get_magic_quotes_gpc removed, resolved #40

Author: osalabs

README.md

@@ -39,7 +39,15 @@ In the directory samples you'll find phpminiconfig.php for known OpenSource pack
 
 ## Change Log
 
-### changes in phpMiniAdmin 1.9.200928 (latest)
+### changes in phpMiniAdmin 1.9.210705 (latest)
+- removed use of function `get_magic_quotes_gpc` deprecated since PHP 7.4.0
+- utf8mb4 is now default charset
+- tested in PHP 8, cleaned up several PHP Warnings
+
+### changes in phpMiniAdmin 1.9.210129
+- limited max packet size during export to aviod PHP memory exhausted errors on huge tables
+
+### changes in phpMiniAdmin 1.9.200928
 - added ability to setup SSL connection (define at least "ssl_ca" in `$DBDEF`)
 
 ### changes in phpMiniAdmin 1.9.190822
@@ -50,11 +58,5 @@ In the directory samples you'll find phpminiconfig.php for known OpenSource pack
 - db NULLs now displayed in italic to distinguish from "NULL" text
 - misc formatting adjustments
 
-### changes in phpMiniAdmin 1.9.170203
-- added "compact view" option. If checked - width/height of grid cells limited, so you can see more rows/columns in case your data is large. And in this mode you can double-click on cells to "expand" just that particular cell.
-
-### changes in phpMiniAdmin 1.9.170117
-- greatly optimized memory usage for large result sets (especially in export)
-
 [see older changes in changelog](changelog.md)
 

changelog.md

@@ -1,4 +1,9 @@
-### changes in phpMiniAdmin 1.9.210129 (latest)
+### changes in phpMiniAdmin 1.9.210705 (latest)
+- removed use of function `get_magic_quotes_gpc` deprecated since PHP 7.4.0
+- utf8mb4 is now default charset
+- tested in PHP 8, cleaned up several PHP Warnings
+
+### changes in phpMiniAdmin 1.9.210129
 - limited max packet size during export to aviod PHP memory exhausted errors on huge tables
 
 ### changes in phpMiniAdmin 1.9.200928

phpminiadmin.php

@@ -1,7 +1,7 @@
 <?php
 /*
  PHP Mini MySQL Admin
- (c) 2004-2019 Oleg Savchuk <[email protected]> http://osalabs.com
+ (c) 2004-2021 Oleg Savchuk <[email protected]> http://osalabs.com
 
  Light standalone PHP script for quick and easy access MySQL databases.
  http://phpminiadmin.sourceforge.net
@@ -21,7 +21,7 @@
 'host'=>"",
 'port'=>"",
 'socket'=>"",
-'chset'=>"utf8",#optional, default charset
+'chset'=>"utf8mb4",#optional, default charset
 #optional paths for ssl
 'ssl_key'=>NULL,
 'ssl_cert'=>NULL,
@@ -33,7 +33,7 @@
 if (function_exists('date_default_timezone_set')) date_default_timezone_set('UTC');#required by PHP 5.1+
 
 //constants
-$VERSION='1.9.210129';
+$VERSION='1.9.210705';
 $MAX_ROWS_PER_PAGE=50; #max number of rows in select per one page
 $D="\r\n"; #default delimiter for export
 $BOM=chr(239).chr(187).chr(191);
@@ -51,12 +51,6 @@
 ini_set('display_errors',0);  #turn on to debug db or script issues
 error_reporting(E_ALL ^ E_NOTICE);
 
-//strip quotes if they set
-if (get_magic_quotes_gpc()){
-  $_COOKIE=array_map('killmq',$_COOKIE);
-  $_REQUEST=array_map('killmq',$_REQUEST);
-}
-
 if ($_REQUEST['login']){
   if ($_REQUEST['pwd']!=$ACCESS_PWD){
     $err_msg="Invalid password. Try again";
@@ -197,6 +191,7 @@ function display_select($sth,$q){
    if ($is_sht) $sqldr.="Database: &#183; <a href='$url&q=".b64u("show table status")."'>Show Table Status</a>";
    $sqldr.="</div>";
  }
+ $abtn='';
  if ($is_sht){
    $abtn="<div><input type='submit' value='Export' onclick=\"sht('exp')\">
  <input type='submit' value='Drop' onclick=\"if(ays()){sht('drop')}else{return false}\">
@@ -219,6 +214,7 @@ function display_select($sth,$q){
  $headers.="</tr>\n";
  $sqldr.=$headers;
  $swapper=false;
+ $swp=0;
  while($row=mysqli_fetch_row($sth)){
    $sqldr.="<tr class='".$rc[$swp=!$swp]."' onclick='tc(this)'>";
    $v=$row[0];
@@ -299,7 +295,7 @@ function print_header(){
 tr.h{background-color:#99C}
 tr.s{background-color:#FF9}
 .err{color:#F33;font-weight:bold;text-align:center}
-.frm{width:450px;border:1px solid #999;background-color:#eee;text-align:left}
+.frm{width:460px;border:1px solid #999;background-color:#eee;text-align:left}
 .frm label .l{width:100px;float:left}
 .dot{border-bottom:1px dotted #000}
 .ajax{text-decoration:none;border-bottom: 1px dashed}
@@ -512,7 +508,7 @@ function print_screen(){
 function print_footer(){
 ?>
 </form>
-<div class="ft">&copy; 2004-2017 <a href="http://osalabs.com" target="_blank">Oleg Savchuk</a></div>
+<div class="ft">&copy; 2004-2021 <a href="http://osalabs.com" target="_blank">Oleg Savchuk</a></div>
 </body></html>
 <?php
 }
@@ -607,9 +603,9 @@ function dbq($s){
 
