if (isset($_POST["server"])) {
$_SESSION["username"] = $_POST["username"];
$_SESSION["password"] = $_POST["password"];
- header("Location: " . ($_GET["server"] == $_POST["server"] ? $_SERVER["REQUEST_URI"] : preg_replace('~^[^?]*/([^?]*).*~', '\\1' . (strlen($_POST["server"]) ? '?server=' . urlencode($_POST["server"]) : '') . (SID ? (strlen($_POST["server"]) ? "&" : "?") . SID : ""), $_SERVER["REQUEST_URI"])));
+ header("Location: " . ((string) $_GET["server"] === $_POST["server"] ? preg_replace('~(\\?)logout=&|[?&]logout=~', '\\1', $_SERVER["REQUEST_URI"]) : preg_replace('~^[^?]*/([^?]*).*~', '\\1' . (strlen($_POST["server"]) ? '?server=' . urlencode($_POST["server"]) : '') . (SID ? (strlen($_POST["server"]) ? "&" : "?") . SID : ""), $_SERVER["REQUEST_URI"])));
exit;
+} elseif (isset($_GET["logout"])) {
+ unset($_SESSION["username"]);
+ unset($_SESSION["password"]);
}
-if (!@mysql_connect($_GET["server"], $_SESSION["username"], $_SESSION["password"])) {
+if (isset($_GET["logout"]) || !@mysql_connect($_GET["server"], $_SESSION["username"], $_SESSION["password"])) {
page_header(lang('Login'), "auth");
?>
<h1><?php echo lang('phpMinAdmin'); ?></h1>
<?php
- if (isset($_GET["server"])) {
+ if (isset($_GET["logout"])) {
+ echo "<p class='message'>" . lang('Logout successful.') . "</p>\n";
+ } elseif (isset($_GET["server"])) {
echo "<p class='error'>" . lang('Invalid credentials.') . "</p>\n";
}
?>
<p>
<a href="<?php echo htmlspecialchars($SELF); ?>sql="><?php echo lang('SQL command'); ?></a>
<a href="<?php echo htmlspecialchars($SELF); ?>dump="><?php echo lang('Dump'); ?></a>
+<a href="<?php echo htmlspecialchars($SELF); ?>logout="><?php echo lang('Logout'); ?></a>
</p>
<form action="" method="get">
<p><select name="db" onchange="this.form.submit();"><option value="">(<?php echo lang('database'); ?>)</option>
<?php
- //! logout, create database
+ //! create database
$result = mysql_query("SHOW DATABASES");
while ($row = mysql_fetch_row($result)) {
echo "<option" . ($row[0] == $_GET["db"] ? " selected='selected'" : "") . ">" . htmlspecialchars($row[0]) . "</option>\n";
} else {
echo "<p>\n";
while ($row = mysql_fetch_row($result)) {
- echo '<a href="' . htmlspecialchars($SELF) . 'select=' . urlencode($row[0]) . '">' . lang('select') . '</a> '; //! inline image through style
+ echo '<a href="' . htmlspecialchars($SELF) . 'select=' . urlencode($row[0]) . '">' . lang('select') . '</a> ';
echo '<a href="' . htmlspecialchars($SELF) . 'table=' . urlencode($row[0]) . '">' . htmlspecialchars($row[0]) . "</a><br />\n"; //! views
}
echo "</p>\n";
}
}
if (mysql_query($query)) {
- $_SESSION["message"] = $message; //! warnings
+ $_SESSION["message"] = $message;
header("Location: " . $SELF . "select=" . urlencode($_GET["edit"]) . (SID ? "&" . SID : ""));
exit;
}
include "./view.inc.php";
} else {
page_header(htmlspecialchars($_GET["db"]));
+ //! alter and drop database
$result = mysql_query("SELECT * FROM information_schema.ROUTINES WHERE ROUTINE_SCHEMA = '" . mysql_real_escape_string($_GET["db"]) . "'");
if (mysql_num_rows($result)) {
echo "<h2>" . lang('Routines') . "</h2>\n";
echo "<th>" . htmlspecialchars($row["ROUTINE_NAME"]) . "</th>"; //! parameters from SHOW CREATE {PROCEDURE|FUNCTION}
echo "<td>" . nl2br(htmlspecialchars($row["ROUTINE_DEFINITION"])) . "</td>";
echo "</tr>\n";
- //! drop
+ //! call, drop, replace
}
echo "</table>\n";
}
projects / adminer.git / commitdiff