2006-04-26 12:28:53 +00:00
< ? php
/*
2012-08-25 17:05:38 +00:00
$Id : m_mysql . php , v 1.35 2005 / 12 / 18 09 : 51 : 32 benjamin Exp $
----------------------------------------------------------------------
AlternC - Web Hosting System
Copyright ( C ) 2002 by the AlternC Development Team .
http :// alternc . org /
----------------------------------------------------------------------
Based on :
Valentin Lacambre ' s web hosting softwares : http :// altern . org /
----------------------------------------------------------------------
LICENSE
This program is free software ; you can redistribute it and / or
modify it under the terms of the GNU General Public License ( GPL )
as published by the Free Software Foundation ; either version 2
of the License , or ( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
To read the license please visit http :// www . gnu . org / copyleft / gpl . html
----------------------------------------------------------------------
Original Author of file : Benjamin Sonntag
Purpose of file : Manage mysql database for users .
----------------------------------------------------------------------
*/
2006-04-26 12:28:53 +00:00
/**
* MySQL user database management for AlternC .
* This class manage user 's databases in MySQL, and user' s MySQL accounts .
*
* @ copyright AlternC - Team 2002 - 2005 http :// alternc . org /
*/
2011-05-19 13:47:59 +00:00
class DB_users extends DB_Sql {
2012-08-28 06:47:16 +00:00
var $Host , $HumanHostname , $User , $Password , $Client ;
2011-05-18 20:26:12 +00:00
/**
2012-08-25 17:05:38 +00:00
* Creator
*/
2013-04-19 11:40:22 +00:00
function DB_users ( $empty = false ) { // Sometimes we need to create this object with empty parameters, but by default we fill them with those of the current user's DB
2013-02-21 08:05:38 +00:00
global $cuid , $db , $err ;
2011-05-18 20:26:12 +00:00
2013-04-19 11:16:01 +00:00
if ( ! $empty ){
$db -> query ( " select db_servers.* from db_servers, membres where membres.uid= $cuid and membres.db_server_id=db_servers.id; " );
if ( ! $db -> next_record ()) {
$err -> raise ( 'db_user' , _ ( " There are no databases in db_servers for this user. Please contact your administrator. " ));
die ();
}
# Create the object
$this -> HumanHostname = $db -> f ( 'name' );
$this -> Host = $db -> f ( 'host' );
$this -> User = $db -> f ( 'login' );
$this -> Password = $db -> f ( 'password' );
$this -> Client = $db -> f ( 'client' );
$this -> Database = " mysql " ; # We have to define a dabatase when we connect, and the database must exist.
} else {
# Create the object without any parameter
$this -> HumanHostname = " " ;
$this -> Host = " " ;
$this -> User = " " ;
$this -> Password = " " ;
$this -> Client = " " ;
$this -> Database = " mysql " ; # We have to define a dabatase when we connect, and the database must exist.
2011-05-18 20:26:12 +00:00
}
}
2013-04-18 13:09:08 +00:00
2011-05-18 20:26:12 +00:00
}
class m_mysql {
2011-05-18 20:39:42 +00:00
var $dbus ;
2009-11-30 23:48:48 +00:00
2006-04-26 12:28:53 +00:00
/*---------------------------------------------------------------------------*/
/** Constructor
2012-08-25 17:05:38 +00:00
* m_mysql ([ $mid ]) Constructeur de la classe m_mysql , initialise le membre concerne
*/
2006-04-26 12:28:53 +00:00
function m_mysql () {
2013-02-21 08:05:38 +00:00
global $cuid ;
if ( ! empty ( $cuid )) {
$this -> dbus = new DB_users ();
}
2013-03-04 16:28:19 +00:00
variable_get ( 'sql_allow_users_backups' , 1 , 'Set 1 to allow users to configure backup of their databases, 0 if you want do disable this feature. Warning: it will not stop configured backup made by sqlbackup.sh' );
2013-02-21 08:05:38 +00:00
}
function reload_dbus () {
2011-05-19 13:47:59 +00:00
$this -> dbus = new DB_users ();
2006-04-26 12:28:53 +00:00
}
2013-02-21 08:05:38 +00:00
function list_db_servers () {
global $db ;
$db -> query ( " select db_servers.*, count(*) as nb_users from db_servers, membres where membres.db_server_id = db_servers.id group by db_server_id order by name,id; " );
$c = array ();
while ( $db -> next_record ()) {
$c [] = $db -> Record ;
}
return $c ;
}
2013-02-18 10:01:28 +00:00
function hook_menu () {
global $quota ;
$q = $quota -> getquota ( " mysql " );
$obj = array (
2013-03-03 12:09:53 +00:00
'title' => _ ( " MySQL " ),
'ico' => 'images/mysql.png' ,
'link' => 'toggle' ,
'pos' => 100 ,
'links' => array (),
) ;
$obj [ 'links' ][] =
array (
'txt' => _ ( " Databases " ),
'url' => " sql_list.php " ,
);
$obj [ 'links' ][] =
array (
'txt' => _ ( " MySQL Users " ),
'url' => " sql_users_list.php " ,
);
if ( $q [ " u " ] > 0 ) {
$obj [ 'links' ][] =
array (
'txt' => _ ( " PhpMyAdmin " ),
'url' => " sql_pma_sso.php " ,
'target' => '_blank' ,
);
}
return $obj ;
2013-02-18 10:01:28 +00:00
}
2009-11-30 23:48:48 +00:00
2009-11-30 05:02:53 +00:00
/* ----------------------------------------------------------------- */
/**
* Password kind used in this class ( hook for admin class )
*/
function alternc_password_policy () {
2009-11-30 06:01:34 +00:00
return array ( " mysql " => " MySQL users " );
2009-11-30 05:02:53 +00:00
}
2006-04-26 12:28:53 +00:00
/*---------------------------------------------------------------------------*/
/** Get the list of the database for the current user .
* @ return array returns an associative array as follow : < br >
* " db " => database name " bck " => backup mode for this db
* " dir " => Backup folder .
2012-08-14 09:44:43 +00:00
* Returns an array ( empty ) if no databases
2006-04-26 12:28:53 +00:00
*/
function get_dblist () {
global $db , $err , $bro , $cuid ;
$err -> log ( " mysql " , " get_dblist " );
2012-08-14 09:44:43 +00:00
$db -> free ();
2009-03-30 20:00:03 +00:00
$db -> query ( " SELECT login,pass,db, bck_mode, bck_dir FROM db WHERE uid=' $cuid ' ORDER BY db; " );
2006-04-26 12:28:53 +00:00
$c = array ();
while ( $db -> next_record ()) {
list ( $dbu , $dbn ) = split_mysql_database_name ( $db -> f ( " db " ));
2012-12-21 16:11:34 +00:00
$c [] = array ( " db " => $db -> f ( " db " ), " name " => $db -> f ( 'db' ), " bck " => $db -> f ( " bck_mode " ), " dir " => $db -> f ( " bck_dir " ), " login " => $db -> f ( " login " ), " pass " => $db -> f ( " pass " ));
2006-04-26 12:28:53 +00:00
}
return $c ;
}
2012-08-10 17:18:34 +00:00
/*---------------------------------------------------------------------------*/
/** Get the login and password of the special user able to connect to phpmyadmin
* @ return array returns an associative array with login and password
* Returns FALSE if error
*/
function php_myadmin_connect (){
global $db , $cuid , $err ;
$err -> log ( " mysql " , " php_myadmin_connect " );
2013-03-01 10:31:23 +00:00
$db -> query ( " SELECT dbu.name,dbu.password, dbs.host FROM dbusers dbu, db_servers dbs, membres m WHERE dbu.uid=' $cuid ' and enable='ADMIN' and dbs.id=m.db_server_id and m.uid=' $cuid '; " );
2012-08-10 17:18:34 +00:00
if ( ! $db -> num_rows ()) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " Cannot connect to PhpMyAdmin " ));
2012-08-10 17:18:34 +00:00
return false ;
}
$db -> next_record ();
2013-03-01 10:31:23 +00:00
$info = array (
2012-08-25 17:05:38 +00:00
" login " => $db -> f ( " name " ),
2013-03-01 10:31:23 +00:00
" pass " => $db -> f ( " password " ),
" host " => $db -> f ( " host " )
2013-03-03 12:09:53 +00:00
);
2012-08-10 17:18:34 +00:00
return $info ;
}
2012-08-25 17:05:38 +00:00
2009-11-30 23:48:48 +00:00
2006-04-26 12:28:53 +00:00
/*---------------------------------------------------------------------------*/
/** Returns the details of a user ' s database .
