
$message .= $total_affected_rows;
} else {
$message .= $strModifications;
}
$message .= $last_message;
if (!empty($warning_message)) {
// TODO: use a <div class="warning"> in PMA_showMessage()
// for this part of the message
$message .= '[br]' . $warning_message;
}
if ($is_gotofile) {
if ($goto == 'db_details.php' && isset($table)) {
unset($table);
}
$js_to_run = 'functions.js';
$active_page = $goto;
require_once './libraries/header.inc.php';
require './' . PMA_securePath($goto);
} else {
// if we have seen binary,
// we do not append the query to the Location so it won't be displayed
// on the resulting page
// Nijel: we also need to limit size of url...
$add_query = !$seen_binary && strlen($sql_query) < 1024 ? '&disp_query=' . urlencode($sql_query) : '';
PMA_sendHeaderLocation($cfg['PmaAbsoluteUri'] . $goto . '&disp_message=' . urlencode($message) . $add_query);
}
exit;
示例7: substr
// Calculate value of the limit
if (strtolower(substr($memory_limit, -1)) == 'm') {
$memory_limit = (int) substr($memory_limit, 0, -1) * 1024 * 1024;
} elseif (strtolower(substr($memory_limit, -1)) == 'k') {
$memory_limit = (int) substr($memory_limit, 0, -1) * 1024;
} elseif (strtolower(substr($memory_limit, -1)) == 'g') {
$memory_limit = (int) substr($memory_limit, 0, -1) * 1024 * 1024 * 1024;
} else {
$memory_limit = (int) $memory_limit;
}
$read_limit = $memory_limit / 8;
// Just to be sure, there might be lot of memory needed for uncompression
// handle filenames
if (!empty($local_import_file) && !empty($cfg['UploadDir'])) {
// sanitize $local_import_file as it comes from a POST
$local_import_file = PMA_securePath($local_import_file);
$import_file = PMA_userDir($cfg['UploadDir']) . $local_import_file;
} elseif (empty($import_file) || !is_uploaded_file($import_file)) {
$import_file = 'none';
}
// Do we have file to import?
if ($import_file != 'none' && !$error) {
// work around open_basedir and other limitations
$open_basedir = @ini_get('open_basedir');
// If we are on a server with open_basedir, we must move the file
// before opening it. The doc explains how to create the "./tmp"
// directory
if (!empty($open_basedir)) {
$tmp_subdir = PMA_IS_WINDOWS ? '.\\tmp\\' : './tmp/';
if (is_writable($tmp_subdir)) {
$import_file_new = $tmp_subdir . basename($import_file);
示例8: getenv
if (!empty($_ENV) && isset($_ENV['DOCUMENT_ROOT'])) {
$DOCUMENT_ROOT = $_ENV['DOCUMENT_ROOT'];
} else {
if (@getenv('DOCUMENT_ROOT')) {
$DOCUMENT_ROOT = getenv('DOCUMENT_ROOT');
} else {
$DOCUMENT_ROOT = '.';
}
}
}
}
// end if
if (substr($cfg['UploadDir'], -1) != '/') {
$cfg['UploadDir'] .= '/';
}
$textfile = $DOCUMENT_ROOT . dirname($PHP_SELF) . '/' . preg_replace('@^./@s', '', $cfg['UploadDir']) . PMA_securePath($local_textfile);
if (file_exists($textfile)) {
$open_basedir = @ini_get('open_basedir');
// If we are on a server with open_basedir, we must move the file
// before opening it. The doc explains how to create the "./tmp"
// directory
if (!empty($open_basedir)) {
$tmp_subdir = PMA_IS_WINDOWS ? '.\\tmp\\' : './tmp/';
// function is_writeable() is valid on PHP3 and 4
if (!is_writeable($tmp_subdir)) {
echo $strWebServerUploadDirectoryError . ': ' . $tmp_subdir . '<br />';
exit;
} else {
$textfile_new = $tmp_subdir . basename($textfile);
move_uploaded_file($textfile, $textfile_new);
$textfile = $textfile_new;
示例9: PMA_readFile
$docsql_text = PMA_readFile($sql_file, $sql_file_compression);
}
// Convert the file's charset if necessary
if ($cfg['AllowAnywhereRecoding'] && $allow_recoding && isset($charset_of_file) && $charset_of_file != $charset) {
$docsql_text = PMA_convert_string($charset_of_file, $charset, $docsql_text);
}
if (!isset($docsql_text) || $docsql_text == FALSE || $docsql_text == '') {
echo '<p><font color="red">' . $GLOBALS['strFileCouldNotBeRead'] . '</font></p>' . "\n";
} else {
docsql_check('', $sql_file_name, $sql_file_name, $docsql_text);
}
}
// end uploaded file stuff
} else {