 function db_query($sql, $dbh1=NULL, $skiperr=0, $resmod=MYSQLI_STORE_RESULT){
  $dbh1=db_checkconnect($dbh1, $skiperr);
- $sth=mysqli_query($dbh1, $sql, $resmod);
- if (!$sth && $skiperr) return;
- if (!$sth) die("Error in DB operation:<br>\n".mysqli_error($dbh1)."<br>\n$sql");
+ if($dbh1) $sth=mysqli_query($dbh1, $sql, $resmod);
+ if(!$sth && $skiperr) return;
+ if(!$sth) die("Error in DB operation:<br>\n".mysqli_error($dbh1)."<br>\n$sql");
  return $sth;
 }
 
@@ -753,13 +749,10 @@ function pen($p,$np=''){
  return str_replace('%p%',$p, $np);
 }
 
-function killmq($value){
- return is_array($value)?array_map('killmq',$value):stripslashes($value);
-}
-
 function savecfg(){
  global $DBDEF;
  $v=$_REQUEST['v'];
+ if(!is_array($v))$v=array();
  unset($v['ssl_ca']);unset($v['ssl_key']);unset($v['ssl_cert']);#don't allow override ssl paths from web
  $_SESSION['DB']=array_merge($DBDEF,$v);
  unset($_SESSION['sql_sd']);
@@ -785,7 +778,7 @@ function savecfg(){
 }
 
 // Allow httponly cookies, or the password is stored plain text in a cookie
-function newcookie($n,$v,$e){$x;return setcookie($n,$v,$e,$x,$x,!!$x,!$x);}
+function newcookie($n,$v,$e){$x='';return setcookie($n,$v,$e,$x,$x,!!$x,!$x);}
 
 //during login only - from cookies or use defaults;
 function loadcfg(){
@@ -877,7 +870,7 @@ function do_export(){
  if ($ct==1&&$_REQUEST['et']=='csv'){
   ex_start('.csv');
   ex_hdr($ctp?$ctp:'text/csv',"$t[0].csv$aext");
-  if ($DB['chset']=='utf8') ex_w($BOM);
+  if ($DB['chset']=='utf8mb4') ex_w($BOM);
 
   $sth=db_query("select * from `$t[0]`",NULL,0,MYSQLI_USE_RESULT);
   $fn=mysqli_field_count($dbh);
@@ -1005,7 +998,7 @@ function print_import(){
 .csv file (Excel style): <input type="file" name="file2" value="" size=40><br>
 <input type="checkbox" name="r1" value="1" checked> first row contain field names<br>
 <small>(note: for success, field names should be exactly the same as in DB)</small><br>
-Character set of the file: <select name="chset"><?php echo chset_select('utf8')?></select>
+Character set of the file: <select name="chset"><?php echo chset_select('utf8mb4')?></select>
 <br><br>
 Import into:<br>
 <input type="radio" name="tt" value="1" checked="checked"> existing table:
@@ -1145,6 +1138,7 @@ function get_next_chunk($insql, $fname){
 }
 
 function get_open_char($str, $pos){
+ $ochar='';$opos='';
  if ( preg_match("/(\/\*|^--|(?<=\s)--|#|'|\"|;)/", $str, $m, PREG_OFFSET_CAPTURE, $pos) ) {
     $ochar=$m[1][0];
     $opos=$m[1][1];

samples/phpminiconfig.php

@@ -10,7 +10,7 @@
  'host'=>'',#optional
  'port'=>'',#optional
  'socket'=>'',#optional
- 'chset'=>'utf8',#optional, default charset
+ 'chset'=>'utf8mb4',#optional, default charset
  #optional paths for ssl
  'ssl_key'=>NULL,
  'ssl_cert'=>NULL,