* $dbn is the name of the database ( after the _ ) or nothing for the database " $user "
* @ return array returns an associative array as follow :
* " db " => Name of the database
* " bck " => Current bckup mode
* " dir " => Backup directory
* " size " => Size of the database ( in bytes )
* " pass " => Password of the user
* " history " => Number of backup we keep
* " gzip " => Does we compress the dumps ?
* Returns FALSE if the user has no database of if the database does not exist .
*/
function get_mysql_details ( $dbn ) {
global $db , $err , $bro , $mem , $cuid ;
2012-08-21 17:04:24 +00:00
$root = getuserpath ();
2006-04-26 12:28:53 +00:00
$err -> log ( " mysql " , " get_mysql_details " );
2012-09-28 12:18:54 +00:00
$pos = strpos ( $dbn , '_' );
if ( $pos === false ){
$dbname = $dbn ;
} else {
$dbncomp = explode ( '_' , $dbn );
$dbname = $dbn ;
$dbn = $dbncomp [ 1 ];
}
2006-04-26 12:28:53 +00:00
$size = $this -> get_db_size ( $dbname );
$db -> query ( " SELECT login,pass,db, bck_mode, bck_gzip, bck_dir, bck_history FROM db WHERE uid=' $cuid ' AND db=' $dbname '; " );
if ( ! $db -> num_rows ()) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " Database %s not found " ), $dbn );
2006-04-26 12:28:53 +00:00
return array ( " enabled " => false );
}
$c = array ();
$db -> next_record ();
list ( $dbu , $dbn ) = split_mysql_database_name ( $db -> f ( " db " ));
return array ( " enabled " => true , " login " => $db -> f ( " login " ), " db " => $db -> f ( " db " ), " name " => $dbn , " bck " => $db -> f ( " bck_mode " ), " dir " => substr ( $db -> f ( " bck_dir " ), strlen ( $root )), " size " => $size , " pass " => $db -> f ( " pass " ), " history " => $db -> f ( " bck_history " ), " gzip " => $db -> f ( " bck_gzip " ));
}
2012-08-25 17:05:38 +00:00
function test_get_param ( $dbname ){
global $db , $err , $cuid ;
$db -> query ( " SELECT " );
}
2009-11-30 23:48:48 +00:00
2006-04-26 12:28:53 +00:00
/*---------------------------------------------------------------------------*/
/** Create a new database for the current user .
* @ param $dbn string Database name ( $user_ $dbn is the mysql db name )
* @ return TRUE if the database $user_ $db has been successfully created , or FALSE if
* an error occured , such as over quota user .
*/
function add_db ( $dbn ) {
2012-08-10 17:18:34 +00:00
global $db , $err , $quota , $mem , $cuid , $admin ;
2006-04-26 12:28:53 +00:00
$err -> log ( " mysql " , " add_db " , $dbn );
2012-08-25 17:05:38 +00:00
$password_user = " " ;
2006-04-26 12:28:53 +00:00
if ( ! $quota -> cancreate ( " mysql " )) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " Your databases quota is over. You cannot create more databases " ));
2006-04-26 12:28:53 +00:00
return false ;
}
2012-08-25 17:05:38 +00:00
$pos = strpos ( $dbn , '_' );
if ( $pos === false ){
$dbname = $dbn ;
} else {
$dbncomp = explode ( '_' , $dbn );
$dbname = $dbn ;
$dbn = $dbncomp [ 1 ];
2012-10-26 12:21:08 +00:00
if ( empty ( $dbn )) { // If nothing after the '_'
$err -> raise ( " mysql " , _ ( " Database can't have empty suffix " ));
return false ;
}
2012-08-25 17:05:38 +00:00
}
2011-06-17 10:32:21 +00:00
if ( ! preg_match ( " #^[0-9a-z]* $ # " , $dbn )) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " Database name can contain only letters and numbers " ));
2006-04-26 12:28:53 +00:00
return false ;
}
2012-08-25 17:05:38 +00:00
2006-04-26 12:28:53 +00:00
if ( strlen ( $dbname ) > 64 ) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " Database name cannot exceed 64 characters " ));
2006-04-26 12:28:53 +00:00
return false ;
}
$db -> query ( " SELECT * FROM db WHERE db=' $dbname '; " );
if ( $db -> num_rows ()) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " Database %s already exists " ), $dbn );
2006-04-26 12:28:53 +00:00
return false ;
}
2012-08-25 17:05:38 +00:00
$db -> query ( " SELECT name from dbusers where name=' " . $dbname . " ' and enable='ACTIVATED' ; " );
if ( ! $db -> num_rows ()){
$password_user = create_pass ( 8 );
if ( ! $this -> add_user ( $dbn , $password_user , $password_user )){
}
}
2012-08-10 17:18:34 +00:00
//checking for the phpmyadmin user
$db -> query ( " SELECT * FROM dbusers WHERE uid= $cuid AND enable='ADMIN'; " );
if ( $db -> num_rows ()) {
2006-04-26 12:28:53 +00:00
$db -> next_record ();
2012-08-10 17:18:34 +00:00
$myadm = $db -> f ( " name " );
$password = $db -> f ( " password " );
} else {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " There is a problem with the special PhpMyAdmin user. Contact the administrator " ));
2012-08-10 17:18:34 +00:00
return false ;
2006-04-26 12:28:53 +00:00
}
2012-08-10 17:18:34 +00:00
//Grant the special user every rights.
2011-05-18 20:39:42 +00:00
if ( $this -> dbus -> query ( " CREATE DATABASE ` $dbname `; " )) {
2012-02-28 14:48:45 +00:00
$err -> log ( " mysql " , " add_db_succes " , $dbn );
2006-07-05 09:54:39 +00:00
// Ok, database does not exist, quota is ok and dbname is compliant. Let's proceed
2012-08-10 17:18:34 +00:00
$db -> query ( " INSERT INTO db (uid,login,pass,db,bck_mode) VALUES (' $cuid ',' $myadm ',' $password ',' $dbname ',0); " );
2012-08-25 17:05:38 +00:00
$dbuser = $dbname ;
2012-08-14 09:44:43 +00:00
$dbname = str_replace ( '_' , '\_' , $dbname );
$this -> grant ( $dbname , $myadm , " ALL PRIVILEGES " , $password );
2012-08-25 17:05:38 +00:00
if ( ! empty ( $password_user )){
$this -> grant ( $dbname , $dbuser , " ALL PRIVILEGES " , $password_user );
}
2012-08-10 17:18:34 +00:00
$this -> dbus -> query ( " FLUSH PRIVILEGES; " );
2006-07-05 09:54:39 +00:00
return true ;
} else {
2012-02-28 14:48:45 +00:00
$err -> log ( " mysql " , " add_db " , $dbn );
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " An error occured. The database could not be created " ));
2006-07-05 09:54:39 +00:00
return false ;
}
2006-04-26 12:28:53 +00:00
}
2009-11-30 23:48:48 +00:00
2006-04-26 12:28:53 +00:00
/*---------------------------------------------------------------------------*/
/** Delete a database for the current user .
