CVE Diff
Last updated on
Description
burp
CVE-2008-4x9x
function PMA_DBI_get_databases_full($database = null, $force_stats = false,
$link = null, $sort_by = 'SCHEMA_NAME', $sort_order = 'ASC',
$limit_offset = 0, $limit_count = false)
{
$sort_order = strtoupper($sort_order);
if (true === $limit_count) {
$limit_count = $GLOBALS['cfg']['MaxDbList'];
}
// initialize to avoid errors when there are no databases
$databases = array();
$apply_limit_and_order_manual = true;
if (PMA_MYSQL_INT_VERSION >= 50002) {
/**
* if $GLOBALS['cfg']['NaturalOrder'] is enabled, we cannot use LIMIT
* cause MySQL does not support natural ordering, we have to do it afterward
*/
if ($GLOBALS['cfg']['NaturalOrder']) {
$limit = '';
} else {
if ($limit_count) {
$limit = ' LIMIT ' . $limit_count . ' OFFSET ' . $limit_offset;
}
$apply_limit_and_order_manual = false;
}
// get table information from information_schema
if ($database) {
$sql_where_schema = 'WHERE `SCHEMA_NAME` LIKE CODE#39;'
. addslashes($database) . 'CODE#39;';
} else {
$sql_where_schema = '';
}
// for PMA bc:
// `SCHEMA_FIELD_NAME` AS `SHOW_TABLE_STATUS_FIELD_NAME`
$sql = '
SELECT `information_schema`.`SCHEMATA`.*';
if ($force_stats) {
$sql .= ',
COUNT(`information_schema`.`TABLES`.`TABLE_SCHEMA`)
AS `SCHEMA_TABLES`,
SUM(`information_schema`.`TABLES`.`TABLE_ROWS`)
AS `SCHEMA_TABLE_ROWS`,
SUM(`information_schema`.`TABLES`.`DATA_LENGTH`)
AS `SCHEMA_DATA_LENGTH`,
SUM(`information_schema`.`TABLES`.`MAX_DATA_LENGTH`)
AS `SCHEMA_MAX_DATA_LENGTH`,
SUM(`information_schema`.`TABLES`.`INDEX_LENGTH`)
AS `SCHEMA_INDEX_LENGTH`,
SUM(`information_schema`.`TABLES`.`DATA_LENGTH`
+ `information_schema`.`TABLES`.`INDEX_LENGTH`)
AS `SCHEMA_LENGTH`,
SUM(`information_schema`.`TABLES`.`DATA_FREE`)
AS `SCHEMA_DATA_FREE`';
}
$sql .= '
FROM `information_schema`.`SCHEMATA`';
if ($force_stats) {
$sql .= '
LEFT JOIN `information_schema`.`TABLES`
ON BINARY `information_schema`.`TABLES`.`TABLE_SCHEMA`
= BINARY `information_schema`.`SCHEMATA`.`SCHEMA_NAME`';
}
$sql .= '
' . $sql_where_schema . '
GROUP BY BINARY `information_schema`.`SCHEMATA`.`SCHEMA_NAME`
ORDER BY BINARY ' . PMA_backquote($sort_by) . ' ' . $sort_order
. $limit;
$databases = PMA_DBI_fetch_result($sql, 'SCHEMA_NAME', null, $link);
$mysql_error = PMA_DBI_getError($link);
if (! count($databases) && $GLOBALS['errno']) {
PMA_mysqlDie($mysql_error, $sql);
}
// display only databases also in official database list
// f.e. to apply hide_db and only_db
$drops = array_diff(array_keys($databases), $GLOBALS['PMA_List_Database']->items);
if (count($drops)) {
foreach ($drops as $drop) {
unset($databases[$drop]);
}
unset($drop);
}
unset($sql_where_schema, $sql, $drops);
} else {
foreach ($GLOBALS['PMA_List_Database']->items as $database_name) {
// MySQL forward compatibility
// so pma could use this array as if every server is of version >5.0
$databases[$database_name]['SCHEMA_NAME'] = $database_name;
if ($force_stats) {
require_once 'mysql_charsets.lib.php';
$databases[$database_name]['DEFAULT_COLLATION_NAME']
= PMA_getDbCollation($database_name);
// get additonal info about tables
$databases[$database_name]['SCHEMA_TABLES'] = 0;
$databases[$database_name]['SCHEMA_TABLE_ROWS'] = 0;
$databases[$database_name]['SCHEMA_DATA_LENGTH'] = 0;
