Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/phpMyAdmin/libraries/ drwxr-xr-x | |
| Viewing file: Select action/file-type: $db) {
// garvin: Get comments from PMA comments table
$db_tooltip = '';
if ($GLOBALS['cfg']['ShowTooltip']
&& $GLOBALS['cfgRelation']['commwork']) {
$_db_tooltip = PMA_getComments($db);
if (is_array($_db_tooltip)) {
$db_tooltip = implode(' ', $_db_tooltip);
}
}
if ($GLOBALS['cfg']['LeftFrameDBTree']
&& $GLOBALS['cfg']['LeftFrameDBSeparator']
&& strstr($db, $GLOBALS['cfg']['LeftFrameDBSeparator']))
{
$pos = strrpos($db, $GLOBALS['cfg']['LeftFrameDBSeparator']);
$group = substr($db, 0, $pos);
$disp_name_cut = substr($db, $pos);
} else {
$group = $db;
$disp_name_cut = $db;
}
$disp_name = $db;
if ($db_tooltip && $GLOBALS['cfg']['ShowTooltipAliasDB']) {
$disp_name = $db_tooltip;
$disp_name_cut = $db_tooltip;
$db_tooltip = $db;
}
$dbgroups[$group][$db] = array(
'name' => $db,
'disp_name_cut' => $disp_name_cut,
'disp_name' => $disp_name,
'comment' => $db_tooltip,
'num_tables' => PMA_getTableCount($db),
);
} // end foreach ($dblist as $db)
return $dbgroups;
}
/**
* returns html code for select form element with dbs
*
* @return string html code select
*/
function PMA_getHtmlSelectDb($selected = '')
{
$dblist = PMA_getDbList();
// TODO: IE can not handle different text directions in select boxes
// so, as mostly names will be in english, we set the whole selectbox to LTR
// and EN
$return = '';
return $return;
}
/**
* returns count of tables in given db
*
* @param string $db database to count tables for
* @return integer count of tables in $db
*/
function PMA_getTableCount($db)
{
$tables = PMA_DBI_try_query(
'SHOW TABLES FROM ' . PMA_backquote($db) . ';',
null, PMA_DBI_QUERY_STORE);
if ($tables) {
$num_tables = PMA_DBI_num_rows($tables);
PMA_DBI_free_result($tables);
} else {
$num_tables = 0;
}
return $num_tables;
}
/**
* Get the complete list of Databases a user can access
*
* @param boolean whether to include check on failed 'only_db' operations
* @param resource database handle (superuser)
* @param integer amount of databases inside the 'only_db' container
* @param resource possible resource from a failed previous query
* @param resource database handle (user)
* @param array configuration
* @param array previous list of databases
*
* @return array all databases a user has access to
*
* @access private
*/
function PMA_safe_db_list($only_db_check, $controllink, $dblist_cnt, $userlink,
$cfg, $dblist)
{
if ($only_db_check == false) {
// try to get the available dbs list
// use userlink by default
$dblist = PMA_DBI_get_dblist();
$dblist_cnt = count($dblist);
// PMA_DBI_get_dblist() relies on the ability to run "SHOW DATABASES".
// On servers started with --skip-show-database, this is not possible
// so we have here a fallback method, which relies on the controluser
// being able to access the "mysql" db, as explained in the doc.
if (!$dblist_cnt) {
$auth_query = 'SELECT User, Select_priv '
. 'FROM mysql.user '
. 'WHERE User = \'' . PMA_sqlAddslashes($cfg['Server']['user']) . '\'';
$rs = PMA_DBI_try_query($auth_query, $controllink);
} // end
}
// Access to "mysql" db allowed and dblist still empty -> gets the
// usable db list
if (!$dblist_cnt && ($rs && @PMA_DBI_num_rows($rs))) {
$row = PMA_DBI_fetch_assoc($rs);
PMA_DBI_free_result($rs);
// Correction uva 19991215
// Previous code assumed database "mysql" admin table "db" column
// "db" contains literal name of user database, and works if so.
// Mysql usage generally (and uva usage specifically) allows this
// column to contain regular expressions (we have all databases
// owned by a given student/faculty/staff beginning with user i.d.
// and governed by default by a single set of privileges with
// regular expression as key). This breaks previous code.
// This maintenance is to fix code to work correctly for regular
// expressions.
if ($row['Select_priv'] != 'Y') {
// 1. get allowed dbs from the "mysql.db" table
// lem9: User can be blank (anonymous user)
$local_query = 'SELECT DISTINCT Db FROM mysql.db WHERE Select_priv = \'Y\' AND (User = \'' . PMA_sqlAddslashes($cfg['Server']['user']) . '\' OR User = \'\')';
$rs = PMA_DBI_try_query($local_query, $controllink);
if ($rs && @PMA_DBI_num_rows($rs)) {
// Will use as associative array of the following 2 code
// lines:
// the 1st is the only line intact from before
// correction,
// the 2nd replaces $dblist[] = $row['Db'];
$uva_mydbs = array();
// Code following those 2 lines in correction continues
// populating $dblist[], as previous code did. But it is
// now populated with actual database names instead of
// with regular expressions.
while ($row = PMA_DBI_fetch_assoc($rs)) {
// loic1: all databases cases - part 1
if ( !isset($row['Db']) |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0058 ]-- |