kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

classe mysql & fichiers section admin associés

This commit is contained in:
quenenni 2017-08-15 19:51:04 +02:00
parent b16c3ac69a
commit 6c40d19bbd
18 changed files with 268 additions and 298 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
bureau/admin/sql_bck.php
View File

@ -52,13 +52,9 @@ $fields = array (
);
getFields($fields);
if (!$r=$mysql->get_mysql_details($id)) {
$error=$err->errstr();
}
$r=$mysql->get_mysql_details($id);
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p><p>&nbsp;</p>";
}
echo $msg->msg_html_all();
if (is_array($r)) {
?>

14
bureau/admin/sql_del.php
View File

@ -35,20 +35,14 @@ $fields = array (
);
getFields($fields);
if(!isset($error)){
$error="";
}
if ($confirm=="y" ) {
reset($_POST);
while (list($key,$val)=each($_POST)) {
if (substr($key,0,4)=="del_") {
// Effacement de la base $val
$r=$mysql->del_db(substr($key,4));
if (!$r) {
$error.=$err->errstr()."<br />";
} else {
$error.=sprintf(_("The database %s has been successfully deleted"),$val)."<br />";
if ($r) {
$msg->raise("ok", "mysql", _("The database '%s' has been successfully deleted"), $val);
}
}
}
@ -63,7 +57,7 @@ foreach($_POST as $key=>$val) {
}
}
if (!$found) {
$error=_("Please check which databases you want to delete");
$msg->raise("alert", "mysql", _("Please check which databases you want to delete"));
include("sql_list.php");
exit();
}
@ -82,7 +76,7 @@ if (!$found) {
reset($_POST);
while (list($key,$val)=each($_POST)) {
if (substr($key,0,4)=="del_") {
echo "<input type=\"hidden\" name=\"".ehe($key,false)."\" value=\"".ehe($val,false)."\" />".ehe($val,false)."<br />\n";
echo "<input type=\"hidden\" name=\"".ehe($key,false)."\" value=\"".ehe($val,false)."\" /><ul><li><b>".ehe($val,false)."</b></li></ul>\n";
}
}

12
bureau/admin/sql_doadd.php
View File

@ -34,7 +34,7 @@ $fields = array (
);
getFields($fields);
if (!$quota->cancreate("mysql")) {
$error=_("Can't create a database: your quota is over");
$msg->raise("alert", "mysql", _("Can't create a database: your quota is over"));
include("sql_list.php");
exit;
}
@ -46,13 +46,11 @@ if($q['u'] > 0){
$dbname=$mem->user["login"];
}
if(!$mysql->add_db($dbname)) {
$error=$err->errstr();
include("sql_list.php");
exit;
if($mysql->add_db($dbname)) {
$msg->raise("ok", "mysql", _("La base de données '%s' a bien été créé."),$dbname);
}
header('Location: sql_getparam.php?dbname='.htmlentities($dbname));
#include("sql_list.php");
#header('Location: sql_getparam.php?dbname='.htmlentities($dbname));
include("sql_list.php");
?>

7
bureau/admin/sql_dobck.php
View File

@ -48,12 +48,13 @@ $fields = array (
getFields($fields);
if (!$mysql->put_mysql_backup($id,$bck_mode,$bck_history,$bck_gzip,$bck_dir)) {
$error=$err->errstr();
$mysql->put_mysql_backup($id,$bck_mode,$bck_history,$bck_gzip,$bck_dir);
if ($msg->has_msgs("Error")) {
include("sql_bck.php");
exit();
} else {
$error=_("Your backup parameters has been successfully changed.");
$msg->raise("ok", "mysql", _("Your backup parameters has been successfully changed."));
}
include("sql_list.php");
?>

14
bureau/admin/sql_dorestore.php
View File

@ -43,9 +43,8 @@ getFields($fields);
<?php
if (!$r=$mysql->get_mysql_details($id)) {
$error=$err->errstr();
}
$r=$mysql->get_mysql_details($id);
if (! $r["enabled"]) {
echo "<p class=\"alert alert-danger\">"._("You currently have no database defined")."</p>";
include_once("foot.php");
@ -57,14 +56,11 @@ if (! $r["enabled"]) {
<p>
<?php
if (!$mysql->restore($restfile,true,$id)) {
$error=$err->errstr();
} else {
$error=_("Your database has been restored, check out the previous text for error messages.");
if ($mysql->restore($restfile,true,$id)) {
$msg->raise("ok", "mysql", _("Your database has been restored, check out the previous text for error messages."));
} // if mysql->restore
echo "<p class=\"alert alert-danger\">$error</p><p>&nbsp;</p>";
echo $msg->msg_html_all();
?>
</p>
<?php include_once("foot.php"); ?>

