Fix #187 issue (comma in keys) (#188)

* * [*] make all AJAX requrests recieve data as object * [*] JSON.Stringify() selected keys (fix issue #187) * * [*] add `ext-mbstring` and `ext-json` to composer.json * * [*] replaced `dirname(__FILE__)` to `__DIR__` (faster) * * [-] removed obsolete empty lines * [+] export `$redis, $config, $csrfToken, $server` to local env of any PHP file * [*] a little fixes
erikdubbelboer · Oct 29, 2022 · e2348fd · e2348fd
1 parent bccabce
commit e2348fd
Show file tree

Hide file tree

Showing 19 changed files with 43 additions and 71 deletions.
diff --git a/composer.json b/composer.json
@@ -13,6 +13,8 @@
         }
     ],
     "require": {
+        "ext-mbstring": "*",
+        "ext-json": "*",
         "predis/predis": "v1.1.9",
         "paragonie/random_compat": ">=2"
     },

diff --git a/delete.php b/delete.php
@@ -1,13 +1,13 @@
 <?php
 
-
 if (!isset($_POST['post'])) {
   die('Javascript needs to be enabled for you to delete keys.');
 }
 
-
 require_once 'includes/common.inc.php';
 
+global $redis;
+global $server;
 
 if (isset($_GET['key'])) {
   // String
@@ -61,16 +61,15 @@
 }
 
 if (isset($_GET['batch_del'])) {
-  $keys = $_POST['selected_keys'];
-  $keys = trim($keys, ',');
-  if (empty($keys)) die('No keys to delete');
+  if (empty($_POST['selected_keys'])) {
+    die('No keys to delete');
+  }
+  $keys = json_decode($_POST['selected_keys']);
 
-  $keys = explode(',', $keys);
   foreach ($keys as $key) {
     $redis->del($key);
   }
 
   die('?view&s=' . $server['id'] . '&d=' . $server['db'] . '&key=' . urlencode($keys[0]));
 }
 
-?>
diff --git a/edit.php b/edit.php
@@ -2,8 +2,7 @@
 
 require_once 'includes/common.inc.php';
 
-
-
+global $redis, $config, $csrfToken, $server;
 
 // Are we editing or creating a new key?
 $edit = false;
@@ -192,4 +191,4 @@
 
 require 'includes/footer.inc.php';
 
-?>
+?>
diff --git a/export.php b/export.php
@@ -2,6 +2,7 @@
 
 require_once 'includes/common.inc.php';
 
+global $redis, $config, $csrfToken, $server;
 
 // Export to redis-cli commands
 function export_redis($key, $filter = false, $transform = false) {

diff --git a/flush.php b/flush.php
@@ -1,13 +1,11 @@
 <?php
 
-
 if (!isset($_POST['post'])) {
   die('Javascript needs to be enabled for you to flush a database.');
 }
 
-
 require_once 'includes/common.inc.php';
-
+global $redis, $config, $csrfToken, $server;
 
 $redis->flushdb();
 
diff --git a/import.php b/import.php
@@ -1,9 +1,7 @@
 <?php
 
 require_once 'includes/common.inc.php';
-
-
-
+global $redis, $config, $csrfToken, $server;
 
 // This mess could need some cleanup!
 if (isset($_POST['commands'])) {

diff --git a/includes/common.inc.php b/includes/common.inc.php
@@ -1,9 +1,8 @@
 <?php
-require dirname(__FILE__) . '/../vendor/autoload.php';
+require __DIR__ . '/../vendor/autoload.php';
 
 define('PHPREDIS_ADMIN_PATH', dirname(__DIR__));
 
-
 if (session_status() !== PHP_SESSION_DISABLED) {
   session_start();
 
@@ -44,7 +43,6 @@
   $i = 0;
 }
 
-
 if (isset($_GET['s']) && is_numeric($_GET['s']) && ($_GET['s'] < count($config['servers']))) {
   $i = $_GET['s'];
 }
@@ -53,10 +51,8 @@
 $server['id']      = $i;
 $server['charset'] = isset($server['charset']) && $server['charset'] ? $server['charset'] : false;
 
