"Fossies" - the Fresh Open Source Software Archive

Member "phpMyAdmin-5.1.0-all-languages/libraries/classes/Url.php" (24 Feb 2021, 8961 Bytes) of package /linux/www/phpMyAdmin-5.1.0-all-languages.zip:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) PHP source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. See also the last Fossies "Diffs" side-by-side code changes report for "Url.php": 5.0.4-english_vs_5.1.0-english.

    1 <?php
    2 /**
    3  * Static methods for URL/hidden inputs generating
    4  */
    5 
    6 declare(strict_types=1);
    7 
    8 namespace PhpMyAdmin;
    9 
   10 use function htmlentities;
   11 use function htmlspecialchars;
   12 use function http_build_query;
   13 use function ini_get;
   14 use function is_array;
   15 use function mb_strpos;
   16 use function strlen;
   17 
   18 /**
   19  * Static methods for URL/hidden inputs generating
   20  */
   21 class Url
   22 {
   23     /**
   24      * Generates text with hidden inputs.
   25      *
   26      * @see Url::getCommon()
   27      *
   28      * @param string|array $db     optional database name
   29      *                             (can also be an array of parameters)
   30      * @param string       $table  optional table name
   31      * @param int          $indent indenting level
   32      * @param string|array $skip   do not generate a hidden field for this parameter
   33      *                             (can be an array of strings)
   34      *
   35      * @return string   string with input fields
   36      *
   37      * @access public
   38      */
   39     public static function getHiddenInputs(
   40         $db = '',
   41         $table = '',
   42         $indent = 0,
   43         $skip = []
   44     ) {
   45         global $PMA_Config;
   46 
   47         if (is_array($db)) {
   48             $params  =& $db;
   49         } else {
   50             $params = [];
   51             if (strlen((string) $db) > 0) {
   52                 $params['db'] = $db;
   53             }
   54             if (strlen((string) $table) > 0) {
   55                 $params['table'] = $table;
   56             }
   57         }
   58 
   59         if (! empty($GLOBALS['server'])
   60             && $GLOBALS['server'] != $GLOBALS['cfg']['ServerDefault']
   61         ) {
   62             $params['server'] = $GLOBALS['server'];
   63         }
   64         if (empty($PMA_Config->getCookie('pma_lang')) && ! empty($GLOBALS['lang'])) {
   65             $params['lang'] = $GLOBALS['lang'];
   66         }
   67 
   68         if (! is_array($skip)) {
   69             if (isset($params[$skip])) {
   70                 unset($params[$skip]);
   71             }
   72         } else {
   73             foreach ($skip as $skipping) {
   74                 if (! isset($params[$skipping])) {
   75                     continue;
   76                 }
   77 
   78                 unset($params[$skipping]);
   79             }
   80         }
   81 
   82         return self::getHiddenFields($params);
   83     }
   84 
   85     /**
   86      * create hidden form fields from array with name => value
   87      *
   88      * <code>
   89      * $values = array(
   90      *     'aaa' => aaa,
   91      *     'bbb' => array(
   92      *          'bbb_0',
   93      *          'bbb_1',
   94      *     ),
   95      *     'ccc' => array(
   96      *          'a' => 'ccc_a',
   97      *          'b' => 'ccc_b',
   98      *     ),
   99      * );
  100      * echo Url::getHiddenFields($values);
  101      *
  102      * // produces:
  103      * <input type="hidden" name="aaa" Value="aaa">
  104      * <input type="hidden" name="bbb[0]" Value="bbb_0">
  105      * <input type="hidden" name="bbb[1]" Value="bbb_1">
  106      * <input type="hidden" name="ccc[a]" Value="ccc_a">
  107      * <input type="hidden" name="ccc[b]" Value="ccc_b">
  108      * </code>
  109      *
  110      * @param array  $values   hidden values
  111      * @param string $pre      prefix
  112      * @param bool   $is_token if token already added in hidden input field
  113      *
  114      * @return string form fields of type hidden
  115      */
  116     public static function getHiddenFields(array $values, $pre = '', $is_token = false)
  117     {
  118         $fields = '';
  119 
  120         /* Always include token in plain forms */
  121         if ($is_token === false) {
  122             $values['token'] = $_SESSION[' PMA_token '];
  123         }
  124 
  125         foreach ($values as $name => $value) {
  126             if (! empty($pre)) {
  127                 $name = $pre . '[' . $name . ']';
  128             }
  129 
  130             if (is_array($value)) {
  131                 $fields .= self::getHiddenFields($value, $name, true);
  132             } else {
  133                 // do not generate an ending "\n" because
  134                 // Url::getHiddenInputs() is sometimes called
  135                 // from a JS document.write()
  136                 $fields .= '<input type="hidden" name="' . htmlspecialchars((string) $name)
  137                     . '" value="' . htmlspecialchars((string) $value) . '">';
  138             }
  139         }
  140 
  141         return $fields;
  142     }
  143 
  144     /**
  145      * Generates text with URL parameters.
  146      *
  147      * <code>
  148      * $params['myparam'] = 'myvalue';
  149      * $params['db']      = 'mysql';
  150      * $params['table']   = 'rights';
  151      * // note the missing ?