43
bureau/admin/sql_getparam.php
View File

@ -34,30 +34,35 @@ $fields = array (
"dbname" => array ("request", "string", ""),
);
getFields($fields);
if (!$r=$mysql->get_dblist()) {
if (!$res=$mysql->get_dblist()) {
$error=$err->errstr();
}
$r=$mysql->get_defaultsparam($dbname);
if (!$r) {
$error=$err->errstr();
}
$res=$mysql->get_defaultsparam($dbname);
?>
<h3><?php __("MySQL Databases"); ?></h3>
<hr id="topbar"/>
<br />
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p><p>&nbsp;</p>";
include_once("foot.php");
exit();
}
echo $msg->msg_html_all();
if ($msg->has_msgs("error")) {
include_once("foot.php");
exit();
}
?>
<p><?php __("Your current connection settings are"); ?> : </p>
<?php
$i = 0;
foreach ($res as $r) {
$i++;
$title = (count($res) > 1)?"Paramètres ".$i:"Paramètres";
?>
<table class="tedit">
<tr>
<th colspan="2" style='text-align:center;'><?php echo '<h1>'.$mysql->dbus->HumanHostname.'</h1>'; ?></th>
<th colspan="2" style='text-align:center;'><?php echo '<h1>'.$title.'</h1>'; ?></th>
</tr>
<tr>
<th><?php __("Mysql Server"); ?></th>
@ -65,7 +70,7 @@ if (!$r) {
</tr>
<tr>
<th><?php __("Database"); ?></th>
<td><code><?php ehe($dbname); ?></code></td>
<td><code><?php ehe($dbname); ?></code></td>
</tr>
<?php
if(isset($r['user'])){
@ -78,6 +83,18 @@ if(isset($r['user'])){
<th><?php __("Password"); ?></th>
<td><code><?php echo $r['password']; ?></code></td>
</tr>
<tr>
<th>Droits de l'utilisateur</th>
<?php
// On teste la valeur de retour 'Rights' afin de savoir si cet utilisateur à tous les droits ou seulement certains et on place le bouton "Gestion des droits"
if ($r[Rights] == 'All') {
$rights = "Tous";
} else {
$rights = "<span style='color:orange;'>Sélectifs</span>";
}
?>
<td><?php echo $rights; ?>&nbsp;&nbsp;<span class="ina configure"><a href="sql_users_rights.php?id=<?php echo $r["user"] ?>"><?php __("Manage the rights"); ?></a></span></td>
</tr>
<tr>
<td colspan="2" align="center">
<a href="/alternc-sql/" target="_blank"><?php __("Web interface PhpMyAdmin"); ?></a>
@ -95,6 +112,8 @@ if(!isset($r['user'])){
echo "<p class=\"alert alert-warning\">";__("You changed the MySQL User base configuration. Please refer to your configuration");echo"</p><p>&nbsp;</p>";
}
?>
<br>
<?php } // Fin foreach ?>
<p><span class="ina back"><a href="sql_list.php"><?php __("Back to the MySQL database list"); ?></a></span></p>

14
bureau/admin/sql_list.php
View File

@ -38,12 +38,14 @@ $r=$mysql->get_userslist();
<hr id="topbar"/>
<br />
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
if(!$r || empty($r)){
echo "<p class=\"alert alert-info\">"._("You have no sql user at the moment.")."</p>";
// On regarde d'abord si on a une db existante. Sioui, on regarde si on a des utilisateurs existants
if(!$rdb || empty($rdb)){
$msg->raise("info", "mysql", _("You have no database at the moment."));
} else if(!$r || empty($r)){
$msg->raise("info", "mysql", _("You have no sql user at the moment."));
}
echo $msg->msg_html_all();
?>
<?php
@ -74,7 +76,7 @@ for($i=0;$i<count($rdb);$i++) {
}
?>
<tr><td colspan="5">
<tr><td colspan="6">
<input type="submit" name="sub" value="<?php __("Delete the checked databases"); ?>" class="inb delete" />
</td></tr>
</table>

9
bureau/admin/sql_pma_sso.php
View File

@ -29,9 +29,7 @@
*/
require_once("../class/config.php");
if (!$r=$mysql->php_myadmin_connect()) {
$error=$err->errstr();
} else {
if ($r=$mysql->php_myadmin_connect()) {
// SSO of PhpMyAdmin
$_SESSION['PMA_single_signon_user'] = $r["login"];
$_SESSION['PMA_single_signon_password'] = $r["pass"];
@ -45,9 +43,8 @@ if (!$r=$mysql->php_myadmin_connect()) {
include_once("head.php");
echo '<h3>'._("SQL Admin").'</h3>';
if (!empty($error)) {
echo "<p class=\"alert alert-danger\">$error</p>";
}
echo $msg->msg_html_all();
include_once("foot.php");
?>

8
bureau/admin/sql_restore.php
View File

@ -36,18 +36,14 @@ $fields = array (
);
getFields($fields);
if (!$r=$mysql->get_mysql_details($id)) {
$error=$err->errstr();
}
$r=$mysql->get_mysql_details($id);
?>
<h3><?php __("MySQL Databases"); ?></h3>
<hr id="topbar"/>
<br />
<?php
if (!empty($error)) {
echo "<p class=\"alert alert-danger\">$error</p><p>&nbsp;</p>";
}
echo $msg->msg_html_all();
if (!is_array($r)) {
echo "<p>"._("You currently have no database defined")."</p>";

28
bureau/admin/sql_users_add.php
View File

@ -37,21 +37,20 @@ $fields = array (
);
getFields($fields);
$c=$admin->listPasswordPolicies();
$passwd_classcount = $c['mysql']['classcount'];
?>
<h3><?php __("Create a new MySQL user"); ?></h3>
<hr id="topbar"/>
<br />
<?php
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p>";
if (isset($fatal) && $fatal) {
?>
<?php include_once("foot.php"); ?>
echo $msg->msg_html_all();
<?php
exit();
}
}
if (isset($fatal) && $fatal) {
include_once("foot.php");
exit();
}
?>
<form method="post" action="sql_users_doadd.php" id="main" name="main" autocomplete="off">
<?php csrf_get(); ?>
@ -62,12 +61,17 @@ getFields($fields);
<table class="tedit">
<tr>
<?php
// On récupère la taille max d'un nom d'utilisateur mysql (définit dans les variables globales d'AlternC
// et on l'utilise pour mettre la propriété maxlength de l'Input du nom
$len=variable_get('sql_max_username_length', NULL)-strlen($mem->user["login"]."_");
?>
<th><label for="usern"><?php __("Username"); ?></label></th>
<td><span class="int" id="usernpfx"><?php echo $mem->user["login"]; ?>_</span><input type="text" class="int" name="usern" id="usern" value="<?php ehe($usern); ?>" size="20" maxlength="20" /></td>
<td><span class="int" id="usernpfx"><?php echo $mem->user["login"]; ?>_</span><input type="text" class="int" name="usern" id="usern" value="<?php ehe($usern); ?>" size="20" maxlength="<?php echo $len; ?>" /></td>
</tr>
<tr>
<th><label for="password"><?php __("Password"); ?></label></th>
<td><input type="password" class="int" autocomplete="off" name="password" id="password" size="26"/><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#password","#passconf"); ?></td>
<td><input type="password" class="int" autocomplete="off" name="password" id="password" size="26"/><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#password","#passconf",$passwd_classcount); ?></td>
</tr>
<tr>
<th><label for="password"><?php __("Confirm password"); ?></label></th>
@ -81,7 +85,7 @@ getFields($fields);
</table>
</form>
<script type="text/javascript">
if (document.forms['main'].usern.text!='') {
if (document.forms['main'].usern.value!='') {
document.forms['main'].password.focus();
} else {
document.forms['main'].usern.focus();

