From e8fa63c41ad38d72f3cef7d285b9907ac4340fac Mon Sep 17 00:00:00 2001 From: xzilla Date: Thu, 19 Jul 2007 03:11:52 +0000 Subject: [PATCH] push forward server validation from 4.1 branch --- classes/Misc.php | 16 ++++++++---- lang/english.php | 3 ++- lang/french.php | 3 ++- lang/italian.php | 3 ++- lang/recoded/english.php | 3 ++- lang/recoded/french.php | 3 ++- lang/recoded/italian.php | 3 ++- lang/recoded/spanish.php | 55 ++++++++++++++++++++++------------------ lang/spanish.php | 3 ++- 9 files changed, 55 insertions(+), 37 deletions(-) diff --git a/classes/Misc.php b/classes/Misc.php index db7b9668..8c04da37 100644 --- a/classes/Misc.php +++ b/classes/Misc.php @@ -2,7 +2,7 @@ /** * Class to hold various commonly used functions * - * $Id: Misc.php,v 1.156 2007/07/17 17:09:29 soranzo Exp $ + * $Id: Misc.php,v 1.157 2007/07/19 03:11:52 xzilla Exp $ */ class Misc { @@ -1864,14 +1864,14 @@ } /** - * Get information on a server. + * Validate and retrieve information on a server. * If the parameter isn't supplied then the currently * connected server is returned. * @param $server_id A server identifier (host:port) * @return An associative array of server properties */ function getServerInfo($server_id = null) { - global $conf, $_reload_browser; + global $conf, $_reload_browser, $lang; if ($server_id === null && isset($_REQUEST['server'])) $server_id = $_REQUEST['server']; @@ -1894,8 +1894,14 @@ return $info; } } - - return null; + + if ($server_id === null){ + return null; + } else { + // Unable to find a matching server, are we being hacked? + echo $lang['strinvalidserverparam']; + exit; + } } /** diff --git a/lang/english.php b/lang/english.php index 94d85390..2f92f82e 100755 --- a/lang/english.php +++ b/lang/english.php @@ -4,7 +4,7 @@ * English language file for phpPgAdmin. Use this as a basis * for new translations. * - * $Id: english.php,v 1.212 2007/07/18 21:19:09 xzilla Exp $ + * $Id: english.php,v 1.213 2007/07/19 03:11:52 xzilla Exp $ */ // Language and character set @@ -169,6 +169,7 @@ $lang['strimporterrorline-badcolumnnum'] = 'Import error on line %s: Line does not possess the correct number of columns.'; $lang['strimporterror-uploadedfile'] = 'Import error: File could not be uploaded to the server'; $lang['strcannotdumponwindows'] = 'Dumping of complex table and schema names on Windows is not supported.'; + $lang['strinvalidserverparam'] = 'Attempt to connect with invalid server parameter, possibly someone is trying to hack your system.'; $lang['strnoserversupplied'] = 'No server supplied!'; // Tables diff --git a/lang/french.php b/lang/french.php index 2d0fc6f6..b195f80f 100644 --- a/lang/french.php +++ b/lang/french.php @@ -4,7 +4,7 @@ * French Language file for phpPgAdmin. * @maintainer Pascal PEYRE [pascal.peyre@cir.fr] * - * $Id: french.php,v 1.26 2007/07/18 22:33:19 ioguix Exp $ + * $Id: french.php,v 1.27 2007/07/19 03:11:52 xzilla Exp $ */ // Language and character set @@ -169,6 +169,7 @@ $lang['strimporterrorline-badcolumnnum'] = 'Erreur d\'importation sur la ligne %s : la ligne ne possède pas le bon nombre de colonnes.'; $lang['strimporterror-uploadedfile'] = 'Erreur d\'importation : le fichier n\'a pas pû être récupéré sur le serveur.'; $lang['strcannotdumponwindows'] = 'La sauvegarde de table complexe et des noms de schémas n\'est pas supporté sur Windows.'; + $lang['strinvalidserverparam'] = 