The branch, master has been updated via e479f1c8431eb3a1b138d7812a1ab0f6d1020188 (commit) via fb1c4bd9ee35e3b873bf0cb28a11ca860a09384e (commit) via 38e8365e5d502120534b8fa60a22d210eb8b1760 (commit) via 1b45290d5551a5619dcd1e29cd8956e30aeb690f (commit) via 4b5ae952dd6486735ed066b69e22962af72f80c2 (commit) via 17f4b82821695fba5317cb98dc86a692ccc11015 (commit) via d2df35108eb6fb98199cde72b4b9fbf00f9e1fa9 (commit) from 61335cdc2ed5839ac2914c83c9508cd9e4a6e5ee (commit)
- Log ----------------------------------------------------------------- commit e479f1c8431eb3a1b138d7812a1ab0f6d1020188 Author: Michal Čihař michal@cihar.com Date: Fri Aug 19 10:47:45 2011 +0200
Add test for js escaping
commit fb1c4bd9ee35e3b873bf0cb28a11ca860a09384e Author: Michal Čihař michal@cihar.com Date: Fri Aug 19 10:43:08 2011 +0200
Handle more types in js variable formatting
commit 38e8365e5d502120534b8fa60a22d210eb8b1760 Author: Michal Čihař michal@cihar.com Date: Fri Aug 19 10:39:45 2011 +0200
Use PMA_AddJSVar
commit 1b45290d5551a5619dcd1e29cd8956e30aeb690f Author: Michal Čihař michal@cihar.com Date: Fri Aug 19 10:38:51 2011 +0200
Use PMA_AddJSVar
commit 4b5ae952dd6486735ed066b69e22962af72f80c2 Author: Michal Čihař michal@cihar.com Date: Fri Aug 19 10:36:22 2011 +0200
Function for setting variable
commit 17f4b82821695fba5317cb98dc86a692ccc11015 Author: Michal Čihař michal@cihar.com Date: Fri Aug 19 10:35:00 2011 +0200
Factor out code escaping from echo
commit d2df35108eb6fb98199cde72b4b9fbf00f9e1fa9 Author: Michal Čihař michal@cihar.com Date: Fri Aug 19 10:33:13 2011 +0200
Wrap some long lines
-----------------------------------------------------------------------
Summary of changes: libraries/core.lib.php | 18 +++++++++++- libraries/js_escape.lib.php | 52 ++++++++++++++++++++++++++++++++----- server_status.php | 28 ++++++++++++-------- server_variables.php | 8 +++--- test/libraries/js_escape_test.php | 37 ++++++++++++++++++++++++++ 5 files changed, 119 insertions(+), 24 deletions(-) create mode 100644 test/libraries/js_escape_test.php
diff --git a/libraries/core.lib.php b/libraries/core.lib.php index dcc5208..a277f29 100644 --- a/libraries/core.lib.php +++ b/libraries/core.lib.php @@ -708,13 +708,27 @@ function PMA_includeJS($url) }
/** - * Adds JS code snippets to be displayed by header.inc.php. Adds a newline to each snippet. + * Adds JS code snippets to be displayed by header.inc.php. Adds a + * newline to each snippet. * * @param string $str Js code to be added (e.g. "token=1234;") * */ -function PMA_AddJSCode($str) { +function PMA_AddJSCode($str) +{ $GLOBALS['js_script'][] = $str; }
+/** + * Adds JS code snippet for variable assignment to be displayed by header.inc.php. + * + * @param string $key Name of value to set + * @param mixed $value Value to set, can be either string or array of strings + * + */ +function PMA_AddJSVar($key, $value) +{ + PMA_AddJsCode(PMA_getJsValue($key, $value)); +} + ?> diff --git a/libraries/js_escape.lib.php b/libraries/js_escape.lib.php index 656794f..85b62e1 100644 --- a/libraries/js_escape.lib.php +++ b/libraries/js_escape.lib.php @@ -57,24 +57,62 @@ function PMA_escapeJsString($string) }
/** - * Prints an javascript assignment with proper escaping of a value + * Formats a value for javascript code. + * + * @param string $value String to be formatted. + * + * @retrun string formatted value. + */ +function PMA_formatJsVal($value) +{ + if (is_bool($value)) { + if ($value) { + return 'true'; + } else { + return 'false'; + } else if (is_int($value)) { + return int($value); + } else { + return '"' . PMA_escapeJsString($value) . '"'; + } +} + +/** + * Formats an javascript assignment with proper escaping of a value * and support for assigning array of strings. * * @param string $key Name of value to set * @param mixed $value Value to set, can be either string or array of strings + * + * @return string Javascript code. */ -function PMA_printJsValue($key, $value) +function PMA_getJsValue($key, $value) { - echo $key . ' = '; + $result = $key . ' = '; if (is_array($value)) { - echo '['; + $result .= '['; foreach ($value as $id => $val) { - echo "'" . PMA_escapeJsString($val) . "',"; + $result .= PMA_formatJsVal($value) . ","; } - echo "];\n"; + $result .= "];\n"; } else { - echo "'" . PMA_escapeJsString($value) . "';\n"; + $result .= PMA_formatJsVal($value) . ";\n"; } + return $result; +} + +/** + * Prints an javascript assignment with proper escaping of a value + * and support for assigning array of strings. + * + * @param string $key Name of value to set + * @param mixed $value Value to set, can be either string or array of strings + * + * @return nothing + */ +function PMA_printJsValue($key, $value) +{ + echo PMA_getJsValue($key, $value); }
