[Phpmyadmin-git] [SCM] phpMyAdmin branch, master, updated. RELEASE_3_4_0BETA2-1525-g67e4994

The branch, master has been updated via 67e4994490749dbd065805b2f345176a3becf9e7 (commit) via 14ebfdbe8e191fc5adb255a4ef7c6ae87f8b5e12 (commit) from 82d6f8bfd827d58b043a3b7da85b1f82b544d91a (commit)

- Log ----------------------------------------------------------------- commit 67e4994490749dbd065805b2f345176a3becf9e7 Author: Michal Čihař mcihar@novell.com Date: Mon Jan 31 15:21:37 2011 +0100

Single place to handle redirection.

commit 14ebfdbe8e191fc5adb255a4ef7c6ae87f8b5e12 Author: Michal Čihař mcihar@novell.com Date: Mon Jan 31 15:10:07 2011 +0100

No need for authentication on url.php (bug#3168011).

-----------------------------------------------------------------------

Summary of changes: libraries/auth/cookie.auth.lib.php | 2 +- libraries/auth/swekey/swekey.auth.lib.php | 2 +- libraries/blobstreaming.lib.php | 2 +- libraries/common.lib.php | 10 +++++----- libraries/config/FormDisplay.class.php | 2 +- libraries/config/config_functions.lib.php | 4 +--- libraries/core.lib.php | 17 +++++++++++++++++ libraries/display_export.lib.php | 2 +- libraries/engines/pbms.lib.php | 6 +++--- libraries/engines/pbxt.lib.php | 6 +++--- libraries/sanitizing.lib.php | 2 +- main.php | 8 ++++---- themes.php | 2 +- url.php | 6 +++--- 14 files changed, 43 insertions(+), 28 deletions(-)

diff --git a/libraries/auth/cookie.auth.lib.php b/libraries/auth/cookie.auth.lib.php index 805f9b3..7e04819 100644 --- a/libraries/auth/cookie.auth.lib.php +++ b/libraries/auth/cookie.auth.lib.php @@ -192,7 +192,7 @@ if (top != self) { ?>

<div class="container"> -<a href="./url.php?url=http://www.phpmyadmin.net" target="_blank" class="logo"><?php +<a href="<?php echo PMA_linkURL('http://www.phpmyadmin.net/'); ?>" target="_blank" class="logo"><?php $logo_image = $GLOBALS['pmaThemeImage'] . 'logo_right.png'; if (@file_exists($logo_image)) { echo '<img src="' . $logo_image . '" id="imLogo" name="imLogo" alt="phpMyAdmin" border="0" />'; diff --git a/libraries/auth/swekey/swekey.auth.lib.php b/libraries/auth/swekey/swekey.auth.lib.php index 19b9163..d2ec1b1 100644 --- a/libraries/auth/swekey/swekey.auth.lib.php +++ b/libraries/auth/swekey/swekey.auth.lib.php @@ -231,7 +231,7 @@ function Swekey_login($input_name, $input_go) ?> function open_swekey_site() { - window.open("./url.php?url=http://phpmyadmin.net/auth_key"); + window.open("<?php echo PMA_linkURL('http://phpmyadmin.net/auth_key'); ?>"); }

var input_username = document.getElementById("<?php echo $input_name; ?>"); diff --git a/libraries/blobstreaming.lib.php b/libraries/blobstreaming.lib.php index 070c8f3..28b4ca6 100644 --- a/libraries/blobstreaming.lib.php +++ b/libraries/blobstreaming.lib.php @@ -497,7 +497,7 @@ function PMA_BS_getURL($reference) return FALSE; }

- $bs_url = './url.php?url=http://' . $bs_server . '/' . rtrim($reference); + $bs_url = PMA_linkURL('http://' . $bs_server . '/' . rtrim($reference)); return $bs_url; }

diff --git a/libraries/common.lib.php b/libraries/common.lib.php index cf9b7a5..32652de 100644 --- a/libraries/common.lib.php +++ b/libraries/common.lib.php @@ -419,13 +419,13 @@ function PMA_showMySQLDocu($chapter, $link, $big_icon = false, $anchor = '', $ju }