17
bureau/admin/sql_users_del.php
View File

@ -33,19 +33,13 @@ $fields = array (
);
getFields($fields);
if(!isset($error)){
$error="";
}
if (isset($confirm) && ($confirm=="y")) {
reset($_POST);
while (list($key,$val)=each($_POST)) {
if (substr($key,0,4)=="del_") {
// Effacement de la base $val
$r=$mysql->del_user($val);
if (!$r) {
$error.=$err->errstr()."<br />";
} else {
$error.=sprintf(_("The user %s has been successfully deleted"),$val)."<br />";
if($mysql->del_user($val)) {
$msg->raise("ok", "mysql", _("The user '%s' has been successfully deleted"), $val);
}
}
}
@ -58,23 +52,24 @@ include_once("head.php");
?>
<h3><?php __("MySQL users"); ?></h3>
<hr id="topbar"/>
<br />
<BR />
<p class="alert alert-warning"><?php __("WARNING"); ?></big><br /><?php __("Confirm the deletion of the following MySQL users"); ?><br />
</p>
<form method="post" action="sql_users_del.php" id="main">
<?php csrf_get(); ?>
<p>
<input type="hidden" name="confirm" value="y" />
<ul>
<?php
reset($_POST);
while (list($key,$val)=each($_POST)) {
if (substr($key,0,4)=="del_") {
echo "<input type=\"hidden\" name=\"".ehe($key,false)."\" value=\"".ehe($val,false)."\" />".ehe($val,false)."<br />\n";
echo "<li><input type=\"hidden\" name=\"".ehe($key,false)."\" value=\"".ehe($val,false)."\" /><b>".ehe($val,false)."</b></li>\n";
}
}
?>
<br />
</ul>
<input type="submit" class="inb ok" name="sub" value="<?php __("Yes, delete the MySQL user"); ?>" /> <input type="button" class="inb cancel" name="non" value="<?php __("No, don't delete the MySQL user"); ?>" onclick="history.back()" />
</p>
</form>

12
bureau/admin/sql_users_doadd.php
View File

@ -36,18 +36,22 @@ $fields = array (
);
getFields($fields);
if(!empty($usern)){
if (!empty($usern)) {
if (!$mysql->add_user($usern,$password,$passconf)) {
$error=$err->errstr();
include("sql_users_add.php");
exit;
} else {
$username=$mem->user["login"]."_".$usern;
$msg->raise("ok", "mysql", _("L'utilisateur '%s' a bien été créé."),$username);
}
}else{
} else {
$usern=$mem->user["login"];
if (!$mysql->add_user($usern,$password,$passconf)) {
$error=$err->errstr();
include("sql_users_add.php");
exit;
} else {
$username=$mem->user["login"];
$msg->raise("ok", "mysql", _("L'utilisateur '%s' a bien été créé."),$username);
}
}

11
bureau/admin/sql_users_dopassword.php
View File

@ -35,11 +35,8 @@ $fields = array (
);
getFields($fields);
$mysql->change_user_password($id,$password,$passwordconf);
$error=$err->errstr();
if(isset($error) && $error){
include("sql_users_password.php");
}else{
include("sql_users_list.php");
}
if ($mysql->change_user_password($id,$password,$passwordconf))
$msg->raise("ok", "mysql", _("Mot de passe changé pour l'utilisateur '%s'."), $id);
include("sql_users_list.php");
?>

3
bureau/admin/sql_users_dorights.php
View File

@ -51,7 +51,8 @@ foreach($mysql->get_dblist() as $d){
$mysql->set_user_rights($id,$d['db'],$rights);
}
$info=_("The rights has been successfully applied to the user");
$msg->raise("ok", "mysql", _("The rights has been successfully applied to the user"));
include("sql_users_list.php");
?>

15
bureau/admin/sql_users_list.php
View File

@ -38,13 +38,9 @@ $rdb=$mysql->get_dblist();
<hr id="topbar"/>
<br />
<?php
if (isset($info) && $info) {
echo "<p class=\"alert alert-info\">$info</p><p>&nbsp;</p>";
}
if (isset($error) && $error) {
echo "<p class=\"alert alert-danger\">$error</p><p>&nbsp;</p>";
}
if($r){ // if there is some userlist
echo $msg->msg_html_all("<li>", true, true);
if($r){ // if there is some userlist
?>
<form method="post" action="sql_users_del.php">
<?php csrf_get(); ?>
@ -78,7 +74,10 @@ for($i=0;$i<count($r);$i++) {
<br/>
<?php
} // if $r
} else {
$msg->raise('Info', "mysql", _("You have no sql user at the moment."));
echo $msg->msg_html_all();
}
?>
<span class="ina add"><a href="sql_users_add.php"><?php __("Create a new MySQL user"); ?></a></span>
<?php include_once("foot.php"); ?>

13
bureau/admin/sql_users_password.php
View File

@ -40,16 +40,9 @@ getFields($fields);
<br />
<?php
$r=$mysql->get_user_dblist($id);
if (!$r) {
$error=$err->errstr();
}
if (! empty($error) ) {
echo "<p class=\"alert alert-danger\">$error</p>";
require_once('foot.php');
die();
}
$c=$admin->listPasswordPolicies();
$passwd_classcount = $c['mysql']['classcount'];
?>
<form method="post" action="sql_users_dopassword.php" autocomplete="off">
@ -63,7 +56,7 @@ if (! empty($error) ) {
<table cellspacing="0" cellpadding="4" class="tedit">
<tr>
<th><label for="password"><?php __("Password"); ?></label></th>
<td><input type="password" class="int" autocomplete="off" name="password" id="password" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#password","#passwordconf"); ?></td>
<td><input type="password" class="int" autocomplete="off" name="password" id="password" value="" size="20" maxlength="64" /><?php display_div_generate_password(DEFAULT_PASS_SIZE,"#password","#passwordconf",$passwd_classcount); ?></td>
</tr>
<tr>
<th><label for="passwordconf"><?php __("Confirm password"); ?></label></th>