* @ param $dbn string Name of the database to delete . The db name is $user_ $dbn
* @ return TRUE if the database $user_ $db has been successfully deleted , or FALSE if
* an error occured , such as db does not exist .
*/
function del_db ( $dbn ) {
global $db , $err , $mem , $cuid ;
$err -> log ( " mysql " , " del_db " , $dbn );
2012-08-25 17:05:38 +00:00
$dbname = addslashes ( $dbn );
2012-08-10 17:18:34 +00:00
$db -> query ( " SELECT uid FROM db WHERE db=' $dbname '; " );
2006-04-26 12:28:53 +00:00
if ( ! $db -> num_rows ()) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " The database was not found. I can't delete it " ));
2006-04-26 12:28:53 +00:00
return false ;
}
$db -> next_record ();
// Ok, database exists and dbname is compliant. Let's proceed
2011-07-29 19:04:47 +00:00
$db -> query ( " DELETE FROM size_db WHERE db=' $dbname '; " );
2006-04-26 12:28:53 +00:00
$db -> query ( " DELETE FROM db WHERE uid=' $cuid ' AND db=' $dbname '; " );
2011-05-18 20:39:42 +00:00
$this -> dbus -> query ( " DROP DATABASE ` $dbname `; " );
2012-08-25 17:05:38 +00:00
$db_esc = str_replace ( '_' , '\_' , $dbname );
2013-04-22 15:42:38 +00:00
$db -> query ( " DELETE FROM mysql.db WHERE Db=' $db_esc '; " );
2012-12-21 16:11:34 +00:00
$db -> query ( " select User from mysql.db where User=' " . $dbname . " ' and Db=' " . $db_esc . " ' and (Select_priv='Y' or Insert_priv='Y' or Update_priv='Y' or Delete_priv='Y' or Create_priv='Y' or Drop_priv='Y' or References_priv='Y' or Index_priv='Y' or Alter_priv='Y' or Create_tmp_table_priv='Y' or Lock_tables_priv='Y'); " );
2012-08-25 17:05:38 +00:00
if ( ! $db -> num_rows ()){
$this -> del_user ( $dbname );
}
2006-04-26 12:28:53 +00:00
return true ;
}
2012-08-25 17:05:38 +00:00
2009-11-30 23:48:48 +00:00
2006-04-26 12:28:53 +00:00
/*---------------------------------------------------------------------------*/
/** Set the backup parameters for the database $db
* @ param $db string database name
* @ param $bck_mode integer Backup mode ( 0 = none 1 = daily 2 = weekly )
* @ param $bck_history integer How many backup should we keep ?
* @ param $bck_gzip boolean shall we compress the backup ?
* @ param $bck_dir string Directory relative to the user account where the backup will be stored
* @ return boolean true if the backup parameters has been successfully changed , false if not .
*/
function put_mysql_backup ( $dbn , $bck_mode , $bck_history , $bck_gzip , $bck_dir ) {
global $db , $err , $mem , $bro , $cuid ;
$err -> log ( " mysql " , " put_mysql_backup " );
2013-03-04 16:28:19 +00:00
if ( ! variable_get ( 'sql_allow_users_backups' ) ) {
$err -> raise ( " mysql " , _ ( " User aren't allowed to configure their backups " ));
return false ;
}
2012-09-28 12:18:54 +00:00
$pos = strpos ( $dbn , '_' );
if ( $pos === false ){
$dbname = $dbn ;
} else {
$dbncomp = explode ( '_' , $dbn );
$dbname = $dbn ;
$dbn = $dbncomp [ 1 ];
}
2011-06-17 10:32:21 +00:00
if ( ! preg_match ( " #^[0-9a-z]* $ # " , $dbn )) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " Database name can contain only letters and numbers " ));
2006-04-26 12:28:53 +00:00
return false ;
}
$db -> query ( " SELECT * FROM db WHERE uid=' $cuid ' AND db=' $dbname '; " );
if ( ! $db -> num_rows ()) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " Database %s not found " ), $dbn );
2006-04-26 12:28:53 +00:00
return false ;
}
$db -> next_record ();
$bck_mode = intval ( $bck_mode );
$bck_history = intval ( $bck_history );
if ( $bck_gzip )
$bck_gzip = " 1 " ;
else
$bck_gzip = " 0 " ;
if ( ! $bck_mode )
$bck_mode = " 0 " ;
if ( ! $bck_history ) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " You have to choose how many backups you want to keep " ));
2006-04-26 12:28:53 +00:00
return false ;
}
if (( $bck_dir = $bro -> convertabsolute ( $bck_dir , 0 )) === false ) { // return a full path or FALSE
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " Directory does not exist " ));
2006-04-26 12:28:53 +00:00
return false ;
}
$db -> query ( " UPDATE db SET bck_mode=' $bck_mode ', bck_history=' $bck_history ', bck_gzip=' $bck_gzip ', bck_dir=' $bck_dir ' WHERE uid=' $cuid ' AND db=' $dbname '; " );
return true ;
}
2009-11-30 23:48:48 +00:00
2006-04-26 12:28:53 +00:00
/*---------------------------------------------------------------------------*/
/** Change the password of the user in MySQL
* @ param $password string new password ( cleartext )
* @ return boolean TRUE if the password has been successfully changed , FALSE else .