?> diff --git a/server_status.php b/server_status.php index 7c2f30a..30c3c5a 100644 --- a/server_status.php +++ b/server_status.php @@ -620,7 +620,8 @@ $links['innodb']['doc'] = 'innodb'; // Variable to contain all com_ variables $used_queries = array();
-// Variable to map variable names to their respective section name (used for js category filtering) +// Variable to map variable names to their respective section name +// (used for js category filtering) $allocationMap = array();
// sort vars into arrays @@ -637,10 +638,15 @@ foreach ($server_status as $name => $value) { }
if(PMA_DRIZZLE) { - $used_queries = PMA_DBI_fetch_result('SELECT * FROM data_dictionary.global_statements', 0, 1); + $used_queries = PMA_DBI_fetch_result( + 'SELECT * FROM data_dictionary.global_statements', + 0, + 1 + ); unset($used_queries['admin_commands']); } else { - // admin commands are not queries (e.g. they include COM_PING, which is excluded from $server_status['Questions']) + // admin commands are not queries (e.g. they include COM_PING, + // which is excluded from $server_status['Questions']) unset($used_queries['Com_admin_commands']); }
@@ -667,14 +673,14 @@ $server_db_isLocal = strtolower($cfg['Server']['host']) == 'localhost' || $cfg['Server']['host'] == '127.0.0.1' || $cfg['Server']['host'] == '::1';
-PMA_AddJSCode('pma_token = '' . $_SESSION[' PMA_token '] . "';\n" . - 'url_query = '' . str_replace('&', '&', PMA_generate_common_url($db)) . "';\n" . - 'server_time_diff = new Date().getTime() - ' . (microtime(true) * 1000) . ";\n" . - 'server_os = '' . PHP_OS . "';\n" . - 'is_superuser = ' . (PMA_isSuperuser() ? 'true' : 'false') . ";\n" . - 'server_db_isLocal = ' . ($server_db_isLocal ? 'true' : 'false') . ";\n" . - 'profiling_docu = '' . PMA_showMySQLDocu('general-thread-states', 'general-thread-states') . "';\n" . - 'explain_docu = '' . PMA_showMySQLDocu('explain-output', 'explain-output') . ";'\n"); +PMA_AddJSVar('pma_token', $_SESSION[' PMA_token ']); +PMA_AddJSVar('url_query', str_replace('&', '&', PMA_generate_common_url($db))); +PMA_AddJSVar('server_time_diff', 'new Date().getTime() - ' . (microtime(true) * 1000)); +PMA_AddJSVar('server_os', PHP_OS); +PMA_AddJSVar('is_superuser', PMA_isSuperuser() ? true : false); +PMA_AddJSVar('server_db_isLocal', $server_db_isLocal ? true : false); +PMA_AddJSVar('profiling_docu', PMA_showMySQLDocu('general-thread-states', 'general-thread-states')); +PMA_AddJSVar('explain_docu', PMA_showMySQLDocu('explain-output', 'explain-output'));
/** * start output diff --git a/server_variables.php b/server_variables.php index 4c2086a..af47f1f 100644 --- a/server_variables.php +++ b/server_variables.php @@ -16,9 +16,9 @@ require_once './libraries/common.inc.php';
$GLOBALS['js_include'][] = 'server_variables.js';
-PMA_AddJSCode('pma_token = '' . $_SESSION[' PMA_token '] . "';\n" . - 'is_superuser = ' . (PMA_isSuperuser() ? 'true' : 'false') . ";\n" . - 'url_query = '' . str_replace('&', '&', PMA_generate_common_url($db)) . "';\n"); +PMA_AddJSVar('pma_token', $_SESSION[' PMA_token ']); +PMA_AddJSVar('url_query', str_replace('&', '&', PMA_generate_common_url($db))); +PMA_AddJSVar('is_superuser', PMA_isSuperuser() ? true : false);
/** @@ -179,4 +179,4 @@ function formatVariable($name,$value) */ require './libraries/footer.inc.php';
-?> \ No newline at end of file +?> diff --git a/test/libraries/js_escape_test.php b/test/libraries/js_escape_test.php new file mode 100644 index 0000000..d29fcff --- /dev/null +++ b/test/libraries/js_escape_test.php @@ -0,0 +1,37 @@ +<?php +/* vim: set expandtab sw=4 ts=4 sts=4: */ +/** + * tests for JS variable formatting + * + * @package phpMyAdmin-test + */ + +/* + * Include to test. + */ +require_once 'libraries/js_escape.lib.php'; + +class PMA_File_test extends PHPUnit_Framework_TestCase +{ + /** + * @dataProvider variables + */ + public function testFormat($key, $value, $expected) + { + $arr = new PMA_File($file); + $this->assertEquals($expected, PMA_getJsValue($key, $value)); + } + + public function variables() { + return array( + array('foo', true, "foo = true;\n"), + array('foo', false, "foo = false;\n"), + array('foo', 100, "foo = 100;\n"), + array('foo', 0, "foo = 0;\n"), + array('foo', 'text', "foo = \"text\";\n"), + array('foo', 'quote"', "foo = \"quote\\\"\";\n"), + array('foo', 'apostroph\'', "foo = \"apostroph\\'\";\n"), + ); + } +} +?>
hooks/post-receive