9
bureau/admin/sql_users_rights.php
View File

@ -40,13 +40,10 @@ getFields($fields);
<br />
<?php
$r=$mysql->get_user_dblist($id);
if (!$r) {
$error=$err->errstr();
}
if (!empty($error)) {
echo "<p class=\"alert alert-danger\">$error</p><p>&nbsp;</p>";
require_once('foot.php');
if ($msg->has_msgs("Error")) {
require_once('sql_users_list.php');
exit();
}
if ($r) {

329
bureau/class/m_mysql.php
View File

@ -43,11 +43,11 @@ class DB_users extends DB_Sql {
* Creator
*/
function __construct() { // Sometimes we need to create this object with empty parameters, but by default we fill them with those of the current user's DB
global $cuid, $db, $err;
global $cuid, $db, $msg;
$db->query("select db_servers.* from db_servers, membres where membres.uid= ? and membres.db_server_id=db_servers.id;", array($cuid));
if (!$db->next_record()) {
$err->raise('db_user', _("There are no databases in db_servers for this user. Please contact your administrator."));
$msg->raise('Error', 'db_user', _("There are no databases in db_servers for this user. Please contact your administrator."));
die();
}
@ -144,8 +144,8 @@ class m_mysql {
* Returns an array (empty) if no databases
*/
function get_dblist() {
global $db, $err, $bro, $cuid;
$err->log("mysql", "get_dblist");
global $db, $msg, $bro, $cuid;
$msg->log("mysql", "get_dblist");
$db->free();
$db->query("SELECT login,pass,db, bck_mode, bck_dir FROM db WHERE uid= ? ORDER BY db;", array($cuid));
$c = array();
@ -163,11 +163,11 @@ class m_mysql {
* Returns FALSE if error
*/
function php_myadmin_connect() {
global $db, $cuid, $err;
$err->log("mysql", "php_myadmin_connect");
global $db, $cuid, $msg;
$msg->log("mysql", "php_myadmin_connect");
$db->query("SELECT dbu.name,dbu.password, dbs.host FROM dbusers dbu, db_servers dbs, membres m WHERE dbu.uid= ? and enable='ADMIN' and dbs.id=m.db_server_id and m.uid= ? ;", array($cuid, $cuid));
if (!$db->num_rows()) {
$err->raise("mysql", _("Cannot connect to PhpMyAdmin"));
$msg->raise('Error', "mysql", _("Cannot connect to PhpMyAdmin"));
return false;
}
$db->next_record();
@ -194,9 +194,9 @@ class m_mysql {
* Returns FALSE if the user has no database of if the database does not exist.
*/
function get_mysql_details($dbn) {
global $db, $err, $cuid;
global $db, $msg, $cuid;
$root = getuserpath();
$err->log("mysql", "get_mysql_details");
$msg->log("mysql", "get_mysql_details");
$pos = strpos($dbn, '_');
if ($pos === false) {
$dbname = $dbn;
@ -208,7 +208,7 @@ class m_mysql {
$size = $this->get_db_size($dbname);
$db->query("SELECT login,pass,db, bck_mode, bck_gzip, bck_dir, bck_history FROM db WHERE uid= ? AND db= ?;", array($cuid, $dbname));
if (!$db->num_rows()) {
$err->raise("mysql", _("Database %s not found"), $dbn);
$msg->raise('Error', "mysql", _("Database %s not found"), $dbn);
return array("enabled" => false);
}
$db->next_record();
@ -224,11 +224,11 @@ class m_mysql {
* an error occured, such as over quota user.
*/
function add_db($dbn) {
global $db, $err, $quota, $cuid;
$err->log("mysql", "add_db", $dbn);
global $db, $msg, $quota, $cuid, $admin;
$msg->log("mysql", "add_db", $dbn);
$password_user = "";
if (!$quota->cancreate("mysql")) {
$err->raise("mysql", _("Your databases quota is over. You cannot create more databases"));
$msg->raise('Error', "mysql", _("Your databases quota is over. You cannot create more databases"));
return false;
}
$pos = strpos($dbn, '_');
@ -239,33 +239,45 @@ class m_mysql {
$dbname = $dbn;
$dbn = $dbncomp[1];
if (empty($dbn)) { // If nothing after the '_'
$err->raise("mysql", _("Database can't have empty suffix"));
$msg->raise('Error', "mysql", _("Database can't have empty suffix"));
return false;
}
}
if (!preg_match("#^[0-9a-z]*$#", $dbn)) {
$err->raise("mysql", _("Database name can contain only letters and numbers"));
$msg->raise('Error', "mysql", _("Database name can contain only letters and numbers"));
return false;
}
$len=variable_get("sql_max_database_length", 64);
if (strlen($dbname) > $len) {
$err->raise("mysql", _("Database name cannot exceed %d characters"), $len);
$msg->raise('Error', "mysql", _("Database name cannot exceed %d characters"), $len);
return false;
}
$db->query("SELECT * FROM db WHERE db= ? ;", array($dbname));
if ($db->num_rows()) {
$err->raise("mysql", _("Database %s already exists"), $dbn);
$msg->raise('Error', "mysql", _("Database %s already exists"), $dbn);
return false;
}
$db->query("SELECT name from dbusers where name= ? and enable='ACTIVATED' ;", array($dbname));
if (!$db->num_rows()) {
$password_user = create_pass(8);
if (!$this->add_user($dbn, $password_user, $password_user)) {
// On empèche la création auto d'utilisateurs si la taille du nom de la db est plus grand que la taille max du nom d'utilisateur
$len=variable_get('sql_max_username_length', NULL);
if (strlen($dbname) <= $len) {
$db->query("SELECT name from dbusers where name= ? and enable='ACTIVATED' ;", array($dbname));
if (!$db->num_rows()) {
// On récupère la complexité du mdp qu'on doit générer que l'on va passer en paramètre de la fonction create_pass
$c=$admin->listPasswordPolicies();
$passwd_classcount = $c['mysql']['classcount'];
$password_user = create_pass(10, $passwd_classcount);