// echo '<h1>Starting Import</h1>';
$docpath = $cfg['docSQLDir'] . PMA_securePath($docpath);
if (substr($docpath, -1) != '/') {
$docpath .= '/';
}
$matched_files = 0;
if (is_dir($docpath)) {
// Do the work
$handle = opendir($docpath);
while ($file = @readdir($handle)) {
$filename = basename($file);
// echo '<p>Working on file ' . $filename . '</p>';
$matched_files += docsql_check($docpath, $file, $filename);
}
// end while
} else {
echo '<p><font color="red">' . $docpath . ': ' . $strThisNotDirectory . "</font></p>\n";
示例10: _processExportSchema
/**
* get all the export options and verify
* call and include the appropriate Schema Class depending on $export_type
*
* @return void
* @access private
*/
private function _processExportSchema()
{
/**
* Settings for relation stuff
*/
include_once './libraries/transformations.lib.php';
include_once './libraries/Index.class.php';
/**
* default is PDF, otherwise validate it's only letters a-z
*/
global $db, $export_type;
if (!isset($export_type) || !preg_match('/^[a-zA-Z]+$/', $export_type)) {
$export_type = 'pdf';
}
$GLOBALS['dbi']->selectDb($db);
$path = PMA_securePath(ucfirst($export_type));
$filename = 'libraries/schema/' . $path . '_Relation_Schema.class.php';
if (!file_exists($filename)) {
PMA_Export_Relation_Schema::dieSchema($_POST['chpage'], $export_type, __('File doesn\'t exist'));
}
$GLOBALS['skip_import'] = false;
include $filename;
if ($GLOBALS['skip_import']) {
PMA_Export_Relation_Schema::dieSchema($_POST['chpage'], $export_type, __('Plugin is disabled'));
}
$class_name = 'PMA_' . $path . '_Relation_Schema';
$obj_schema = new $class_name();
$obj_schema->showOutput();
}
示例11: PMA_generate_common_url
/**
* Defines the url to return to in case of error in a sql statement
*/
if (!isset($goto) || !preg_match('@^(db_details|tbl_properties)(_[a-z]*)?\\.php$@i', $goto)) {
$goto = 'db_details.php';
}
$err_url = $goto . '?' . PMA_generate_common_url($db) . (preg_match('@^tbl_properties(_[a-z]*)?\\.php$@', $goto) ? '&table=' . urlencode($table) : '');
/**
* Set up default values for some variables
*/
$view_bookmark = 0;
$sql_bookmark = isset($sql_bookmark) ? $sql_bookmark : '';
$sql_query = isset($sql_query) ? $sql_query : '';
if (!empty($sql_localfile) && !empty($cfg['UploadDir'])) {
// sanitize $sql_localfile as it comes from a POST
$sql_localfile = PMA_securePath($sql_localfile);
if (substr($cfg['UploadDir'], -1) != '/') {
$cfg['UploadDir'] .= '/';
}
$sql_file = $cfg['UploadDir'] . $sql_localfile;
} else {
if (empty($sql_file)) {
$sql_file = 'none';
}
}
/**
* Bookmark Support: get a query back from bookmark if required
*/
if (!empty($id_bookmark)) {
require_once './libraries/bookmark.lib.php';
switch ($action_bookmark) {
示例12: PMA_getRelationsParam
/**
* Gets some core libraries
*/
require_once './libraries/common.inc.php';
require './libraries/StorageEngine.class.php';
/**
* Include settings for relation stuff
* get all variables needed for exporting relational schema
* in $cfgRelation
*/
require_once './libraries/relation.lib.php';
$cfgRelation = PMA_getRelationsParam();
require_once './libraries/transformations.lib.php';
require_once './libraries/Index.class.php';
require_once "./libraries/schema/Export_Relation_Schema.class.php";
/**
* get all the export options and verify
* call and include the appropriate Schema Class depending on $export_type
* default is PDF
*/
global $db, $export_type;
if (!isset($export_type) || !preg_match('/^[a-zA-Z]+$/', $export_type)) {
$export_type = 'pdf';
}
PMA_DBI_select_db($db);
$path = PMA_securePath(ucfirst($export_type));
if (!file_exists('./libraries/schema/' . $path . '_Relation_Schema.class.php')) {
PMA_Export_Relation_Schema::dieSchema($_POST['chpage'], $export_type, __('File doesn\'t exist'));
}
require "./libraries/schema/" . $path . "_Relation_Schema.class.php";
$obj_schema = eval("new PMA_" . $path . "_Relation_Schema();");
示例13: testReplaceDots
/**
* Test for replacing dots.