if ($just_open) { - return '<a href="./url.php?url=' . $url . '" target="mysql_doc">'; + return '<a href="' . PMA_linkURL($url) . '" target="mysql_doc">'; } elseif ($big_icon) { - return '<a href="./url.php?url=' . $url . '" target="mysql_doc"><img class="icon" src="' . $GLOBALS['pmaThemeImage'] . 'b_sqlhelp.png" width="16" height="16" alt="' . __('Documentation') . '" title="' . __('Documentation') . '" /></a>'; + return '<a href="' . PMA_linkURL($url) . '" target="mysql_doc"><img class="icon" src="' . $GLOBALS['pmaThemeImage'] . 'b_sqlhelp.png" width="16" height="16" alt="' . __('Documentation') . '" title="' . __('Documentation') . '" /></a>'; } elseif ($GLOBALS['cfg']['ReplaceHelpImg']) { - return '<a href="./url.php?url=' . $url . '" target="mysql_doc"><img class="icon" src="' . $GLOBALS['pmaThemeImage'] . 'b_help.png" width="11" height="11" alt="' . __('Documentation') . '" title="' . __('Documentation') . '" /></a>'; + return '<a href="' . PMA_linkURL($url) . '" target="mysql_doc"><img class="icon" src="' . $GLOBALS['pmaThemeImage'] . 'b_help.png" width="11" height="11" alt="' . __('Documentation') . '" title="' . __('Documentation') . '" /></a>'; } else { - return '[<a href="./url.php?url=' . $url . '" target="mysql_doc">' . __('Documentation') . '</a>]'; + return '[<a href="' . PMA_linkURL($url) . '" target="mysql_doc">' . __('Documentation') . '</a>]'; } } // end of the 'PMA_showMySQLDocu()' function

@@ -2425,7 +2425,7 @@ function PMA_getDbLink($database = null) function PMA_externalBug($functionality, $component, $minimum_version, $bugref) { if ($component == 'mysql' && PMA_MYSQL_INT_VERSION < $minimum_version) { - echo PMA_showHint(sprintf(__('The %s functionality is affected by a known bug, see %s'), $functionality, './url.php?url=http://bugs.mysql.com/' . $bugref)); + echo PMA_showHint(sprintf(__('The %s functionality is affected by a known bug, see %s'), $functionality, PMA_linkURL('http://bugs.mysql.com/') . $bugref)); } }

diff --git a/libraries/config/FormDisplay.class.php b/libraries/config/FormDisplay.class.php index b07ac3a..41c421f 100644 --- a/libraries/config/FormDisplay.class.php +++ b/libraries/config/FormDisplay.class.php @@ -681,7 +681,7 @@ class FormDisplay if ($test == 'Export') { $opt_name = substr($opt_name, 7); } - return './url.php?url=http://wiki.phpmyadmin.net/pma/Config#' . $opt_name; + return PMA_linkURL('http://wiki.phpmyadmin.net/pma/Config#' . $opt_name); }

/** diff --git a/libraries/config/config_functions.lib.php b/libraries/config/config_functions.lib.php index 0d26cb5..8aac9ef 100644 --- a/libraries/config/config_functions.lib.php +++ b/libraries/config/config_functions.lib.php @@ -93,10 +93,8 @@ function PMA_lang_link_replace($link, $text)

if (!preg_match('#^https?://#', $link)) { $link = str_replace('&amp;', $separator, $link); - } elseif (defined('PMA_SETUP')) { - $link = '../url.php?url=' . $link; } else { - $link = './url.php?url=' . $link; + $link = PMA_linkURL($link); }

return '<a href="' . $link . '">' . $text . '</a>'; diff --git a/libraries/core.lib.php b/libraries/core.lib.php index 54da58c..a3d80f5 100644 --- a/libraries/core.lib.php +++ b/libraries/core.lib.php @@ -656,4 +656,21 @@ function PMA_array_remove($path, &$array) } } } + +/** + * Returns link to (possibly) external site using defined redirector. + * + * @param string $url URL where to go. + * + * @return string URL for a link. + */ +function PMA_linkURL($url) { + if (!preg_match('#^https?://#', $url)) { + return $url; + } elseif (defined('PMA_SETUP')) { + return '../url.php?url=' . $url; + } else { + return './url.php?url=' . $url; + } +} ?> diff --git a/libraries/display_export.lib.php b/libraries/display_export.lib.php index fc2065f..ac223dc 100644 --- a/libraries/display_export.lib.php +++ b/libraries/display_export.lib.php @@ -235,7 +235,7 @@ if(isset($_GET['sql_query'])) { }