if ($this->add_user($dbn, $password_user, $password_user)) {
$msg->raise('Info', "mysql", "L'utilisateur '$dbname' a été créé et les droits sur cette base de données lui ont été attribué.");
} else {
$msg->raise('Alert', "mysql", "L'utilisateur '$dbname' n'a pas pu être créé.<br>Allez à la page 'Utilisateurs Mysql' pour en créer manuellement.<br>Et n'oubliez pas de lui donner les droits sur la base de données.");
}
}
}
} else {
$msg->raise('Alert', "mysql", "L'utilisateur '$dbname' n'a pas été automatiquement créé car il dépasse la limite de taille pour les utilisateurs qui est à $len<br>Allez à la page 'Utilisateurs Mysql' pour en créer un avec le nom que vous voulez.<br>Et n'oubliez pas de lui donner les droits sur la base de données.");
}
//checking for the phpmyadmin user
$db->query("SELECT * FROM dbusers WHERE uid= ? AND enable='ADMIN';", array($cuid));
@ -274,13 +286,13 @@ class m_mysql {
$myadm = $db->f("name");
$password = $db->f("password");
} else {
$err->raise("mysql", _("There is a problem with the special PhpMyAdmin user. Contact the administrator"));
$msg->raise('Error', "mysql", _("There is a problem with the special PhpMyAdmin user. Contact the administrator"));
return false;
}
//Grant the special user every rights.
if ($this->dbus->exec("CREATE DATABASE $dbname;")) { // secured: dbname is checked against ^[0-9a-z]*$
$err->log("mysql", "add_db_succes", $dbn);
$msg->log("mysql", "add_db_succes", $dbn);
// Ok, database does not exist, quota is ok and dbname is compliant. Let's proceed
$db->query("INSERT INTO db (uid,login,pass,db,bck_mode) VALUES (?, ?, ?, ? ,0)", array($cuid, $myadm, $password, $dbname));
$dbuser = $dbname;
@ -292,8 +304,8 @@ class m_mysql {
$this->dbus->query("FLUSH PRIVILEGES;");
return true;
} else {
$err->log("mysql", "add_db", $dbn);
$err->raise("mysql", _("An error occured. The database could not be created"));
$msg->log("mysql", "add_db", $dbn);
$msg->raise('Error', "mysql", _("An error occured. The database could not be created"));
return false;
}
}
@ -306,11 +318,11 @@ class m_mysql {
* an error occured, such as db does not exist.
*/
function del_db($dbname) {
global $db, $err, $cuid;
$err->log("mysql", "del_db", $dbname);
global $db, $msg, $cuid;
$msg->log("mysql", "del_db", $dbname);
$db->query("SELECT uid FROM db WHERE db= ?;", array($dbname));
if (!$db->next_record()) {
$err->raise("mysql", _("The database was not found. I can't delete it"));
$msg->raise('Error', "mysql", _("The database was not found. I can't delete it"));
return false;
}
@ -342,11 +354,11 @@ class m_mysql {
* @return boolean true if the backup parameters has been successfully changed, false if not.
*/
function put_mysql_backup($dbn, $bck_mode, $bck_history, $bck_gzip, $bck_dir) {
global $db, $err, $bro, $cuid;
$err->log("mysql", "put_mysql_backup");
global $db, $msg, $bro, $cuid;
$msg->log("mysql", "put_mysql_backup");
if (!variable_get('sql_allow_users_backups')) {
$err->raise("mysql", _("User aren't allowed to configure their backups"));
$msg->raise('Error', "mysql", _("User aren't allowed to configure their backups"));
return false;
}
@ -359,12 +371,12 @@ class m_mysql {
$dbn = $dbncomp[1];
}
if (!preg_match("#^[0-9a-z]*$#", $dbn)) {
$err->raise("mysql", _("Database name can contain only letters and numbers"));
$msg->raise('Error', "mysql", _("Database name can contain only letters and numbers"));
return false;
}
$db->query("SELECT * FROM db WHERE uid= ? AND db= ? ;", array($cuid, $dbname));
if (!$db->num_rows()) {
$err->raise("mysql", _("Database %s not found"), $dbn);
$msg->raise('Error', "mysql", _("Database %s not found"), $dbn);
return false;
}
$db->next_record();
@ -379,11 +391,11 @@ class m_mysql {
$bck_mode = "0";
}
if (!$bck_history) {
$err->raise("mysql", _("You have to choose how many backups you want to keep"));
$msg->raise('Alert', "mysql", _("You have to choose how many backups you want to keep"));
return false;
}
if (($bck_dir = $bro->convertabsolute($bck_dir, 0)) === false) { // return a full path or FALSE
$err->raise("mysql", _("Directory does not exist"));
$msg->raise('Error', "mysql", _("Directory does not exist"));
return false;
}
$db->query("UPDATE db SET bck_mode= ? , bck_history= ?, bck_gzip= ?, bck_dir= ? WHERE uid= ? AND db= ? ;", array($bck_mode, $bck_history, $bck_gzip, $bck_dir, $cuid, $dbname));
@ -397,24 +409,24 @@ class m_mysql {
* @return boolean TRUE if the password has been successfully changed, FALSE else.
*/
function put_mysql_details($password) {
global $db, $err, $cuid, $admin;
$err->log("mysql", "put_mysql_details");
global $db, $msg, $cuid, $admin;
$msg->log("mysql", "put_mysql_details");
$db->query("SELECT * FROM db WHERE uid= ?;", array($cuid));
if (!$db->num_rows()) {
$err->raise("mysql", _("Database not found"));
$msg->raise('Error', "mysql", _("Database not found"));
return false;
}
$db->next_record();
$login = $db->f("login");
if (!$password) {
$err->raise("mysql", _("The password is mandatory"));
$msg->raise('Error', "mysql", _("The password is mandatory"));
return false;
}
$len=variable_get("sql_max_username_length", 16);
if (strlen($password) > $len) {
$err->raise("mysql", _("MySQL password cannot exceed %d characters"), $len);
