From f6860ed2be4ec02215e8aff2a7b4d6f5d9183492 Mon Sep 17 00:00:00 2001
From: Kienan Stewart <kienan@koumbit.org>
Date: Tue, 14 May 2019 12:13:44 -0400
Subject: [PATCH 1/5] Use pma_sso script to connect PhpMyAdmin from admin menu

Refs #335
---
 bureau/class/m_admin.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bureau/class/m_admin.php b/bureau/class/m_admin.php
index 29bce577..7668b63a 100644
--- a/bureau/class/m_admin.php
+++ b/bureau/class/m_admin.php
@@ -106,7 +106,7 @@ class m_admin {
             );
             $obj['links'][] = array(
                 'txt' => _("PhpMyAdmin"),
-                'url' => '/alternc-sql/',
+                'url' => 'sql_pma_sso.php',
                 'class' => 'adminmenu',
                 'target' => '_blank',
             );

From 70184caa3af2fcc8dd9cbb2ec23092b4dfe00fb2 Mon Sep 17 00:00:00 2001
From: Kienan Stewart <kienan@koumbit.org>
Date: Tue, 14 May 2019 12:14:25 -0400
Subject: [PATCH 2/5] Return an error when attempting to connect to PHPMyAdmin
 with no DBs

Refs #335
---
 bureau/class/m_mysql.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/bureau/class/m_mysql.php b/bureau/class/m_mysql.php
index 64ab4cfb..28d648c6 100644
--- a/bureau/class/m_mysql.php
+++ b/bureau/class/m_mysql.php
@@ -157,9 +157,15 @@ class m_mysql {
     function php_myadmin_connect() {
         global $db, $cuid, $msg;
         $msg->log("mysql", "php_myadmin_connect");
+        $db->query("SELECT count(0) as count from db where uid = ?;", array($cuid));
+        $db->next_record();
+        if ($db->f('count') == 0) {
+            $msg->raise("ERROR", "mysql", _("Cannot connect to PhpMyAdmin, no databases for user {$cuid}"));
+            return false;
+        }
         $db->query("SELECT dbu.name,dbu.password, dbs.host FROM dbusers dbu, db_servers dbs, membres m WHERE dbu.uid= ? and enable='ADMIN' and dbs.id=m.db_server_id and m.uid= ? ;", array($cuid, $cuid));
         if (!$db->num_rows()) {
-            $msg->raise("ERROR", "mysql", _("Cannot connect to PhpMyAdmin"));
+            $msg->raise("ERROR", "mysql", _("Cannot connect to PhpMyAdmin, no admin user for uid {$cuid}"));
             return false;
         }
         $db->next_record();

From 82c87c43e0c225160ddc4e69cf06fbda267eddbf Mon Sep 17 00:00:00 2001
From: Kienan Stewart <kienan@koumbit.org>
Date: Tue, 14 May 2019 12:15:00 -0400
Subject: [PATCH 3/5] Increase blowfish secret length from 24 to 32

Refs #335
---
 install/alternc.install | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/install/alternc.install b/install/alternc.install
index c367e367..1e980597 100755
--- a/install/alternc.install
+++ b/install/alternc.install
@@ -240,7 +240,7 @@ fi
 PUBLIC_IP_BEGIN=$(echo $PUBLIC_IP|cut -c 1)
 
 # Secret for PhpMyAdmin sessions
-PHPMYADMIN_BLOWFISH="$(generate_string 24)"
+PHPMYADMIN_BLOWFISH="$(generate_string 32)"
 
 # XXX: I assume this is secure if /tmp is sticky (+t)
 # we should have a better way to deal with templating, of course.

From f3207ec2f15c4ad7055c3c9bdc52bb103dc2f630 Mon Sep 17 00:00:00 2001
From: Kienan Stewart <kienan@koumbit.org>
Date: Tue, 14 May 2019 12:15:23 -0400
Subject: [PATCH 4/5] Override owner and group for phpmyadmin lib files