*/
function put_mysql_details ( $password ) {
2009-11-30 06:01:34 +00:00
global $db , $err , $mem , $cuid , $admin ;
2006-04-26 12:28:53 +00:00
$err -> log ( " mysql " , " put_mysql_details " );
$db -> query ( " SELECT * FROM db WHERE uid=' $cuid '; " );
if ( ! $db -> num_rows ()) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " Database not found " ));
2006-04-26 12:28:53 +00:00
return false ;
}
$db -> next_record ();
$login = $db -> f ( " login " );
2010-04-29 10:07:15 +00:00
if ( ! $password ) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " The password is mandatory " ));
2010-04-29 10:07:15 +00:00
return false ;
}
2009-11-30 06:01:34 +00:00
2012-09-07 08:52:47 +00:00
if ( strlen ( $password ) > 16 ) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " MySQL password cannot exceed 16 characters " ));
2012-09-07 08:52:47 +00:00
return false ;
}
2009-11-30 06:01:34 +00:00
// Check this password against the password policy using common API :
if ( is_callable ( array ( $admin , " checkPolicy " ))) {
if ( ! $admin -> checkPolicy ( " mysql " , $login , $password )) {
2012-08-25 17:05:38 +00:00
return false ; // The error has been raised by checkPolicy()
2009-11-30 06:01:34 +00:00
}
}
2006-04-26 12:28:53 +00:00
// Update all the "pass" fields for this user :
$db -> query ( " UPDATE db SET pass=' $password ' WHERE uid=' $cuid '; " );
2012-08-28 06:47:16 +00:00
$this -> dbus -> query ( " SET PASSWORD FOR " . $login . " @ " . $this -> dbus -> Client . " = PASSWORD(' $password '); " );
2006-04-26 12:28:53 +00:00
return true ;
}
2012-08-25 17:05:38 +00:00
/**
* Function used to grant SQL rights to users :
* @ base : database
* @ user : database user
* @ rights : rights to apply ( optional , every rights apply given if missing
* @ pass : user password ( optional , if not given the pass stays the same , else it takes the new value )
* @ table : sql tables to apply rights
**/
2012-08-14 09:44:43 +00:00
function grant ( $base , $user , $rights = null , $pass = null , $table = '*' ){
global $err , $db ;
2012-08-25 17:05:38 +00:00
$err -> log ( " mysql " , " grant " , $base . " - " . $user );
2012-08-26 15:50:59 +00:00
2012-08-21 18:22:53 +00:00
if ( ! preg_match ( " #^[0-9a-z_ \\ * \\ \\ ]* $ # " , $base )){
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " Database name can contain only letters and numbers " ));
2012-08-14 09:44:43 +00:00
return false ;
2012-10-18 07:36:37 +00:00
} elseif ( ! $db -> query ( " select db from db where db=' $base '; " )){
2012-11-08 09:48:39 +00:00
$err -> raise ( " mysql " , _ ( " Database not found " ));
2012-08-14 09:44:43 +00:00
return false ;
}
2009-11-30 23:48:48 +00:00
2012-08-14 09:44:43 +00:00
if ( $rights == null ){
$rights = 'ALL PRIVILEGES' ;
2012-08-19 20:50:47 +00:00
} elseif ( ! preg_match ( " #^[a-zA-Z, \ s]* $ # " , $rights )){
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " Databases rights are not correct " ));
2012-08-14 09:44:43 +00:00
return false ;
}
2012-10-18 07:36:37 +00:00
if ( ! preg_match ( " #^[0-9a-z]# " , $user )) {
$err -> raise ( " mysql " , _ ( " The username can contain only letters and numbers. " ));
2012-08-14 09:44:43 +00:00
return false ;
}
2012-08-21 18:22:53 +00:00
$db -> query ( " select name from dbusers where name=' " . $user . " ' ; " );
if ( ! $db -> num_rows ()){
2012-11-08 09:48:39 +00:00
$err -> raise ( " mysql " , _ ( " Database user not found " ));
2012-08-25 17:05:38 +00:00
return false ;
2012-08-21 18:22:53 +00:00
}
if ( $rights == " FILE " ){
2012-08-28 06:47:16 +00:00
$grant = " grant " . $rights . " on " . $base . " . " . $table . " to ' " . $user . " '@' " . $this -> dbus -> Client . " ' " ;
2012-08-21 18:22:53 +00:00
} else {
2012-08-28 06:47:16 +00:00
$grant = " grant " . $rights . " on ` " . $base . " `. " . $table . " to ' " . $user . " '@' " . $this -> dbus -> Client . " ' " ;
2012-08-21 18:22:53 +00:00
}
2012-08-14 09:44:43 +00:00
if ( $pass ){
$grant .= " identified by ' " . $pass . " '; " ;
} else {
$grant .= " ; " ;
}
2012-08-25 17:05:38 +00:00
if ( ! $this -> dbus -> query ( $grant )){
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " Could not grant rights " ));
2012-08-14 09:44:43 +00:00
return false ;
2012-08-25 17:05:38 +00:00
}
2012-08-14 09:44:43 +00:00
return true ;
}
2006-04-26 12:28:53 +00:00
/* ----------------------------------------------------------------- */
2009-11-30 23:48:48 +00:00
/** Restore a sql database .
* @ param $file string The filename , relative to the user root dir , which contains a sql dump
* @ param $stdout boolean shall - we dump the error to stdout ?
* @ param $id integer The ID of the database to dump to .
* @ return boolean TRUE if the database has been restored , or FALSE if an error occurred
2006-04-26 12:28:53 +00:00
*/
2006-04-26 16:55:28 +00:00
function restore ( $file , $stdout , $id ) {
2013-02-01 15:40:13 +00:00
global $err , $bro , $mem , $L_MYSQL_HOST , $db ;
2013-02-01 07:59:37 +00:00
if ( empty ( $file )) {
$err -> raise ( " mysql " , _ ( " No file specified " ));
return false ;
}
2006-04-26 16:55:28 +00:00
if ( ! $r = $this -> get_mysql_details ( $id )) {
return false ;
}
2006-04-26 12:28:53 +00:00
if ( ! ( $fi = $bro -> convertabsolute ( $file , 0 ))) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " File not found " ));
2006-04-26 16:55:28 +00:00
return false ;
2006-04-26 12:28:53 +00:00
}
2013-02-01 08:24:53 +00:00
if ( ! file_exists ( $fi )) {
$err -> raise ( " mysql " , _ ( " File not found " ));
return false ;
}
2006-04-26 12:28:53 +00:00
if ( substr ( $fi , - 3 ) == " .gz " ) {
2013-02-01 15:40:13 +00:00
$exe = " /bin/gzip -d -c < " . escapeshellarg ( $fi ) . " | /usr/bin/mysql -h " . escapeshellarg ( $this -> dbus -> Host ) . " -u " . escapeshellarg ( $r [ " login " ]) . " -p " . escapeshellarg ( $r [ " pass " ]) . " " . escapeshellarg ( $r [ " db " ]);
2006-04-26 16:55:28 +00:00
} elseif ( substr ( $fi , - 4 ) == " .bz2 " ) {
2013-02-01 15:40:13 +00:00
$exe = " /usr/bin/bunzip2 -d -c < " . escapeshellarg ( $fi ) . " | /usr/bin/mysql -h " . escapeshellarg ( $this -> dbus -> Host ) . " -u " . escapeshellarg ( $r [ " login " ]) . " -p " . escapeshellarg ( $r [ " pass " ]) . " " . escapeshellarg ( $r [ " db " ]);
2006-04-26 16:55:28 +00:00
} else {
2013-02-01 15:40:13 +00:00
$exe = " /usr/bin/mysql -h " . escapeshellarg ( $this -> dbus -> Host ) . " -u " . escapeshellarg ( $r [ " login " ]) . " -p " . escapeshellarg ( $r [ " pass " ]) . " " . escapeshellarg ( $r [ " db " ]) . " < " . escapeshellarg ( $fi );
2006-04-26 12:28:53 +00:00
}
$exe .= " 2>&1 " ;