$msg->raise('Error', "mysql", _("MySQL password cannot exceed %d characters"), $len);
return false;
}
@ -440,32 +452,32 @@ class m_mysql {
* @table : sql tables to apply rights
* */
function grant($base, $user, $rights = null, $pass = null, $table = '*') {
global $err, $db;
$err->log("mysql", "grant", $base . "-" . $rights . "-" . $user);
global $msg, $db;
$msg->log("mysql", "grant", $base . "-" . $rights . "-" . $user);
if (!preg_match("#^[0-9a-z_\\*\\\\]*$#", $base)) {
$err->raise("mysql", _("Database name can contain only letters and numbers"));
$msg->raise('Error', "mysql", _("Database name can contain only letters and numbers"));
return false;
} elseif (!$this->dbus->query("select db from db where db= ?;", array($base))) {
$err->raise("mysql", _("Database not found"));
$msg->raise('Error', "mysql", _("Database not found"));
return false;
}
if ($rights == null) {
$rights = 'ALL PRIVILEGES';
} elseif (!preg_match("#^[a-zA-Z,\s]*$#", $rights)) {
$err->raise("mysql", _("Databases rights are not correct"));
$msg->raise('Error', "mysql", _("Databases rights are not correct"));
return false;
}
if (!preg_match("#^[0-9a-z]#", $user)) {
$err->raise("mysql", _("The username can contain only letters and numbers."));
$msg->raise('Error', "mysql", _("The username can contain only letters and numbers."));
return false;
}
$db->query("select name from dbusers where name= ? ;", array($user));
if (!$db->num_rows()) {
$err->raise("mysql", _("Database user not found"));
$msg->raise('Error', "mysql", _("Database user not found"));
return false;
}
@ -476,8 +488,9 @@ class m_mysql {
} else {
$grant .= ";";
}
if (!$this->dbus->query($grant)) {
$err->raise("mysql", _("Could not grant rights"));
$msg->raise('Error', "mysql", _("Could not grant rights"));
return false;
}
return true;
@ -492,20 +505,20 @@ class m_mysql {
* @return boolean TRUE if the database has been restored, or FALSE if an error occurred
*/
function restore($file, $stdout, $id) {
global $err, $bro;
global $msg, $bro;
if (empty($file)) {
$err->raise("mysql", _("No file specified"));
$msg->raise('Error', "mysql", _("No file specified"));
return false;
}
if (!$r = $this->get_mysql_details($id)) {
return false;
}
if (!($fi = $bro->convertabsolute($file, 0))) {
$err->raise("mysql", _("File not found"));
$msg->raise('Error', "mysql", _("File not found"));
return false;
}
if (!file_exists($fi)) {
$err->raise("mysql", _("File not found"));
$msg->raise('Error', "mysql", _("File not found"));
return false;
}
@ -558,8 +571,8 @@ class m_mysql {
* Returns the list of database users of an account
* */
function get_userslist($all = null) {
global $db, $err, $cuid;
$err->log("mysql", "get_userslist");
global $db, $msg, $cuid;
$msg->log("mysql", "get_userslist");
$c = array();
if (!$all) {
$db->query("SELECT name FROM dbusers WHERE uid= ? and enable not in ('ADMIN','HIDDEN') ORDER BY name;", array($cuid));
@ -580,8 +593,8 @@ class m_mysql {
}
function get_defaultsparam($dbn) {
global $db, $err, $cuid;
$err->log("mysql", "getdefaults");
global $db, $msg, $cuid;
$msg->log("mysql", "getdefaults");
$dbu = $dbn;
$r = array();
@ -589,86 +602,46 @@ class m_mysql {
$this->dbus->query("Select * from mysql.db where Db= ? and User!= ? ;", array($dbn, $cuid."_myadm"));
if (!$this->dbus->num_rows()) {
$err->raise("mysql",_("Database not found"));
$msg->raise('Error', "mysql",_("Database not found"));
return false;
}
$listRights = array('Select', 'Insert', 'Update', 'Delete', 'Create', 'Drop', 'References', 'Index', 'Alter', 'Create_tmp_table', 'Lock_tables', 'Create_view', 'Show_view', 'Create_routine', 'Alter_routine', 'Execute', 'Event', 'Trigger');
while ($this->dbus->next_record()) {
// rTmp est l'array dans lequel on met les infos recupérées à chaque tour de boucle et est ajouté à l'array $r
$rTmp = array();
$variable = $this->dbus->Record;
if ($variable['User'] == $dbu) {
$r['Host'] = $this->dbus->f('Host');
if ($this->dbus->f('Select_priv') !== "Y") {
return $r;
}
if ($this->dbus->f('Insert_priv') !== "Y") {
return $r;
}
if ($this->dbus->f('Update_priv') !== "Y") {
return $r;
}
if ($this->dbus->f('Delete_priv') !== "Y") {
return $r;
}
if ($this->dbus->f('Create_priv') !== "Y") {
return $r;
}
if ($this->dbus->f('Drop_priv') !== "Y") {
return $r;
}
if ($this->dbus->f('References_priv') !== "Y") {
return $r;
}
if ($this->dbus->f('Index_priv') !== "Y") {
return $r;
}
if ($this->dbus->f('Alter_priv') !== "Y") {
return $r;
}
if ($this->dbus->f('Create_tmp_table_priv') !== "Y") {
return $r;
}
if ($this->dbus->f('Lock_tables_priv') !== "Y") {
return $r;
}
if ($this->dbus->f('Create_view_priv') !== "Y") {
return $r;
}
if ($this->dbus->f('Show_view_priv') !== "Y") {
return $r;
}
if ($this->dbus->f('Create_routine_priv') !== "Y") {
return $r;
}
if ($this->dbus->f('Alter_routine_priv') !== "Y") {
return $r;
}
if ($this->dbus->f('Execute_priv') !== "Y") {
return $r;
}
if ($this->dbus->f('Event_priv') !== "Y") {
return $r;
}
if ($this->dbus->f('Trigger_priv') !== "Y") {
return $r;
}
$dbu = $variable['User'];
$rTmp['Host'] = $this->dbus->f('Host');
$rTmp['Rights']='All';
foreach ($listRights as $v) {
$right = $v."_priv";