  152      * echo 'script.php' . Url::getCommon($params);
  153      * // produces with cookies enabled:
  154      * // script.php?myparam=myvalue&amp;db=mysql&amp;table=rights
  155      * // with cookies disabled:
  156      * // script.php?server=1&amp;lang=en&amp;myparam=myvalue&amp;db=mysql
  157      * // &amp;table=rights
  158      *
  159      * // note the missing ?
  160      * echo 'script.php' . Url::getCommon();
  161      * // produces with cookies enabled:
  162      * // script.php
  163      * // with cookies disabled:
  164      * // script.php?server=1&amp;lang=en
  165      * </code>
  166      *
  167      * @param mixed  $params  optional, Contains an associative array with url params
  168      * @param string $divider optional character to use instead of '?'
  169      *
  170      * @return string   string with URL parameters
  171      *
  172      * @access public
  173      */
  174     public static function getCommon($params = [], $divider = '?')
  175     {
  176         return htmlspecialchars(
  177             self::getCommonRaw($params, $divider)
  178         );
  179     }
  180 
  181     /**
  182      * Generates text with URL parameters.
  183      *
  184      * <code>
  185      * $params['myparam'] = 'myvalue';
  186      * $params['db']      = 'mysql';
  187      * $params['table']   = 'rights';
  188      * // note the missing ?
  189      * echo 'script.php' . Url::getCommon($params);
  190      * // produces with cookies enabled:
  191      * // script.php?myparam=myvalue&amp;db=mysql&amp;table=rights
  192      * // with cookies disabled:
  193      * // script.php?server=1&amp;lang=en&amp;myparam=myvalue&amp;db=mysql
  194      * // &amp;table=rights
  195      *
  196      * // note the missing ?
  197      * echo 'script.php' . Url::getCommon();
  198      * // produces with cookies enabled:
  199      * // script.php
  200      * // with cookies disabled:
  201      * // script.php?server=1&amp;lang=en
  202      * </code>
  203      *
  204      * @param mixed  $params  optional, Contains an associative array with url params
  205      * @param string $divider optional character to use instead of '?'
  206      *
  207      * @return string   string with URL parameters
  208      *
  209      * @access public
  210      */
  211     public static function getCommonRaw($params = [], $divider = '?')
  212     {
  213         global $PMA_Config;
  214 
  215         $separator = self::getArgSeparator();
  216 
  217         // avoid overwriting when creating navigation panel links to servers
  218         if (isset($GLOBALS['server'])
  219             && $GLOBALS['server'] != $GLOBALS['cfg']['ServerDefault']
  220             && ! isset($params['server'])
  221             && ! $PMA_Config->get('is_setup')
  222         ) {
  223             $params['server'] = $GLOBALS['server'];
  224         }
  225 
  226         // Can be null when the user is missing an extension.
  227         // See: Core::checkExtensions()
  228         if ($PMA_Config !== null && empty($PMA_Config->getCookie('pma_lang')) && ! empty($GLOBALS['lang'])) {
  229             $params['lang'] = $GLOBALS['lang'];
  230         }
  231 
  232         $query = http_build_query($params, '', $separator);
  233 
  234         if (($divider !== '?' && $divider !== '&') || strlen($query) > 0) {
  235             return $divider . $query;
  236         }
  237 
  238         return '';
  239     }
  240 
  241     /**
  242      * Returns url separator
  243      *
  244      * extracted from arg_separator.input as set in php.ini
  245      * we do not use arg_separator.output to avoid problems with &amp; and &
  246      *
  247      * @param string $encode whether to encode separator or not,
  248      *                       currently 'none' or 'html'
  249      *
  250      * @return string  character used for separating url parts usually ; or &
  251      *
  252      * @access public
  253      */
  254     public static function getArgSeparator($encode = 'none')
  255     {
  256         static $separator = null;
  257         static $html_separator = null;
  258 
  259         if ($separator === null) {
  260             // use separators defined by php, but prefer ';'
  261             // as recommended by W3C
  262             // (see https://www.w3.org/TR/1999/REC-html401-19991224/appendix
  263             // /notes.html#h-B.2.2)
  264             $arg_separator = (string) ini_get('arg_separator.input');
  265             if (mb_strpos($arg_separator, ';') !== false) {
  266                 $separator = ';';
  267             } elseif (strlen($arg_separator) > 0) {
  268                 $separator = $arg_separator[0];
  269             } else {
  270                 $separator = '&';
  271             }
  272             $html_separator = htmlentities($separator);
  273         }
  274 
  275         switch ($encode) {
  276             case 'html':
  277                 return $html_separator;
  278             case 'text':
  279             case 'none':
  280             default:
  281                 return $separator;
  282         }
  283     }
  284 
  285     /**
  286      * @param string $route                Route to use
  287      * @param array  $additionalParameters Additional URL parameters
  288      */
  289     public static function getFromRoute(string $route, array $additionalParameters = []): string
  290     {
  291         return 'index.php?route=' . $route . self::getCommon($additionalParameters, '&');
  292     }
  293 }