$message = new PMA_Message(__('This value is interpreted using %1$sstrftime%2$s, so you can use time formatting strings. Additionally the following transformations will happen: %3$s. Other text will be kept as is. See the %4$sFAQ%5$s for details.')); - $message->addParam('<a href="./url.php?url=http://php.net/strftime" target="documentation" title="' + $message->addParam('<a href="' . PMA_linkURL('http://php.net/strftime') . '" target="documentation" title="' . __('Documentation') . '">', false); $message->addParam('</a>', false); $message->addParam($trans); diff --git a/libraries/engines/pbms.lib.php b/libraries/engines/pbms.lib.php index 4065bf3..5f9b175 100644 --- a/libraries/engines/pbms.lib.php +++ b/libraries/engines/pbms.lib.php @@ -91,15 +91,15 @@ class PMA_StorageEngine_pbms extends PMA_StorageEngine function getPageDocumentation() { $output = '<p> Documentation and further information about PBMS can be found on ' . "\n" - . '<a href="./url.php?url=http://www.blobstreaming.org/" target="_blank">The PrimeBase Media Streaming home page</a>.<br><br>' . "\n" + . '<a href="' . PMA_linkURL('http://www.blobstreaming.org/') . '" target="_blank">The PrimeBase Media Streaming home page</a>.<br><br>' . "\n" . '<table id="PBMS_Related_Links" >' . "\n" . '<tr>' . "\n" . '<td>' . "\n" . '<p>' . "\n" . '<strong><font size="2"><b>Related Links</b></font></strong>' . "\n" . '<br>' . "\n" - . '<a href="./url.php?url=http://bpbdev.blogspot.com/" target="_blank">The PrimeBase Media Streaming Blog by Barry Leslie</a><br><br>' . "\n" - . '<a href="./url.php?url=http://www.primebase.com/xt" target="_blank">PrimeBase XT Home Page</a><br><br>' . "\n" + . '<a href="' . PMA_linkURL('http://bpbdev.blogspot.com/') . '" target="_blank">The PrimeBase Media Streaming Blog by Barry Leslie</a><br><br>' . "\n" + . '<a href="' . PMA_linkURL('http://www.primebase.com/xt') . '" target="_blank">PrimeBase XT Home Page</a><br><br>' . "\n" . '</font>' . "\n" . '</td>' . "\n" . '</tr>' . "\n" diff --git a/libraries/engines/pbxt.lib.php b/libraries/engines/pbxt.lib.php index 66da56a..eb0dad3 100644 --- a/libraries/engines/pbxt.lib.php +++ b/libraries/engines/pbxt.lib.php @@ -122,15 +122,15 @@ class PMA_StorageEngine_pbxt extends PMA_StorageEngine function getPageDocumentation() { $output = '<p> Documentation and further information about PBXT can be found on the ' . "\n" - . '<a href="./url.php?url=http://www.primebase.com/xt/" target="_blank">PrimeBase XT Home Page</a>.<br><br>' . "\n" + . '<a href="' . PMA_linkURL('http://www.primebase.com/xt/') . '" target="_blank">PrimeBase XT Home Page</a>.<br><br>' . "\n" . '<table id="PBMS_Related_Links" >' . "\n" . '<tr>' . "\n" . '<td>' . "\n" . '<p>' . "\n" . '<strong><font size="2"><b>Related Links</b></font></strong>' . "\n" . '<br>' . "\n" - . '<a href="./url.php?url=http://pbxt.blogspot.com/" target="_blank">The PrimeBase XT Blog by Paul McCullagh</a><br><br>' . "\n" - . '<a href="./url.php?url=http://www.blobstreaming.org/" target="_blank">The PrimeBase Media Streaming (PBMS) home page</a>.<br><br>' . "\n" + . '<a href="' . PMA_linkURL('http://pbxt.blogspot.com/') . '" target="_blank">The PrimeBase XT Blog by Paul McCullagh</a><br><br>' . "\n" + . '<a href="' . PMA_linkURL('http://www.blobstreaming.org/') . '" target="_blank">The PrimeBase Media Streaming (PBMS) home page</a>.<br><br>' . "\n" . '</font>' . "\n" . '</td>' . "\n" . '</tr>' . "\n" diff --git a/libraries/sanitizing.lib.php b/libraries/sanitizing.lib.php index adb8df2..a362ebd 100644 --- a/libraries/sanitizing.lib.php +++ b/libraries/sanitizing.lib.php @@ -74,7 +74,7 @@ function PMA_sanitize($message, $escape = false, $safe = false) }