if ($this->dbus->f($right) !== "Y") {
$rTmp['Rights'] = 'NotAll';
break;
}
}
if (!$db->query("SELECT name,password from dbusers where name= ? ;", array($dbu))) {
$msg->raise('Error', "mysql",_("Database not found")." (3)");
return false;
}
} //endwhile
if (!count($r)) {
$err->raise("mysql",_("Database not found")." (2)");
return false;
}
if (!$db->query("SELECT name,password from dbusers where name= ? ;", array($dbu))) {
$err->raise("mysql",_("Database not found")." (3)");
return false;
}
if (!$db->num_rows()) {
$err->raise("mysql",_("Database not found")." (4)");
return false;
}
$db->next_record();
$r['user'] = $db->f('name');
$r['password'] = $db->f('password');
if (!$db->num_rows()) {
$msg->raise('Error', "mysql",_("Database not found")." (4)");
return false;
}
$db->next_record();
$rTmp['user'] = $db->f('name');
$rTmp['password'] = $db->f('password');
$r[] = $rTmp;
} //endwhile
return $r;
}
@ -682,8 +655,8 @@ class m_mysql {
* @return boolean if the user has been created in MySQL or FALSE if an error occurred
* */
function add_user($usern, $password, $passconf) {
global $db, $err, $mem, $cuid, $admin;
$err->log("mysql", "add_user", $usern);
global $db, $msg, $mem, $cuid, $admin;
$msg->log("mysql", "add_user", $usern);
$usern = trim($usern);
$login = $mem->user["login"];
@ -692,33 +665,32 @@ class m_mysql {
} else {
$user = $usern;
}
if (!$usern) {
$err->raise("mysql", _("The username is mandatory"));
$msg->raise('Alert', "mysql", _("The username is mandatory"));
return false;
}
if (!$password) {
$err->raise("mysql", _("The password is mandatory"));
$msg->raise('Alert', "mysql", _("The password is mandatory"));
return false;
}
if (!preg_match("#^[0-9a-z]#", $usern)) {
$err->raise("mysql", _("The username can contain only letters and numbers"));
$msg->raise('Error', "mysql", _("The username can contain only letters and numbers"));
return false;
}
// We check the length of the COMPLETE username, not only the part after _
$len=variable_get("sql_max_username_length", 16);
if (strlen($user) > $len) {
$err->raise("mysql", _("MySQL username cannot exceed %d characters"), $len);
$msg->raise('Error', "mysql", _("MySQL username cannot exceed %d characters"), $len);
return false;
}
$db->query("SELECT * FROM dbusers WHERE name= ? ;", array($user));
if ($db->num_rows()) {
$err->raise("mysql", _("The database user already exists"));
$msg->raise('Error', "mysql", _("The database user already exists"));
return false;
}
if ($password != $passconf || !$password) {
$err->raise("mysql", _("The passwords do not match"));
$msg->raise('Error', "mysql", _("The passwords do not match"));
return false;
}
@ -731,8 +703,8 @@ class m_mysql {
// We add him to the user table
$db->query("INSERT INTO dbusers (uid,name,password,enable) VALUES( ?, ?, ?, 'ACTIVATED');", array($cuid, $user, $password));
$this->grant("*", $user, "USAGE", $pass);
$this->grant("*", $user, "USAGE", $password);
return true;
}
@ -746,12 +718,12 @@ class m_mysql {
* @return boolean if the password has been changed in MySQL or FALSE if an error occurred
* */
function change_user_password($usern, $password, $passconf) {
global $db, $err, $cuid, $admin;
$err->log("mysql", "change_user_pass", $usern);
global $db, $msg, $cuid, $admin;
$msg->log("mysql", "change_user_pass", $usern);
$usern = trim($usern);
if ($password != $passconf || !$password) {
$err->raise("mysql", _("The passwords do not match"));
$msg->raise('Error', "mysql", _("The passwords do not match"));
return false;
}
@ -775,10 +747,10 @@ class m_mysql {
* @return boolean if the user has been deleted in MySQL or FALSE if an error occurred
* */
function del_user($user, $all = false) {
global $db, $err, $cuid;
$err->log("mysql", "del_user", $user);
global $db, $msg, $cuid;
$msg->log("mysql", "del_user", $user);
if (!preg_match("#^[0-9a-z]#", $user)) {
$err->raise("mysql", _("The username can contain only letters and numbers"));
$msg->raise('Error', "mysql", _("The username can contain only letters and numbers"));
return false;
}
if (!$all) {
@ -787,9 +759,12 @@ class m_mysql {
$db->query("SELECT name FROM dbusers WHERE uid= ? ;", array($cuid));
}
$backtrace = debug_backtrace();
if (!$db->num_rows()) {
$err->raise("mysql", _("The username was not found"));
return false;
if ($backtrace[1]["function"] != "del_db")
$msg->raise('Error', "mysql", _("The username was not found"));
return false;
}
$db->next_record();
$login = $db->f("name");
@ -801,6 +776,10 @@ class m_mysql {
$this->dbus->query("FLUSH PRIVILEGES");
$db->query("DELETE FROM dbusers WHERE uid= ? AND name= ? ;", array($cuid, $user));
if ($backtrace[1]["function"] == "del_db")
$msg->raise('info', "mysql", _("The user '%s' has been successfully deleted"), $user);
return true;
}
@ -812,11 +791,11 @@ class m_mysql {
* @return array An array of database name and rights
* */
function get_user_dblist($user) {
global $db, $err;
global $db, $msg;
$this->dbus->query("SELECT * FROM mysql.user WHERE User= ? AND Host= ? ;", array($user, $this->dbus->Client));
if (!$this->dbus->next_record()) {
$err->raise('mysql', _("This user does not exist in the MySQL/User database"));
$msg->raise('Error', 'mysql', _("This user does not exist in the MySQL/User database"));