-
 mb_internal_encoding('utf-8');
 
-
 if (isset($login, $login['servers'])) {
   if (array_search($i, $login['servers']) === false) {
     die('You are not allowed to access this database.');
@@ -142,5 +138,3 @@
     die('ERROR: Selecting database failed ('.$server['host'].':'.$server['port'].','.$server['db'].')');
   }
 }
-
-?>
diff --git a/includes/page.inc.php b/includes/page.inc.php
@@ -1,6 +1,5 @@
 <?php
 
-
 // Returns true when the user is using IE
 function is_ie() {
   if (isset($_SERVER['HTTP_USER_AGENT']) &&
@@ -11,9 +10,6 @@ function is_ie() {
   }
 }
 
-
-
-
 $page = array(
   'css' => array('common'),
   'js'  => array('jquery')

diff --git a/index.php b/index.php
@@ -1,6 +1,7 @@
 <?php
 
 require_once 'includes/common.inc.php';
+global $redis, $config, $csrfToken, $server;
 
 if($redis) {
 
@@ -33,7 +34,7 @@
         continue;
       }
 
-      $key = explode($server['seperator'], $key);
+      $key = explode($server['seperator'], $key); //@todo: may be separator ?
       if ($config['showEmptyNamespaceAsKey'] && $key[count($key) - 1] == '') {
         array_pop($key);
         $key[count($key) - 1] .= ':';

diff --git a/info.php b/info.php
@@ -1,9 +1,7 @@
 <?php
 
 require_once 'includes/common.inc.php';
-
-
-
+global $redis, $config, $csrfToken, $server;
 
 if (isset($_GET['reset'])) {
   $redis->config('resetstat');
@@ -12,15 +10,10 @@
   die;
 }
 
-
-
 // Fetch the info
 $info = $redis->info();
 $alt  = false;
 
-
-
-
 $page['css'][] = 'frame';
 $page['js'][]  = 'frame';
 

diff --git a/js/frame.js b/js/frame.js
@@ -3,14 +3,12 @@ $(function() {
     window.parent.history.replaceState({}, '', document.location.href.replace('?', '&').replace(/\/([a-z]*)\.php/, '/?$1'));
   }
 
-
   $('#type').change(function(e) {
     $('#hkeyp' ).css('display', e.target.value == 'hash' ? 'block' : 'none');
     $('#indexp').css('display', e.target.value == 'list' ? 'block' : 'none');
     $('#scorep').css('display', e.target.value == 'zset' ? 'block' : 'none');
   }).change();
 
-
   $('.delkey, .delval').click(function(e) {
     e.preventDefault();
 

diff --git a/js/index.js b/js/index.js
@@ -14,34 +14,41 @@ $(function() {
   })
 
   $('#sidebar').on('click', 'a', function(e) {
-    if (e.currentTarget.className.indexOf('batch_del') !== -1){
+    if (e.currentTarget.className.indexOf('batch_del') !== -1) {
       e.preventDefault();
-      var selected_keys = '';
+      var selected_keys = [];
       $('input[name=checked_keys]:checked').each(function () {
-        selected_keys += $(this).val() + ',';
+        selected_keys.push($(this).val());
       });
-      if (!selected_keys) {
+      if (selected_keys.length == 0) {
         alert('Please select the keys you want to delete.');
         return;
       }
       if (confirm('Are you sure you want to delete all selected keys?')) {
         $.ajax({
           type: "POST",
           url: this.href,
-          data: 'post=1&selected_keys=' + selected_keys + '&csrf=' + phpRedisAdmin_csrfToken,
+          data: {
+            post: 1,
+            selected_keys: JSON.stringify(selected_keys),
+            csrf: phpRedisAdmin_csrfToken
+          },
           success: function(url) {
             top.location.href = top.location.pathname+url;
           }
         });
       }
-    }else if (e.currentTarget.className.indexOf('deltree') !== -1) {
+    } else if (e.currentTarget.className.indexOf('deltree') !== -1) {
       e.preventDefault();
 