2012-08-25 17:05:38 +00:00
2006-04-26 12:28:53 +00:00
echo " <code><pre> " ;
if ( $stdout ) {
passthru ( $exe , $ret );
} else {
exec ( $exe , $ret );
}
echo " </pre></code> " ;
if ( $ret != 0 ) {
return false ;
} else {
return true ;
}
}
2009-11-30 23:48:48 +00:00
2012-08-25 17:05:38 +00:00
2006-04-26 12:28:53 +00:00
/* ----------------------------------------------------------------- */
2009-11-30 23:48:48 +00:00
/** Get the size of a database
2006-04-26 12:28:53 +00:00
* @ param $dbname name of the database
* @ return integer database size
* @ access private
*/
2009-11-30 23:48:48 +00:00
function get_db_size ( $dbname ) {
global $db , $err ;
2012-08-25 17:05:38 +00:00
2011-05-18 20:39:42 +00:00
$this -> dbus -> query ( " SHOW TABLE STATUS FROM ` $dbname `; " );
2009-11-30 23:48:48 +00:00
$size = 0 ;
while ( $db -> next_record ()) {
2011-06-17 15:21:29 +00:00
$size += $db -> f ( 'Data_length' ) + $db -> f ( 'Index_length' );
if ( $db -> f ( 'Engine' ) != 'InnoDB' ) $size += $db -> f ( 'Data_free' );
2006-04-26 12:28:53 +00:00
}
2009-11-30 23:48:48 +00:00
return $size ;
2006-04-26 12:28:53 +00:00
}
2012-08-25 17:05:38 +00:00
2009-11-30 23:48:48 +00:00
/* ------------------------------------------------------------ */
/**
* Returns the list of database users of an account
**/
2012-12-21 16:11:34 +00:00
function get_userslist ( $all = null ) {
2006-04-26 14:59:28 +00:00
global $db , $err , $bro , $cuid ;
$err -> log ( " mysql " , " get_userslist " );
$c = array ();
2012-12-21 16:11:34 +00:00
if ( ! $all ){
2013-03-03 12:09:53 +00:00
$db -> query ( " SELECT name FROM dbusers WHERE uid=' $cuid ' and enable not in ('ADMIN','HIDDEN') ORDER BY name; " );
} else {
$db -> query ( " SELECT name FROM dbusers WHERE uid=' $cuid ' ORDER BY name; " );
}
2006-04-26 14:59:28 +00:00
while ( $db -> next_record ()) {
2012-08-25 17:05:38 +00:00
$pos = strpos ( $db -> f ( " name " ), " _ " );
if ( $pos === false ){
$c [] = array ( " name " => ( $db -> f ( " name " )));
} else {
$c [] = array ( " name " => ( $db -> f ( " name " )));
//$c[]=array("name"=>substr($db->f("name"),strpos($db->f("name"),"_")+1));
}
2006-04-26 14:59:28 +00:00
}
return $c ;
}
2012-08-25 17:05:38 +00:00
function get_defaultsparam ( $dbn ){
global $db , $err , $bro , $cuid ;
$err -> log ( " mysql " , " getdefaults " );
$dbu = $dbn ;
$r = array ();
$dbn = str_replace ( '_' , '\_' , $dbn );
2013-01-14 08:43:02 +00:00
$q = $this -> dbus -> query ( " Select * from mysql.db where Db=' " . $dbn . " ' and User!=' " . $cuid . " _myadm'; " );
2012-08-25 17:05:38 +00:00
if ( ! $db -> num_rows ()){
return $r ;
}
2012-08-26 11:07:32 +00:00
while ( $db -> next_record ()) {
$variable = $db -> Record ;
if ( $variable [ 'User' ] == $dbu ){
2013-03-03 12:09:53 +00:00
$r [ 'Host' ] = $db -> f ( 'Host' );
2012-08-26 11:07:32 +00:00
if ( $db -> f ( 'Select_priv' ) !== " Y " ){
return $r ;
}
if ( $db -> f ( 'Insert_priv' ) !== " Y " ){
return $r ;
}
if ( $db -> f ( 'Update_priv' ) !== " Y " ){
return $r ;
}
if ( $db -> f ( 'Delete_priv' ) !== " Y " ){
return $r ;
}
if ( $db -> f ( 'Create_priv' ) !== " Y " ){
return $r ;
}
if ( $db -> f ( 'Drop_priv' ) !== " Y " ){
return $r ;
}
if ( $db -> f ( 'References_priv' ) !== " Y " ){
return $r ;
}
if ( $db -> f ( 'Index_priv' ) !== " Y " ){
return $r ;
}
if ( $db -> f ( 'Alter_priv' ) !== " Y " ){
return $r ;
}
if ( $db -> f ( 'Create_tmp_table_priv' ) !== " Y " ){
return $r ;
}
if ( $db -> f ( 'Lock_tables_priv' ) !== " Y " ){
return $r ;
}
2012-08-26 15:50:59 +00:00
if ( $db -> f ( 'Create_view_priv' ) !== " Y " ){
return $r ;
}
if ( $db -> f ( 'Show_view_priv' ) !== " Y " ){
return $r ;
}
if ( $db -> f ( 'Create_routine_priv' ) !== " Y " ){
return $r ;
}
if ( $db -> f ( 'Alter_routine_priv' ) !== " Y " ){
return $r ;
}
if ( $db -> f ( 'Execute_priv' ) !== " Y " ){
return $r ;
}
if ( $db -> f ( 'Event_priv' ) !== " Y " ){
return $r ;
}
if ( $db -> f ( 'Trigger_priv' ) !== " Y " ){
return $r ;
}
2012-08-26 11:07:32 +00:00
}
} //endwhile
2012-08-25 17:05:38 +00:00
if ( ! $db -> query ( " SELECT name,password from dbusers where name=' " . $dbu . " '; " )){
return $r ;
}
if ( ! $db -> num_rows ()){
return $r ;
}
$db -> next_record ();
$r [ 'user' ] = $db -> f ( 'name' );
$r [ 'password' ] = $db -> f ( 'password' );
return $r ;
}
2009-11-30 06:01:34 +00:00
/* ------------------------------------------------------------ */
/**
* Create a new user in MySQL rights tables
* @ param $usern the username ( we will add _ [ alternc - account ] to it )
* @ param $password The password for this username
* @ param $passconf The password confirmation
* @ return TRUE if the user has been created in MySQL or FALSE if an error occurred
**/
2006-04-26 14:59:28 +00:00
function add_user ( $usern , $password , $passconf ) {
2009-11-30 06:01:34 +00:00
global $db , $err , $quota , $mem , $cuid , $admin ;
2006-04-26 14:59:28 +00:00
$err -> log ( " mysql " , " add_user " , $usern );
2010-04-29 10:07:15 +00:00
$usern = trim ( $usern );
2012-08-25 17:05:38 +00:00
$login = $mem -> user [ " login " ];
if ( $login != $usern ){
$user = addslashes ( $login . " _ " . $usern );
} else {
$user = $usern ;
}
2006-04-26 14:59:28 +00:00
$pass = addslashes ( $password );
2010-04-29 10:07:15 +00:00
if ( ! $usern ) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " The username is mandatory " ));
2010-04-29 10:07:15 +00:00
return false ;
}
if ( ! $pass ) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " The password is mandatory " ));
2010-04-29 10:07:15 +00:00
return false ;
}
2011-06-17 10:32:21 +00:00
if ( ! preg_match ( " #^[0-9a-z]# " , $usern )) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " The username can contain only letters and numbers " ));
2006-04-26 14:59:28 +00:00
return false ;
}
2012-08-25 17:05:38 +00:00
2009-11-30 23:48:48 +00:00
// We check the length of the COMPLETE username, not only the part after _
2010-04-29 10:07:15 +00:00
if ( strlen ( $user ) > 16 ) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " MySQL username cannot exceed 16 characters " ));
2006-04-26 14:59:28 +00:00
return false ;
}
$db -> query ( " SELECT * FROM dbusers WHERE name=' $user '; " );
if ( $db -> num_rows ()) {
2012-12-12 16:50:26 +00:00
$err -> raise ( " mysql " , _ ( " The database user already exists " ));
2006-04-26 14:59:28 +00:00
return false ;
}
if ( $password != $passconf || ! $password ) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " The passwords do not match " ));
2006-04-26 14:59:28 +00:00
return false ;
}
2009-11-30 06:01:34 +00:00
// Check this password against the password policy using common API :