'Tentative de connexion avec un serveur invalide, il est possible que quelqu\'un essai de pirater votre système.'; $lang['strnoserversupplied'] = 'Aucun serveur fournis !'; // Tables diff --git a/lang/italian.php b/lang/italian.php index eca966ec..273fbb41 100644 --- a/lang/italian.php +++ b/lang/italian.php @@ -4,7 +4,7 @@ * Italian language file, based on the english language file for phpPgAdmin. * Nicola Soranzo [nsoranzo@tiscali.it] * - * $Id: italian.php,v 1.45 2007/05/14 16:09:52 soranzo Exp $ + * $Id: italian.php,v 1.46 2007/07/19 03:11:52 xzilla Exp $ */ // Language and character set - Lingua e set di caratteri @@ -169,6 +169,7 @@ $lang['strimporterrorline-badcolumnnum'] = 'Errore durante l\'import alla linea %s: la linea non possiede il numero corretto di colonne.'; $lang['strimporterror-uploadedfile'] = 'Errore durante l\'import: non è stato possibile caricare il file sul server'; $lang['strcannotdumponwindows'] = 'Il dump di nomi complessi di tabelle o schemi sotto Windows non è supportato.'; + $lang['strinvalidserverparam'] = 'Tentativo di connessione al server con parametri non validi, è possibile che qualcuno stia cercando di forzare il sistema.'; // Tables - Tabelle $lang['strtable'] = 'Tabella'; diff --git a/lang/recoded/english.php b/lang/recoded/english.php index 721e90bc..970313ca 100644 --- a/lang/recoded/english.php +++ b/lang/recoded/english.php @@ -4,7 +4,7 @@ * English language file for phpPgAdmin. Use this as a basis * for new translations. * - * $Id: english.php,v 1.164 2007/07/18 21:19:09 xzilla Exp $ + * $Id: english.php,v 1.165 2007/07/19 03:11:52 xzilla Exp $ */ // Language and character set @@ -169,6 +169,7 @@ $lang['strimporterrorline-badcolumnnum'] = 'Import error on line %s: Line does not possess the correct number of columns.'; $lang['strimporterror-uploadedfile'] = 'Import error: File could not be uploaded to the server'; $lang['strcannotdumponwindows'] = 'Dumping of complex table and schema names on Windows is not supported.'; + $lang['strinvalidserverparam'] = 'Attempt to connect with invalid server parameter, possibly someone is trying to hack your system.'; $lang['strnoserversupplied'] = 'No server supplied!'; // Tables diff --git a/lang/recoded/french.php b/lang/recoded/french.php index 5d3f5a2c..af0c16f6 100644 --- a/lang/recoded/french.php +++ b/lang/recoded/french.php @@ -4,7 +4,7 @@ * French Language file for phpPgAdmin. * @maintainer Pascal PEYRE [pascal.peyre@cir.fr] * - * $Id: french.php,v 1.25 2007/07/18 22:33:19 ioguix Exp $ + * $Id: french.php,v 1.26 2007/07/19 03:11:52 xzilla Exp $ */ // Language and character set @@ -169,6 +169,7 @@ $lang['strimporterrorline-badcolumnnum'] = 'Erreur d\'importation sur la ligne %s : la ligne ne possède pas le bon nombre de colonnes.'; $lang['strimporterror-uploadedfile'] = 'Erreur d\'importation : le fichier n\'a pas pû être récupéré sur le serveur.'; $lang['strcannotdumponwindows'] = 'La sauvegarde de table complexe et des noms de schémas n\'est pas supporté sur Windows.'; + $lang['strinvalidserverparam'] = 'Tentative de connexion avec un serveur invalide, il est possible que quelqu\'un essai de pirater votre système.'; $lang['strnoserversupplied'] = 'Aucun serveur fournis !'; // Tables diff --git a/lang/recoded/italian.php b/lang/recoded/italian.php index f1d2d5cc..13f19c19 100644 --- a/lang/recoded/italian.php +++ b/lang/recoded/italian.php @@ -4,7 +4,7 @@ * Italian language file, based on the english language file for phpPgAdmin. * Nicola Soranzo [nsoranzo@tiscali.it] * - * $Id: italian.php,v 1.41 2007/05/14 16:09:52 soranzo Exp $ + * $Id: italian.php,v 1.42 2007/07/19 03:11:52 xzilla Exp $ */ // Language and character set - Lingua e set di caratteri @@ -169,6 +169,7 @@ $lang['strimporterrorline-badcolumnnum'] = 'Errore durante l\'import alla linea %s: la linea non possiede il numero corretto di colonne.'; $lang['strimporterror-uploadedfile'] = 'Errore durante l\'import: non è stato possibile caricare il file sul server'; $lang['strcannotdumponwindows'] = 'Il dump di nomi complessi di tabelle o schemi sotto Windows non è supportato.'; + $lang['strinvalidserverparam'] = 'Tentativo di connessione al server con parametri non validi, è possibile che qualcuno stia cercando di forzare il sistema.'; // Tables - Tabelle $lang['strtable'] = 'Tabella'; diff --git a/lang/recoded/spanish.php b/lang/recoded/spanish.php index a7d6b9b2..ff13761a 100644 --- a/lang/recoded/spanish.php +++ b/lang/recoded/spanish.php @@ -4,7 +4,7 @@ * Spanish language file for phpPgAdmin. * @maintainer Martín Marqués (martin@bugs.unl.edu.ar) * - * $Id: spanish.php,v 1.38 2007/04/24 11:43:16 soranzo Exp $ + * $Id: spanish.php,v 1.39 2007/07/19 03:11:52 xzilla Exp $ */ // Language and character set @@ -168,6 +168,7 @@ $lang['strac'] = 'Enable AutoComplete'; $lang['strimporterrorline-badcolumnnum'] = 'Error de importación en la línea %s: La línea no posee la cantidad de columnas correctas.'; $lang['strimporterror-uploadedfile'] = 'Error de importación: No se ha podido subir el archivo al servidor'; $lang['strcannotdumponwindows'] = 'Vuelco de datos con nombres complejos de tablas y esquemas no esta soportado en Windows.'; + $lang['strinvalidserverparam'] = 'Tentativa de conectar con parámetro inválido del servidor. ¿Alguien está intentando posiblemente cortar tu sistema?'; // Tables $lang['strtable'] = 'Tabla'; @@ -267,8 +268,8 @@ $lang['strac'] = 'Enable AutoComplete'; $lang['strgroupcreatedbad'] = 'Falló la creación del grupo.'; $lang['strconfdropgroup'] = '¿Está seguro que quiere eliminar el grupo "%s"?'; $lang['strgroupdropped'] = 'Grupo eliminado.'; - $lang['strgroupdroppedbad'] = 'Falló la eliminación del grupo.'; - $lang['strmembers'] = 'Miembros'; + $lang['strgroupdroppedbad'] = 'Falló la eliminación del grupo.'; + $lang['strmembers'] = 'Miembros'; $lang['strmemberof'] = 'Miembro de'; $lang['stradminmembers'] = 'Miembros Admin '; $lang['straddmember'] = 'Agregar un miembro'; @@ -279,31 +280,35 @@ $lang['strac'] = 'Enable AutoComplete'; $lang['strmemberdropped'] = 'Miembro eliminado.'; $lang['strmemberdroppedbad'] = 'Falló al intentar sacar un miembro.'; - // Roles - $lang['strrole'] = 'Rol'; - $lang['strroles'] = 'Roles'; - $lang['strrolename'] = 'Nombre del Rol'; - $lang['strshowallroles'] = 'Mostrar todas los rols'; + // Roles + $lang['strrole'] = 'Rol'; + $lang['strroles'] = 'Roles'; + $lang['strrolename'] = 'Nombre del Rol'; + $lang['strshowallroles'] = 'Mostrar todas los rols'; $lang['strinheritsprivs'] = 'Hereda Privilegios?'; - $lang['strcreaterole'] = 'Crear Rol'; - $lang['strcancreaterole'] = 'Puede crear rols?'; - $lang['strrolecreated'] = 'Rol creado.'; - $lang['strrolecreatedbad'] = 'Falló al crear rol.'; - $lang['stralterrole'] = 