*
* @return void
*/
public function testReplaceDots()
{
$this->assertEquals(PMA_securePath('../../../etc/passwd'), './././etc/passwd');
$this->assertEquals(PMA_securePath('/var/www/../phpmyadmin'), '/var/www/./phpmyadmin');
$this->assertEquals(PMA_securePath('./path/with..dots/../../file..php'), './path/with.dots/././file.php');
}
示例14: unset
$message .= $total_affected_rows . $last_message;
if (!empty($warning_message)) {
/**
* @todo use a <div class="warning"> in PMA_showMessage() for this part of
* the message
*/
$message .= '[br]' . $warning_message;
}
unset($warning_message, $total_affected_rows, $last_message);
if (isset($return_to_sql_query)) {
$disp_query = $GLOBALS['sql_query'];
$disp_message = $message;
unset($message);
$GLOBALS['sql_query'] = $return_to_sql_query;
}
// if user asked to "Insert another new row", we need tbl_change.js
// otherwise the calendar icon does not work
if ($goto_include == 'tbl_change.php') {
/**
* @todo if we really need to run many different js at header time,
* $js_to_run would become an array and header.inc.php would iterate
* thru it, instead of the bunch of if/elseif it does now
*/
$js_to_run = 'tbl_change.js';
} else {
$js_to_run = 'functions.js';
}
$active_page = $goto_include;
require_once './libraries/header.inc.php';
require './' . PMA_securePath($goto_include);
exit;
示例15: array
/**
* Sets globals from $_POST
*
* - Please keep the parameters in order of their appearance in the form
* - Some of these parameters are not used, as the code below directly
* verifies from the superglobal $_POST or $_REQUEST
*/
$post_params = array('db', 'table', 'single_table', 'export_type', 'export_method', 'quick_or_custom', 'db_select', 'table_select', 'table_structure', 'table_data', 'limit_to', 'limit_from', 'allrows', 'lock_tables', 'output_format', 'filename_template', 'maxsize', 'remember_template', 'charset', 'compression', 'as_separate_files', 'knjenc', 'xkana', 'htmlword_structure_or_data', 'htmlword_null', 'htmlword_columns', 'mediawiki_headers', 'mediawiki_structure_or_data', 'mediawiki_caption', 'pdf_structure_or_data', 'odt_structure_or_data', 'odt_relation', 'odt_comments', 'odt_mime', 'odt_columns', 'odt_null', 'codegen_structure_or_data', 'codegen_format', 'excel_null', 'excel_removeCRLF', 'excel_columns', 'excel_edition', 'excel_structure_or_data', 'yaml_structure_or_data', 'ods_null', 'ods_structure_or_data', 'ods_columns', 'json_structure_or_data', 'json_pretty_print', 'xml_structure_or_data', 'xml_export_events', 'xml_export_functions', 'xml_export_procedures', 'xml_export_tables', 'xml_export_triggers', 'xml_export_views', 'xml_export_contents', 'texytext_structure_or_data', 'texytext_columns', 'texytext_null', 'phparray_structure_or_data', 'sql_include_comments', 'sql_header_comment', 'sql_dates', 'sql_relation', 'sql_mime', 'sql_use_transaction', 'sql_disable_fk', 'sql_compatibility', 'sql_structure_or_data', 'sql_create_database', 'sql_drop_table', 'sql_procedure_function', 'sql_create_table_statements', 'sql_create_table', 'sql_create_view', 'sql_create_trigger', 'sql_if_not_exists', 'sql_auto_increment', 'sql_backquotes', 'sql_truncate', 'sql_delayed', 'sql_ignore', 'sql_type', 'sql_insert_syntax', 'sql_max_query_size', 'sql_hex_for_binary', 'sql_utc_time', 'sql_drop_database', 'sql_views_as_tables', 'sql_metadata', 'csv_separator', 'csv_enclosed', 'csv_escaped', 'csv_terminated', 'csv_null', 'csv_removeCRLF', 'csv_columns', 'csv_structure_or_data', 'latex_caption', 'latex_structure_or_data', 'latex_structure_caption', 'latex_structure_continued_caption', 'latex_structure_label', 'latex_relation', 'latex_comments', 'latex_mime', 'latex_columns', 'latex_data_caption', 'latex_data_continued_caption', 'latex_data_label', 'latex_null', 'aliases');
foreach ($post_params as $one_post_param) {
if (isset($_POST[$one_post_param])) {
$GLOBALS[$one_post_param] = $_POST[$one_post_param];
}
}
$table = $GLOBALS['table'];
// sanitize this parameter which will be used below in a file inclusion
$what = PMA_securePath($_POST['what']);
PMA_Util::checkParameters(array('what', 'export_type'));
// export class instance, not array of properties, as before
/* @var $export_plugin ExportPlugin */
$export_plugin = PMA_getPlugin("export", $what, 'libraries/plugins/export/', array('export_type' => $export_type, 'single_table' => isset($single_table)));
// Backward compatibility
$type = $what;
// Check export type
if (!isset($export_plugin)) {
PMA_fatalError(__('Bad type!'));
}
// Avoid warning from PHP Analyzer
if (is_null($export_plugin)) {
$export_plugin = new stdClass();
}
/**