if ( is_callable ( array ( $admin , " checkPolicy " ))) {
if ( ! $admin -> checkPolicy ( " mysql " , $user , $password )) {
2012-08-25 17:05:38 +00:00
return false ; // The error has been raised by checkPolicy()
2009-11-30 06:01:34 +00:00
}
}
2006-04-26 14:59:28 +00:00
2012-08-25 17:05:38 +00:00
// We add him to the user table
$db -> query ( " INSERT INTO dbusers (uid,name,password,enable) VALUES( $cuid ,' $user ',' $password ','ACTIVATED'); " );
2009-09-08 05:29:38 +00:00
// We create the user account (the "file" right is the only one we need globally to be able to use load data into outfile)
2012-08-14 09:44:43 +00:00
$this -> grant ( " * " , $user , " FILE " , $pass );
2006-04-26 14:59:28 +00:00
return true ;
}
2010-12-20 20:21:43 +00:00
/* ------------------------------------------------------------ */
/**
* Change a user ' s MySQL password
* @ param $usern the username
* @ param $password The password for this username
* @ param $passconf The password confirmation
* @ return TRUE if the password has been changed in MySQL or FALSE if an error occurred
**/
function change_user_password ( $usern , $password , $passconf ) {
global $db , $err , $quota , $mem , $cuid , $admin ;
2012-08-14 09:44:43 +00:00
$err -> log ( " mysql " , " change_user_pass " , $usern );
2010-12-20 20:21:43 +00:00
$usern = trim ( $usern );
2012-08-25 17:05:38 +00:00
$user = addslashes ( $usern );
2010-12-20 20:21:43 +00:00
$pass = addslashes ( $password );
if ( $password != $passconf || ! $password ) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " The passwords do not match " ));
2010-12-20 20:21:43 +00:00
return false ;
}
// Check this password against the password policy using common API :
if ( is_callable ( array ( $admin , " checkPolicy " ))) {
if ( ! $admin -> checkPolicy ( " mysql " , $user , $password )) {
2012-08-25 17:05:38 +00:00
return false ; // The error has been raised by checkPolicy()
2010-12-20 20:21:43 +00:00
}
}
2012-08-28 06:47:16 +00:00
$db -> query ( " SET PASSWORD FOR ' " . $user . " '@' " . $this -> dbus -> Client . " ' = PASSWORD(' " . $pass . " '); " );
2012-08-25 17:05:38 +00:00
$db -> query ( " UPDATE dbusers set password=' " . $pass . " ' where name=' " . $usern . " ' and uid= $cuid ; " );
2010-12-20 20:21:43 +00:00
return true ;
}
2009-11-30 06:01:34 +00:00
/* ------------------------------------------------------------ */
/**
2009-11-30 23:48:48 +00:00
* Delete a user in MySQL rights tables
* @ param $user the username ( we will add " [alternc-account]_ " to it ) to delete
2009-11-30 06:01:34 +00:00
* @ return TRUE if the user has been deleted in MySQL or FALSE if an error occurred
**/
2012-12-21 16:11:34 +00:00
function del_user ( $user , $all = null ) {
2006-04-26 14:59:28 +00:00
global $db , $err , $mem , $cuid , $L_MYSQL_DATABASE ;
$err -> log ( " mysql " , " del_user " , $user );
2011-06-17 10:32:21 +00:00
if ( ! preg_match ( " #^[0-9a-z]# " , $user )) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " The username can contain only letters and numbers " ));
2006-04-26 14:59:28 +00:00
return false ;
}
2013-03-03 12:09:53 +00:00
if ( ! $all ){
$db -> query ( " SELECT name FROM dbusers WHERE name=' " . $user . " ' and enable not in ('ADMIN','HIDDEN'); " );
} else {
$db -> query ( " SELECT name FROM dbusers WHERE name=' " . $user . " ' ; " );
}
2006-04-26 14:59:28 +00:00
if ( ! $db -> num_rows ()) {
2012-10-18 07:36:37 +00:00
$err -> raise ( " mysql " , _ ( " The username was not found " ));
2006-04-26 14:59:28 +00:00
return false ;
}
$db -> next_record ();
$login = $db -> f ( " name " );
// Ok, database exists and dbname is compliant. Let's proceed
2012-08-28 06:47:16 +00:00
$db -> query ( " REVOKE ALL PRIVILEGES ON *.* FROM ' " . $user . " '@' " . $this -> dbus -> Client . " '; " );
$db -> query ( " DELETE FROM mysql.db WHERE User=' " . $user . " ' AND Host=' " . $this -> dbus -> Client . " '; " );
$db -> query ( " DELETE FROM mysql.user WHERE User=' " . $user . " ' AND Host=' " . $this -> dbus -> Client . " '; " );
2012-08-25 17:05:38 +00:00
$db -> query ( " FLUSH PRIVILEGES " );
$db -> query ( " DELETE FROM dbusers WHERE uid=' $cuid ' AND name=' " . $user . " '; " );
2006-04-26 14:59:28 +00:00
return true ;
}
2009-11-30 06:01:34 +00:00
/* ------------------------------------------------------------ */
/**
* Return the list of the database rights of user $user
* @ param $user the username
* @ return array An array of database name and rights
**/
2012-08-25 17:05:38 +00:00
function get_user_dblist ( $user ){
global $db , $err , $mem , $cuid ;
2006-04-26 14:59:28 +00:00
2013-01-31 16:45:20 +00:00
$this -> dbus -> query ( " SELECT * FROM mysql.user WHERE User=' " . $user . " ' AND Host=' " . $this -> dbus -> Client . " '; " );
if ( ! $this -> dbus -> next_record () ) {
$err -> raise ( 'mysql' , _ ( " This user does not exist in the MySQL/User database " ));
return false ;
}
2006-04-26 14:59:28 +00:00
$r = array ();
2012-08-14 09:44:43 +00:00
$db -> free ();
2006-04-26 14:59:28 +00:00
$dblist = $this -> get_dblist ();
2012-08-25 17:05:38 +00:00
foreach ( $dblist as $tab ){
$pos = strpos ( $tab [ 'db' ], " _ " );
if ( $pos === false ){
2012-08-28 06:47:16 +00:00
$this -> dbus -> query ( " SELECT * FROM mysql.db WHERE User=' " . $user . " ' AND Host=' " . $this -> dbus -> Client . " ' AND Db=' " . $tab [ " db " ] . " '; " );
2012-08-25 17:05:38 +00:00
} else {
$dbname = str_replace ( '_' , '\_' , $tab [ 'db' ]);
2012-08-28 06:47:16 +00:00
$this -> dbus -> query ( " SELECT * FROM mysql.db WHERE User=' " . $user . " ' AND Host=' " . $this -> dbus -> Client . " ' AND Db=' " . $dbname . " '; " );
2013-03-03 12:09:53 +00:00
}
2012-08-25 17:05:38 +00:00
if ( $this -> dbus -> next_record ()){
2013-03-03 12:09:53 +00:00
$r [] = array ( " db " => $tab [ " db " ], " select " => $this -> dbus -> f ( " Select_priv " ), " insert " => $this -> dbus -> f ( " Insert_priv " ), " update " => $this -> dbus -> f ( " Update_priv " ), " delete " => $this -> dbus -> f ( " Delete_priv " ), " create " => $this -> dbus -> f ( " Create_priv " ), " drop " => $this -> dbus -> f ( " Drop_priv " ), " references " => $this -> dbus -> f ( " References_priv " ), " index " => $this -> dbus -> f ( " Index_priv " ), " alter " => $this -> dbus -> f ( " Alter_priv " ), " create_tmp " => $this -> dbus -> f ( " Create_tmp_table_priv " ), " lock " => $this -> dbus -> f ( " Lock_tables_priv " ),
" create_view " => $this -> dbus -> f ( " Create_view_priv " ),
" show_view " => $this -> dbus -> f ( " Show_view_priv " ),