if (substr($found[1], 0, 4) == 'http') { - $message = preg_replace($pattern, '<a href="./url.php?url=\1" target="\2">', $message); + $message = preg_replace($pattern, '<a href="' . PMA_linkURL($found[1]) . '" target="\2">', $message); } else { $message = preg_replace($pattern, '<a href="\1" target="\2">', $message); } diff --git a/main.php b/main.php index 3d03234..1361391 100644 --- a/main.php +++ b/main.php @@ -210,16 +210,16 @@ echo '<h2>phpMyAdmin</h2>'; echo '<ul>'; PMA_printListItem(__('Version information') . ': ' . PMA_VERSION, 'li_pma_version'); PMA_printListItem(__('Documentation'), 'li_pma_docs', 'Documentation.html', null, '_blank'); -PMA_printListItem(__('Wiki'), 'li_pma_wiki', './url.php?url=http://wiki.phpmyadmin.net', null, '_blank'); +PMA_printListItem(__('Wiki'), 'li_pma_wiki', PMA_linkURL('http://wiki.phpmyadmin.net/'), null, '_blank');

// does not work if no target specified, don't know why -PMA_printListItem(__('Official Homepage'), 'li_pma_homepage', './url.php?url=http://www.phpMyAdmin.net/', null, '_blank'); +PMA_printListItem(__('Official Homepage'), 'li_pma_homepage', PMA_linkURL('http://www.phpMyAdmin.net/'), null, '_blank'); ?> <li><bdo xml:lang="en" dir="ltr"> [<a href="changelog.php" target="_blank">ChangeLog</a>] - [<a href="./url.php?url=http://phpmyadmin.git.sourceforge.net/git/gitweb-index.cgi" + [<a href="<?php echo PMA_linkURL('http://phpmyadmin.git.sourceforge.net/git/gitweb-index.cgi'); ?>" target="_blank">Git</a>] - [<a href="./url.php?url=http://sourceforge.net/mail/?group_id=23067" + [<a href="<?php echo PMA_linkURL('http://sourceforge.net/mail/?group_id=23067'); ?>" target="_blank"><?php echo __('Mailing lists'); ?></a>] </bdo> </li> diff --git a/themes.php b/themes.php index e4ad9f6..b4030c8 100644 --- a/themes.php +++ b/themes.php @@ -38,7 +38,7 @@ function takeThis(what){

<body id="bodythemes"> <h1>phpMyAdmin - <?php echo __('Theme / Style'); ?></h1> -<p><a href="./url.php?url=http://www.phpmyadmin.net/home_page/themes.php#pma_<?php echo preg_replace('/([0-9]*)\.([0-9]*)\..*/', '\1_\2', PMA_VERSION); ?>"><?php echo __('Get more themes!'); ?></a></p> +<p><a href="<?php echo PMA_linkURL('http://www.phpmyadmin.net/home_page/themes.php'); ?>#pma_<?php echo preg_replace('/([0-9]*)\.([0-9]*)\..*/', '\1_\2', PMA_VERSION); ?>"><?php echo __('Get more themes!'); ?></a></p> <?php $_SESSION['PMA_Theme_Manager']->printPreviews(); ?> diff --git a/url.php b/url.php index a9d0f58..ec0ab39 100644 --- a/url.php +++ b/url.php @@ -3,14 +3,14 @@ * URL redirector to avoid leaking Referer with some sensitive information. */

+define('PMA_MINIMUM_COMMON', TRUE); + /** * Gets core libraries and defines some variables */ require_once './libraries/common.inc.php';

-PMA_checkParameters(array('url')); - -if (! preg_match('/^https?://[^\n\r]*$/', $GLOBALS['url'])) { +if (empty($GLOBALS['url']) || ! preg_match('/^https?://[^\n\r]*$/', $GLOBALS['url'])) { header('Location: ' . $cfg['PmaAbsoluteUri']); } else { header('Location: ' . $GLOBALS['url']);

hooks/post-receive