return false;
}
@ -824,7 +803,8 @@ class m_mysql {
$db->free();
$dblist = $this->get_dblist();
foreach ($dblist as $tab) {
$this->dbus->query("SELECT * FROM mysql.db WHERE User= ? AND Host= ? AND Db= ? ;", array($user, $this->dbus->Client, $tab["db"]));
$dbname = str_replace('_', '\_', $tab["db"]);
$this->dbus->query("SELECT * FROM mysql.db WHERE User= ? AND Host= ? AND Db= ? ;", array($user, $this->dbus->Client, $dbname));
if ($this->dbus->next_record()) {
$r[] = array("db" => $tab["db"], "select" => $this->dbus->f("Select_priv"), "insert" => $this->dbus->f("Insert_priv"), "update" => $this->dbus->f("Update_priv"), "delete" => $this->dbus->f("Delete_priv"), "create" => $this->dbus->f("Create_priv"), "drop" => $this->dbus->f("Drop_priv"), "references" => $this->dbus->f("References_priv"), "index" => $this->dbus->f("Index_priv"), "alter" => $this->dbus->f("Alter_priv"), "create_tmp" => $this->dbus->f("Create_tmp_table_priv"), "lock" => $this->dbus->f("Lock_tables_priv"),
"create_view" => $this->dbus->f("Create_view_priv"),
@ -853,8 +833,8 @@ class m_mysql {
*
* */
function set_user_rights($user, $dbn, $rights) {
global $err;
$err->log("mysql", "set_user_rights");
global $msg;
$msg->log("mysql", "set_user_rights");
// On genere les droits en fonction du tableau de droits
$strrights = "";
@ -918,14 +898,15 @@ class m_mysql {
}
// We reset all user rights on this DB :
$this->dbus->query("SELECT * FROM mysql.db WHERE User = ? AND Db = ?;", array($user, $dbn));
$dbname = str_replace('_', '\_', $dbn);
$this->dbus->query("SELECT * FROM mysql.db WHERE User = ? AND Db = ?;", array($user, $dbname));
if ($this->dbus->num_rows()) {
$this->dbus->query("REVOKE ALL PRIVILEGES ON ".$dbn.".* FROM ".$this->dbus->quote($user)."@" . $this->dbus->quote($this->dbus->Client) . ";");
$this->dbus->query("REVOKE ALL PRIVILEGES ON `".$dbname."`.* FROM ".$this->dbus->quote($user)."@" . $this->dbus->quote($this->dbus->Client) . ";");
}
if ($strrights) {
$strrights = substr($strrights, 0, strlen($strrights) - 1);
$this->grant($dbn, $user, $strrights);
$this->grant($dbname, $user, $strrights);
}
$this->dbus->query("FLUSH PRIVILEGES");
return TRUE;
@ -942,8 +923,8 @@ class m_mysql {
* @access private
*/
function hook_lxc_params($params) {
global $err;
$err->log("mysql", "alternc_get_quota");
global $msg;
$msg->log("mysql", "alternc_get_quota");
$p = array();
if (isset($this->dbus["Host"]) && $this->dbus["Host"] != "") {
$p["mysql_host"] = $this->dbus["Host"];
@ -961,8 +942,8 @@ class m_mysql {
* @access private
*/
function hook_quota_get() {
global $err;
$err->log("mysql", "alternc_get_quota");
global $msg;
$msg->log("mysql", "alternc_get_quota");
$q = Array("name" => "mysql", "description" => _("MySQL Databases"), "used" => 0);
$c = $this->get_dblist();
if (is_array($c)) {
@ -978,8 +959,8 @@ class m_mysql {
* @access private
*/
function alternc_add_member() {
global $db, $err, $cuid, $mem;
$err->log("mysql", "alternc_add_member");
global $db, $msg, $cuid, $mem;
$msg->log("mysql", "alternc_add_member");
//checking for the phpmyadmin user
$db->query("SELECT name,password FROM dbusers WHERE uid= ? AND Type='ADMIN';", array($cuid));
if ($db->num_rows()) {
@ -987,7 +968,7 @@ class m_mysql {
$password = $db->f("password");
} else {
$myadm = $cuid . "_myadm";
$password = create_pass(8);
$password = create_pass();
}
$db->query("INSERT INTO dbusers (uid,name,password,enable) VALUES (?, ?, ?, 'ADMIN');", array($cuid, $myadm, $password));
@ -1002,8 +983,8 @@ class m_mysql {
* @access private
*/
function alternc_del_member() {
global $err;
$err->log("mysql", "alternc_del_member");
global $msg;
$msg->log("mysql", "alternc_del_member");
$c = $this->get_dblist();
if (is_array($c)) {
for ($i = 0; $i < count($c); $i++) {
@ -1040,8 +1021,8 @@ class m_mysql {
*/
function alternc_export_conf() {
//TODO don't work with separated sql server for dbusers
global $db, $err, $cuid;
$err->log("mysql", "export");
global $db, $msg, $cuid;
$msg->log("mysql", "export");
$db->query("SELECT login, pass, db, bck_mode, bck_dir, bck_history, bck_gzip FROM db WHERE uid= ? ;", array($cuid));
$str = "";
if ($db->next_record()) {
@ -1072,13 +1053,13 @@ class m_mysql {
* EXPERIMENTAL 'sid' function ;)
*/
function alternc_export_data($dir) {
global $db, $err, $cuid;
$err->log("mysql", "export_data");
global $db, $msg, $cuid;
$msg->log("mysql", "export_data");
$db->query("SELECT db.login, db.pass, db.db, dbusers.name FROM db,dbusers WHERE db.uid= ? AND dbusers.uid=db.uid;", array($cuid));
$dir.="sql/";
if (!is_dir($dir)) {
if (!mkdir($dir)) {
$err->raise('mysql', _("The directory could not be created"));
$msg->raise('Error', 'mysql', _("The directory could not be created"));
}
}
// on exporte toutes les bases utilisateur.
@ -1100,8 +1081,8 @@ class m_mysql {
* @return an array associating the name of the databases to their sizes : array(dbname=>size)
*/
function get_dbus_size($db_name, $db_host, $db_login, $db_password, $db_client) {
global $err;
$err->log("mysql", "get_dbus_size", $db_host);
global $msg;
$msg->log("mysql", "get_dbus_size", $db_host);
$this->dbus = new DB_Sql("mysql",$db_host,$db_login,$db_password);