" create_routine " => $this -> dbus -> f ( " Create_routine_priv " ),
" alter_routine " => $this -> dbus -> f ( " Alter_routine_priv " ),
" execute " => $this -> dbus -> f ( " Execute_priv " ),
" event " => $this -> dbus -> f ( " Event_priv " ),
" trigger " => $this -> dbus -> f ( " Trigger_priv " )
);
2012-08-25 17:05:38 +00:00
} else {
2012-08-26 15:50:59 +00:00
$r [] = array ( " db " => $tab [ 'db' ], " select " => " N " , " insert " => " N " , " update " => " N " , " delete " => " N " , " create " => " N " , " drop " => " N " , " references " => " N " , " index " => " N " , " alter " => " N " , " Create_tmp " => " N " , " lock " => " N " , " create_view " => " N " , " show_view " => " N " , " create_routine " => " N " , " alter_routine " => " N " , " execute " => " N " , " event " => " N " , " trigger " => " N " );
2012-08-25 17:05:38 +00:00
}
2013-03-03 12:09:53 +00:00
}
2006-04-26 14:59:28 +00:00
return $r ;
}
2009-11-30 06:01:34 +00:00
/* ------------------------------------------------------------ */
/**
* Set the access rights of user $user to database $dbn to be rights $rights
* @ param $user the username to give rights to
* @ param $dbn The database to give rights to
* @ param $rights The rights as an array of MySQL keywords ( insert , select ... )
* @ return boolean TRUE if the rights has been applied or FALSE if an error occurred
*
**/
2006-04-26 14:59:28 +00:00
function set_user_rights ( $user , $dbn , $rights ) {
2012-08-25 17:05:38 +00:00
global $mem , $err , $db ;
$err -> log ( " mysql " , " set_user_rights " );
2006-04-26 14:59:28 +00:00
2012-08-25 17:05:38 +00:00
$usern = addslashes ( $user );
$dbname = addslashes ( $dbn );
$dbname = str_replace ( '_' , '\_' , $dbname );
2006-04-26 14:59:28 +00:00
// On g<> n<EFBFBD> re les droits en fonction du tableau de droits
2012-08-10 17:18:34 +00:00
$strrights = " " ;
2006-04-26 14:59:28 +00:00
for ( $i = 0 ; $i < count ( $rights ) ; $i ++ ) {
switch ( $rights [ $i ]) {
case " select " :
$strrights .= " SELECT, " ;
2012-08-25 17:05:38 +00:00
break ;
2006-04-26 14:59:28 +00:00
case " insert " :
$strrights .= " INSERT, " ;
2012-08-25 17:05:38 +00:00
break ;
2006-04-26 14:59:28 +00:00
case " update " :
$strrights .= " UPDATE, " ;
2012-08-25 17:05:38 +00:00
break ;
2006-04-26 14:59:28 +00:00
case " delete " :
$strrights .= " DELETE, " ;
2012-08-25 17:05:38 +00:00
break ;
2006-04-26 14:59:28 +00:00
case " create " :
$strrights .= " CREATE, " ;
2012-08-25 17:05:38 +00:00
break ;
2006-04-26 14:59:28 +00:00
case " drop " :
$strrights .= " DROP, " ;
2012-08-25 17:05:38 +00:00
break ;
2006-04-26 14:59:28 +00:00
case " references " :
$strrights .= " REFERENCES, " ;
2012-08-25 17:05:38 +00:00
break ;
2006-04-26 14:59:28 +00:00
case " index " :
$strrights .= " INDEX, " ;
2012-08-25 17:05:38 +00:00
break ;
2006-04-26 14:59:28 +00:00
case " alter " :
$strrights .= " ALTER, " ;
2012-08-25 17:05:38 +00:00
break ;
2006-04-26 14:59:28 +00:00
case " create_tmp " :
$strrights .= " CREATE TEMPORARY TABLES, " ;
2012-08-25 17:05:38 +00:00
break ;
2006-04-26 14:59:28 +00:00
case " lock " :
$strrights .= " LOCK TABLES, " ;
2012-08-25 17:05:38 +00:00
break ;
2012-08-26 15:50:59 +00:00
case " create_view " :
$strrights .= " CREATE VIEW, " ;
break ;
case " show_view " :
$strrights .= " SHOW VIEW, " ;
break ;
case " create_routine " :
$strrights .= " CREATE ROUTINE, " ;
break ;
case " alter_routine " :
$strrights .= " ALTER ROUTINE, " ;
break ;
case " execute " :
$strrights .= " EXECUTE, " ;
break ;
case " event " :
$strrights .= " EVENT, " ;
break ;
case " trigger " :
$strrights .= " TRIGGER, " ;
break ;
2006-04-26 14:59:28 +00:00
}
}
2009-11-30 06:01:34 +00:00
// We reset all user rights on this DB :
2011-05-18 20:39:42 +00:00
$this -> dbus -> query ( " SELECT * FROM mysql.db WHERE User = ' $usern ' AND Db = ' $dbname '; " );
if ( $this -> dbus -> num_rows ())
2012-08-28 06:47:16 +00:00
$this -> dbus -> query ( " REVOKE ALL PRIVILEGES ON ` $dbname `.* FROM ' $usern '@' " . $this -> dbus -> Client . " '; " );
2006-04-26 14:59:28 +00:00
if ( $strrights ){
$strrights = substr ( $strrights , 0 , strlen ( $strrights ) - 1 );
2012-08-14 09:44:43 +00:00
$this -> grant ( $dbname , $usern , $strrights );
2006-04-26 14:59:28 +00:00
}
2011-05-18 20:39:42 +00:00
$this -> dbus -> query ( " FLUSH PRIVILEGES " );
2006-04-26 14:59:28 +00:00
return TRUE ;
}
2006-04-26 12:28:53 +00:00
2012-08-26 15:50:59 +00:00
function available_sql_rights (){
return Array ( 'select' , 'insert' , 'update' , 'delete' , 'create' , 'drop' , 'references' , 'index' , 'alter' , 'create_tmp' , 'lock' , 'create_view' , 'show_view' , 'create_routine' , 'alter_routine' , 'execute' , 'event' , 'trigger' );
}
2009-11-30 06:01:34 +00:00
2009-11-30 23:48:48 +00:00
/* ----------------------------------------------------------------- */
/** Hook function called by the quota class to compute user used quota
* Returns the used quota for the $name service for the current user .
* @ param $name string name of the quota
* @ return integer the number of service used or false if an error occured
* @ access private
*/
2012-08-26 16:00:34 +00:00
function hook_quota_get () {
2009-11-30 23:48:48 +00:00
global $err , $db , $cuid ;
2012-08-26 16:00:34 +00:00
$err -> log ( " mysql " , " alternc_get_quota " );
$q = Array ( " name " => " mysql " , " description " => _ ( " MySQL Databases " ), " used " => 0 );
$c = $this -> get_dblist ();
if ( is_array ( $c )) {
$q [ 'used' ] = count ( $c );
}
return $q ;
2009-11-30 23:48:48 +00:00
}
2012-08-14 09:44:43 +00:00
2012-08-10 17:18:34 +00:00
/* ----------------------------------------------------------------- */
/** Hook function called when a user is created .
* AlternC ' s standard function that create a member
* @ access private
*/
function alternc_add_member () {
global $db , $err , $cuid , $mem ;
$err -> log ( " mysql " , " alternc_add_member " );
//checking for the phpmyadmin user
$db -> query ( " SELECT name,password FROM dbusers WHERE uid= $cuid AND Type='ADMIN'; " );
if ( $db -> num_rows ()) {
$myadm = $db -> f ( " name " );
$password = $db -> f ( " password " );
} else {
2012-08-25 17:05:38 +00:00
$myadm = $cuid . " _myadm " ;
$password = create_pass ( 8 );
}
$db -> query ( " INSERT INTO dbusers (uid,name,password,enable) VALUES (' $cuid ',' $myadm ',' $password ','ADMIN'); " );
2012-08-19 20:50:47 +00:00
2012-08-10 17:18:34 +00:00
return true ;
}
2012-08-14 09:44:43 +00:00
2012-08-25 17:05:38 +00:00
2009-11-30 23:48:48 +00:00
/* ----------------------------------------------------------------- */
/** Hook function called when a user is deleted .