$databases[$database_name]['SCHEMA_MAX_DATA_LENGTH'] = 0;
$databases[$database_name]['SCHEMA_INDEX_LENGTH'] = 0;
$databases[$database_name]['SCHEMA_LENGTH'] = 0;
$databases[$database_name]['SCHEMA_DATA_FREE'] = 0;
$res = PMA_DBI_query('SHOW TABLE STATUS FROM ' . PMA_backquote($database_name) . ';');
while ($row = PMA_DBI_fetch_assoc($res)) {
$databases[$database_name]['SCHEMA_TABLES']++;
$databases[$database_name]['SCHEMA_TABLE_ROWS']
+= $row['Rows'];
$databases[$database_name]['SCHEMA_DATA_LENGTH']
+= $row['Data_length'];
$databases[$database_name]['SCHEMA_MAX_DATA_LENGTH']
+= $row['Max_data_length'];
$databases[$database_name]['SCHEMA_INDEX_LENGTH']
+= $row['Index_length'];
$databases[$database_name]['SCHEMA_DATA_FREE']
+= $row['Data_free'];
$databases[$database_name]['SCHEMA_LENGTH']
+= $row['Data_length'] + $row['Index_length'];
}
PMA_DBI_free_result($res);
unset($res);
}
}
}
/**
* apply limit and order manually now
* (caused by older MySQL < 5 or $GLOBALS['cfg']['NaturalOrder'])
*/
if ($apply_limit_and_order_manual) {
/**
* first apply ordering
*/
if ($GLOBALS['cfg']['NaturalOrder']) {
$sorter = 'strnatcasecmp';
} else {
$sorter = 'strcasecmp';
}
// produces f.e.:
// return -1 * strnatcasecmp($a["SCHEMA_TABLES"], $b["SCHEMA_TABLES"])
$sort_function = '
return ' . ($sort_order == 'ASC' ? 1 : -1) . ' * ' . $sorter . '($a["' . $sort_by . '"], $b["' . $sort_by . '"]);
';
usort($databases, create_function('$a, $b', $sort_function));
/**
* now apply limit
*/
if ($limit_count) {
$databases = array_slice($databases, $limit_offset, $limit_count);
}
}
return $databases;
}
Diff
--- a/libraries/database_interface.lib.php
+++ b/libraries/database_interface.lib.php
+/**
+ * usort comparison callback
+ *
+ * @param string $a first argument to sort
+ * @param string $b second argument to sort
+ *
+ * @return integer a value representing whether $a should be before $b in the
+ * sorted array or not
+ *
+ * @global string the column the array shall be sorted by
+ * @global string the sorting order ('ASC' or 'DESC')
+ *
+ * @access private
+ */
+function PMA_usort_comparison_callback($a, $b)
+{
+ if ($GLOBALS['cfg']['NaturalOrder']) {
+ $sorter = 'strnatcasecmp';
+ } else {
+ $sorter = 'strcasecmp';
+ }
+ // produces f.e.:
+ // return -1 * strnatcasecmp($a["SCHEMA_TABLES"], $b["SCHEMA_TABLES"])
+ return ($GLOBALS['callback_sort_order'] == 'ASC' ? 1 : -1) * $sorter($a[$GLOBALS['callback_sort_by']], $b[$GLOBALS['callback_sort_by']]);
+} // end of the 'PMA_usort_comparison_callback()' function
+
if ($apply_limit_and_order_manual) {
-
- /**
- * first apply ordering
- */
- if ($GLOBALS['cfg']['NaturalOrder']) {
- $sorter = 'strnatcasecmp';
- } else {
- $sorter = 'strcasecmp';
- }
-
- // produces f.e.:
- // return -1 * strnatcasecmp($a["SCHEMA_TABLES"], $b["SCHEMA_TABLES"])
- $sort_function = '
- return ' . ($sort_order == 'ASC' ? 1 : -1) . ' * ' . $sorter . '($a["' . $sort_by . '"], $b["' . $sort_by . '"]);
- ';
-
- usort($databases, create_function('$a, $b', $sort_function));
+ $GLOBALS['callback_sort_order'] = $sort_order;
+ $GLOBALS['callback_sort_by'] = $sort_by;
+ usort($databases, 'PMA_usort_comparison_callback');
+ unset($GLOBALS['callback_sort_order'], $GLOBALS['callback_sort_by']);
/**
* now apply limit