'Alterar role'; -$lang['strroleupdated'] = 'Role updated.'; -$lang['strroleupdatedbad'] = 'Role update failed.'; -$lang['strcatupdate'] = 'Modify Catalogs?'; + $lang['strcreaterole'] = 'Crear Rol'; + $lang['strcancreaterole'] = 'Puede crear rols?'; + $lang['strrolecreated'] = 'Rol creado.'; + $lang['strrolecreatedbad'] = 'Falló al crear rol.'; + $lang['stralterrole'] = 'Alterar role'; + $lang['strroleupdated'] = 'Rol actualizado.'; + $lang['strroleupdatedbad'] = 'Falló la actualización del rol.'; + $lang['struserupdatedbad'] = + $lang['strcatupdate'] = '¿modificar los catálogos del sistema?'; $lang['strcanlogin'] = 'Puede loggearse?'; -$lang['strconnlimit'] = 'Connection limit'; -$lang['strdroprole'] = 'Drop role'; - $lang['strmaxconnections'] = 'Máximo de conexiones'; + $lang['strconnlimit'] = 'Límite de conexión'; + $lang['strdroprole'] = 'Eliminar rol'; + $lang['strmaxconnections'] = 'Máximo de conexiónes'; $lang['strconfdroprole'] = '¿Está seguro de que desea eliminar el rol "%s"?'; $lang['strroledropped'] = 'Usuario eliminado.'; $lang['strroledroppedbad'] = 'No puedo eliminar rol.'; $lang['strnoroles'] = 'No se encontraron los rols.'; $lang['strnolimit'] = 'Sin límite'; $lang['strnever'] = 'Nunca'; -$lang['strroleneedsname'] = 'You must give a name for the role.'; + $lang['strroleneedsname'] = 'Debe darlo un nombre al rol.'; + $lang['strrolealtered'] = 'Rol alterada.'; + $lang['strrolealteredbad'] = 'Falló al intentar alterar rol.'; + // Privileges $lang['strprivilege'] = 'Privilegio'; @@ -342,11 +347,11 @@ $lang['strroleneedsname'] = 'You must give a name for the role.'; $lang['strfull'] = 'Full'; $lang['strfreeze'] = 'Freeze'; $lang['strforce'] = 'Force'; - $lang['strsignalsent'] = 'Señal enviada.'; - $lang['strsignalsentbad'] = 'Falló el envío de la señal.'; - $lang['strallobjects'] = 'Todos los objetos'; - $lang['strdatabasealtered'] = 'Base de Datos alterada.'; - $lang['strdatabasealteredbad'] = 'Falló al intentar alterar la Base de Datos.'; + $lang['strsignalsent'] = 'Señal enviada.'; + $lang['strsignalsentbad'] = 'Falló el envío de la señal.'; + $lang['strallobjects'] = 'Todos los objetos'; + $lang['strdatabasealtered'] = 'Base de Datos alterada.'; + $lang['strdatabasealteredbad'] = 'Falló al intentar alterar la Base de Datos.'; // Views $lang['strview'] = 'Vista'; diff --git a/lang/spanish.php b/lang/spanish.php index 12287ba8..8dff1e4c 100644 --- a/lang/spanish.php +++ b/lang/spanish.php @@ -4,7 +4,7 @@ * Spanish language file for phpPgAdmin. * @maintainer Martín Marqués (martin@bugs.unl.edu.ar) * - * $Id: spanish.php,v 1.38 2007/04/24 11:42:07 soranzo Exp $ + * $Id: spanish.php,v 1.39 2007/07/19 03:11:52 xzilla Exp $ */ // Language and character set @@ -168,6 +168,7 @@ $lang['strac'] = 'Enable AutoComplete'; $lang['strimporterrorline-badcolumnnum'] = 'Error de importación en la línea %s: La línea no posee la cantidad de columnas correctas.'; $lang['strimporterror-uploadedfile'] = 'Error de importación: No se ha podido subir el archivo al servidor'; $lang['strcannotdumponwindows'] = 'Vuelco de datos con nombres complejos de tablas y esquemas no esta soportado en Windows.'; + $lang['strinvalidserverparam'] = 'Tentativa de conectar con parámetro inválido del servidor. ¿Alguien está intentando posiblemente cortar tu sistema?'; // Tables $lang['strtable'] = 'Tabla'; -- 2.39.5