* AlternC ' s standard function that delete a member
* @ access private
*/
function alternc_del_member () {
global $db , $err , $cuid ;
$err -> log ( " mysql " , " alternc_del_member " );
$c = $this -> get_dblist ();
if ( is_array ( $c )) {
for ( $i = 0 ; $i < count ( $c ); $i ++ ) {
2012-08-25 17:05:38 +00:00
$this -> del_db ( $c [ $i ][ " name " ]);
2011-03-05 11:16:59 +00:00
}
}
2012-12-21 16:11:34 +00:00
$d = $this -> get_userslist ( 1 );
2012-08-19 20:50:47 +00:00
if ( ! empty ( $d )) {
2011-03-05 11:16:59 +00:00
for ( $i = 0 ; $i < count ( $d ); $i ++ ) {
2012-12-21 16:11:34 +00:00
$this -> del_user ( $d [ $i ][ " name " ], 1 );
2009-11-30 23:48:48 +00:00
}
}
return true ;
}
/* ----------------------------------------------------------------- */
/** Hook function called when a user is logged out .
* We just remove the cookie created in admin / sql_admin . php
2012-08-10 17:18:34 +00:00
a @ access private
2009-11-30 23:48:48 +00:00
*/
function alternc_del_session () {
2013-04-21 09:43:13 +00:00
$_SESSION [ 'PMA_single_signon_user' ] = '' ;
$_SESSION [ 'PMA_single_signon_password' ] = '' ;
$_SESSION [ 'PMA_single_signon_host' ] = '' ;
2009-11-30 23:48:48 +00:00
}
2012-08-25 17:05:38 +00:00
2009-11-30 23:48:48 +00:00
/* ----------------------------------------------------------------- */
/**
* Exporte all the mysql information of an account
* @ access private
* EXPERIMENTAL 'sid' function ;)
*/
2012-02-28 14:48:45 +00:00
function alternc_export_conf () {
2012-08-25 17:05:38 +00:00
//TODO don't work with separated sql server for dbusers
2009-11-30 23:48:48 +00:00
global $db , $err , $cuid ;
$err -> log ( " mysql " , " export " );
$db -> query ( " SELECT login, pass, db, bck_mode, bck_dir, bck_history, bck_gzip FROM db WHERE uid=' $cuid '; " );
if ( $db -> next_record ()) {
2012-05-21 15:58:20 +00:00
$str .= " <sql> \n " ;
$str .= " <login> " . $db -> Record [ " login " ] . " </login> \n " ;
$str .= " <pass> " . $db -> Record [ " pass " ] . " </pass> \n " ;
2009-11-30 23:48:48 +00:00
do {
2012-08-25 17:05:38 +00:00
$filename = $tmpdir . " /mysql. " . $db -> Record [ " db " ] . " .sql.gz " ;
$str .= " <database> " . ( $db -> Record [ " db " ]) . " </database> \n " ;
$str .= " <password> " . ( $db -> Record [ " pass " ]) . " </password> \n " ;
if ( $s [ " bck_mode " ] != 0 ) {
$str .= " <backup-mode> " . ( $db -> Record [ " bck_mode " ]) . " </backup-mode> \n " ;
$str .= " <backup-dir> " . ( $db -> Record [ " bck_dir " ]) . " </backup-dir> \n " ;
$str .= " <backup-history> " . ( $db -> Record [ " bck_history " ]) . " </backup-history> \n " ;
$str .= " <backup-gzip> " . ( $db -> Record [ " bck_gzip " ]) . " </backup-gzip> \n " ;
}
2009-11-30 23:48:48 +00:00
} while ( $db -> next_record ());
2012-05-21 15:58:20 +00:00
$str .= " </sql> \n " ;
2009-11-30 23:48:48 +00:00
}
return $str ;
}
2012-02-28 14:48:45 +00:00
/* ----------------------------------------------------------------- */
/**
* Exporte all the mysql databases a of give account to $dir directory
* @ access private
* EXPERIMENTAL 'sid' function ;)
*/
2012-08-25 17:05:38 +00:00
function alternc_export_data ( $dir ){
2012-02-28 14:48:45 +00:00
global $db , $err , $cuid , $mem ;
$err -> log ( " mysql " , " export_data " );
$db -> query ( " SELECT db.login, db.pass, db.db, dbusers.name FROM db,dbusers WHERE db.uid=' $cuid ' AND dbusers.uid=db.uid; " );
$dir .= " sql/ " ;
if ( ! is_dir ( $dir )){
2012-08-25 17:05:38 +00:00
if ( ! mkdir ( $dir )){
2012-09-07 08:52:47 +00:00
$err -> raise ( 'mysql' , _ ( " The directory could not be created " ));
2012-08-25 17:05:38 +00:00
}
2012-02-28 14:48:45 +00:00
}
// on exporte toutes les bases utilisateur.
while ( $db -> next_record ()){
2012-08-25 17:05:38 +00:00
$filename = $dir . " mysql. " . $db -> Record [ " db " ] . " . " . date ( " H:i:s " ) . " .sql.gz " ;
exec ( " /usr/bin/mysqldump --defaults-file=/etc/alternc/my.cnf --add-drop-table --allow-keywords -Q -f -q -a -e " . escapeshellarg ( $db -> Record [ " db " ]) . " |/bin/gzip > " . escapeshellarg ( $filename ));
2012-02-28 14:48:45 +00:00
}
2012-08-25 17:05:38 +00:00
}
2012-02-28 14:48:45 +00:00
2013-04-18 13:09:08 +00:00
/* ----------------------------------------------------------------- */
/**
* Return the size of each databases in a SQL Host given in parameter
* @ param $db_name the human name of the host
* @ param $db_host the host hosting the SQL databases
* @ param $db_login the login to access the SQL db
* @ param $db_password the password to access the SQL db
* @ param $db_client the client to access the SQL db
* @ return an array associating the name of the databases to their sizes : array ( dbname => size )
*/
function get_dbus_size ( $db_name , $db_host , $db_login , $db_password , $db_client ) {
global $db , $err ;
$err -> log ( " mysql " , " get_dbus_size " , $db_host );
2013-04-19 11:16:01 +00:00
# We create the object with empty parameters
$this -> dbus = new DB_users ( true );
# Modify the object with right parameters
$this -> dbus -> HumanHostname = $db_name ;
$this -> dbus -> Host = $db_host ;
$this -> dbus -> User = $db_login ;
$this -> dbus -> Password = $db_password ;
$this -> dbus -> Client = $db_client ;
2013-04-18 13:09:08 +00:00
$this -> dbus -> query ( " show databases; " );
$res = array ();
$d = array ();
while ( $this -> dbus -> next_record ()) {
$dbname = $this -> dbus -> f ( " Database " );
$c = mysql_query ( " SHOW TABLE STATUS FROM $dbname ; " );
$size = 0 ;
while ( $d = mysql_fetch_array ( $c )) {
$size += $d [ " Data_length " ] + $d [ " Index_length " ];
}
$res [ " $dbname " ] = " $size " ;
}
return $res ;
}
2009-11-30 06:01:34 +00:00
2006-04-26 12:28:53 +00:00
} /* Class m_mysql */
?>