       if (confirm('Are you sure you want to delete this whole tree and all it\'s keys?')) {
         $.ajax({
           type: "POST",
           url: this.href,
-          data: 'post=1&csrf=' + phpRedisAdmin_csrfToken,
+          data: {
+            post: 1,
+            csrf: phpRedisAdmin_csrfToken
+          },
           success: function(url) {
             top.location.href = top.location.pathname+url;
           }
@@ -74,7 +81,10 @@ $(function() {
           $.ajax({
             type: "POST",
             url: href,
-            data: 'post=1&csrf=' + phpRedisAdmin_csrfToken,
+            data: {
+              post: 1,
+              csrf: phpRedisAdmin_csrfToken
+            },
             success: function() {
               window.location.reload();
             }

diff --git a/login.php b/login.php
@@ -2,6 +2,7 @@
 define('LOGIN_PAGE', true);
 
 require_once 'includes/common.inc.php';
+global $redis, $config, $csrfToken, $server;
 
 $page['css'][] = 'login';
 

diff --git a/logout.php b/logout.php
@@ -1,6 +1,7 @@
 <?php
 
 require_once 'includes/common.inc.php';
+global $redis, $config, $csrfToken, $server;
 
 if (!empty($config['cookie_auth'])) {
     // Cookie-based auth

diff --git a/overview.php b/overview.php
@@ -1,9 +1,7 @@
 <?php
 
 require_once 'includes/common.inc.php';
-
-
-
+global $redis, $config, $csrfToken, $server;
 
 $info = array();
 
@@ -109,7 +107,7 @@
 </p>
 
 <p>
-<a href="http://redis.io/documentation" target="_blank">Redis Documentation</a>
+<a href="https://redis.io/documentation" target="_blank">Redis Documentation</a>
 </p>
 <?php
 

diff --git a/rename.php b/rename.php
@@ -1,9 +1,7 @@
 <?php
 
 require_once 'includes/common.inc.php';
-
-
-
+global $redis, $config, $csrfToken, $server;
 
 if (isset($_POST['old'], $_POST['key'])) {
   if (strlen($_POST['key']) > $config['maxkeylen']) {

diff --git a/save.php b/save.php
@@ -1,9 +1,7 @@
 <?php
 
 require_once 'includes/common.inc.php';
-
-
-
+global $redis, $config, $csrfToken, $server;
 
 $page['css'][] = 'frame';
 $page['js'][]  = 'frame';

diff --git a/ttl.php b/ttl.php
@@ -1,9 +1,7 @@
 <?php
 
 require_once 'includes/common.inc.php';
-
-
-
+global $redis, $config, $csrfToken, $server;
 
 if (isset($_POST['key'], $_POST['ttl'])) {
   if ($_POST['ttl'] == -1) {
@@ -16,9 +14,6 @@
   die;
 }
 
-
-
-
 $page['css'][] = 'frame';
 $page['js'][]  = 'frame';
 

diff --git a/view.php b/view.php
@@ -1,14 +1,13 @@
 <?php
 
 require_once 'includes/common.inc.php';
+global $redis, $config, $csrfToken, $server;
 
 $page['css'][] = 'frame';
 $page['js'][]  = 'frame';
 
 require 'includes/header.inc.php';
 
-
-
 if (!isset($_GET['key'])) {
   ?>
   Invalid key
@@ -18,17 +17,13 @@
   die;
 }
 
-
-
 $type   = $redis->type($_GET['key']);
 $exists = $redis->exists($_GET['key']);
 
 $count_elements_page = isset($config['count_elements_page']) ? $config['count_elements_page'] : false;
 $page_num_request    = isset($_GET['page']) ? (int)$_GET['page'] : 1;
 $page_num_request    = $page_num_request === 0 ? 1 : $page_num_request;
 
-
-
 ?>
 <h2><?php echo format_html($_GET['key'])?>
 <?php if ($exists) { ?>
@@ -48,8 +43,6 @@
   die;
 }
 
-
-
 $alt      = false;
 $ttl      = $redis->ttl($_GET['key']);
 
@@ -59,7 +52,6 @@
   $encoding = null;
 }
 
-
 switch ($type) {
   case 'string':
     $value = $redis->get($_GET['key']);