Refs #335
---
 install/alternc.install | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/install/alternc.install b/install/alternc.install
index 1e980597..b152fdbe 100755
--- a/install/alternc.install
+++ b/install/alternc.install
@@ -714,6 +714,8 @@ done
 # Fix phpmyadmin import trac#1557
 test -d "/var/lib/phpmyadmin/tmp" && dpkg-statoverride --update --add www-data alterncpanel 0775 "/var/lib/phpmyadmin/tmp" 2>/dev/null || true
 test -f "/etc/phpmyadmin/config-db.php" && dpkg-statoverride --update --add www-data alterncpanel 0644 "/etc/phpmyadmin/config-db.php" 2>/dev/null || true
+test -f "/var/lib/phpmyadmin/blowfish_secret.inc.php" && dpkg-statoverride --update --add www-data alterncpanel 0660 "/var/lib/phpmyadmin/blowfish_secret.inc.php" 2> /dev/null || true
+test -f "/var/lib/phpmyadmin/config.inc.php" && dpkg-statoverride --update --add www-data alterncpanel 0660 "/var/lib/phpmyadmin/config.inc.php" 2> /dev/null || true
 
 # hook 
 run-parts --arg=end /usr/lib/alternc/install.d 

From 53570e236a0d7dfe7f60e3fa1d893be9b72117e7 Mon Sep 17 00:00:00 2001
From: Kienan Stewart <kienan@koumbit.org>
Date: Wed, 15 May 2019 17:46:15 -0400
Subject: [PATCH 5/5] Enter default db_server information before templating

Refs #335
---
 install/alternc.install | 28 +++++++++++++++++++---------
 1 file changed, 19 insertions(+), 9 deletions(-)

diff --git a/install/alternc.install b/install/alternc.install
index b152fdbe..f0318208 100755
--- a/install/alternc.install
+++ b/install/alternc.install
@@ -90,6 +90,23 @@ lock_jobs
 # hook 
 run-parts --arg=startup /usr/lib/alternc/install.d 
 
+#######################################################################
+# Enter the initial database configuration if needed
+#
+
+# Creating admin user if needed
+# This is done before any templating, since it adds the default database server.
+# User feedback is provided near the end of the script.
+HAS_ROOT=`mysql --defaults-file=/etc/alternc/my.cnf -e "SELECT COUNT(*) FROM membres WHERE login = 'admin' OR login = 'root' and su = 1" | tail -1`
+if [ "$HAS_ROOT" != "1" ] ; then
+    echo "Creating admin user..."
+    echo ""
+
+    su - alterncpanel -s /bin/bash -c /usr/share/alternc/install/newone.php
+    NEWONE_RETVAL=$?
+fi
+
+
 #######################################################################
 # Script configuration
 #
@@ -606,15 +623,8 @@ chown alterncpanel:adm /var/log/alternc/bureau.log /var/log/alternc/update_domai
 # Launch a script that will populate AlternC variables as needed
 su - alterncpanel -s /bin/bash -c /usr/share/alternc/install/variables.php
 
-# Creating admin user if needed
-HAS_ROOT=`mysql --defaults-file=/etc/alternc/my.cnf -e "SELECT COUNT(*) FROM membres WHERE login = 'admin' OR login = 'root' and su = 1" | tail -1`
-
 if [ "$HAS_ROOT" != "1" ]; then
-    echo "Creating admin user..."
-    echo ""
-
-    if su - alterncpanel -s /bin/bash -c /usr/share/alternc/install/newone.php
-      then
+    if [ "$NEWONE_RETVAL" ] ; then
       echo "*******************************************"
       echo "*                                         *"
       echo "*               Admin account             *"
@@ -626,7 +636,7 @@ if [ "$HAS_ROOT" != "1" ]; then
       echo "*                                         *"
       echo "*******************************************"
     else
-	echo "Unable to create the first AlternC account (named 'admin'). newone.php returned $?. Check your MySQL database, PHP, and the /etc/alternc/local.sh file. Also check for any error above during install."
+      echo "Unable to create the first AlternC account (named 'admin'). newone.php returned $NEWONE_RETVAL. Check your MySQL database, PHP, and the /etc/alternc/local.sh file. Also check for any error above during install."
     fi
 else
     ##UPDATE default db_server following /etc/alternc/my.cnf values