From 979a7f0b0eb21a2170ddbcee5280c76d9400092c Mon Sep 17 00:00:00 2001
From: Nahuel Angelinetti <nahuel@altnetvision.info>
Date: Wed, 26 Apr 2006 14:59:28 +0000
Subject: [PATCH] Rajout de la gestion des utilisateurs mysql pour les membres
 ( avec quotas ) Closes: #265

---
 .gitattributes                                |   6 +
 bureau/admin/menu_sql.php                     |   3 +-
 bureau/admin/sql_users_add.php                |  71 ++++++++
 bureau/admin/sql_users_del.php                |  73 ++++++++
 bureau/admin/sql_users_doadd.php              |  47 +++++
 bureau/admin/sql_users_dorights.php           |  47 +++++
 bureau/admin/sql_users_list.php               | 118 ++++++++++++
 bureau/admin/sql_users_rights.php             | 129 ++++++++++++++
 bureau/class/m_mysql.php                      | 168 +++++++++++++++++-
 bureau/locales/fr_FR/LC_MESSAGES/sql.po       |  63 ++++++-
 .../locales/fr_FR/LC_MESSAGES/sql_manual.po   |  52 ++++--
 bureau/locales/sql.po                         |  48 +++++
 bureau/locales/sql_manual.po                  |  24 +++
 install/mysql.sql                             |  12 ++
 install/upgrades/0.9.5.sql                    |   8 +
 15 files changed, 846 insertions(+), 23 deletions(-)
 create mode 100644 bureau/admin/sql_users_add.php
 create mode 100644 bureau/admin/sql_users_del.php
 create mode 100644 bureau/admin/sql_users_doadd.php
 create mode 100644 bureau/admin/sql_users_dorights.php
 create mode 100644 bureau/admin/sql_users_list.php
 create mode 100644 bureau/admin/sql_users_rights.php

diff --git a/.gitattributes b/.gitattributes
index 4ba78e2b..bd560fe1 100644
--- a/.gitattributes
+++ b/.gitattributes
@@ -200,6 +200,12 @@ bureau/admin/sql_list.php -text
 bureau/admin/sql_pass.php -text
 bureau/admin/sql_passchg.php -text
 bureau/admin/sql_restore.php -text
+bureau/admin/sql_users_add.php -text
+bureau/admin/sql_users_del.php -text
+bureau/admin/sql_users_doadd.php -text
+bureau/admin/sql_users_dorights.php -text
+bureau/admin/sql_users_list.php -text
+bureau/admin/sql_users_rights.php -text
 bureau/admin/sta2_add_raw.php -text
 bureau/admin/sta2_del_raw.php -text
 bureau/admin/sta2_doadd_raw.php -text
diff --git a/bureau/admin/menu_sql.php b/bureau/admin/menu_sql.php
index ad3e80c1..e6cb8cf7 100644
--- a/bureau/admin/menu_sql.php
+++ b/bureau/admin/menu_sql.php
@@ -32,9 +32,10 @@ if ($r["t"]) {
 ?>
 <tr><td nowrap="nowrap">
 MySQL<br />
+	- <a href="sql_users_list.php"><?php __("MySQL Users") ?></a><br />
 	- <a href="sql_list.php"><?php __("Databases"); ?></a><br />
 	- <a target="_blank" href="sql_admin.php"><?php __("SQL Admin"); ?></a><br />
 </td></tr>
 <?php
 	}
-?>
\ No newline at end of file
+?>
diff --git a/bureau/admin/sql_users_add.php b/bureau/admin/sql_users_add.php
new file mode 100644
index 00000000..7aa86326
--- /dev/null
+++ b/bureau/admin/sql_users_add.php
@@ -0,0 +1,71 @@
+<?php
+/*
+ $Id: sql_users_add.php,v 1.5 2004/05/19 14:23:06 nahuel Exp $
+ ----------------------------------------------------------------------
+ AlternC - Web Hosting System
+ Copyright (C) 2002 by the AlternC Development Team.
+ http://alternc.org/
+ ----------------------------------------------------------------------
+ Based on:
+ Valentin Lacambre's web hosting softwares: http://altern.org/
+ ----------------------------------------------------------------------
+ LICENSE
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License (GPL)
+ as published by the Free Software Foundation; either version 2
+ of the License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ To read the license please visit http://www.gnu.org/copyleft/gpl.html
+ ----------------------------------------------------------------------
+ Original Author of file: Nahuel ANGELINETTI
+ Purpose of file:
+ ----------------------------------------------------------------------
+*/
+require_once("../class/config.php");
+
+
+if (!$quota->cancreate("mysql_users")) {
+	$error=_("err_mysql_20");
+	$fatal=1;
+}
+include("head.php");
+?>
+</head>
+<body>
+<h3><?php __("Create a new MySQL user"); ?></h3>
+<?php
+	if ($error) {
+		echo "<p class=\"error\">$error</p>";
+		if ($fatal) { 
+			echo "</body></html>";
+			exit();
+		}
+	}
+?>
+<form method="post" action="sql_users_doadd.php" id="main">
+<table border="1" cellspacing="0" cellpadding="4">
+<tr>
+  <th><label for="usern"><?php __("Username"); ?></label></th>
+  <td><?php echo $mem->user["login"]; ?>&nbsp;<b>_</b>&nbsp;<input type="text" class="int" name="usern" id="usern" value="" size="20" maxlength="30" /></td>
+</tr>
+<tr>
+  <th><label for="password"><?php __("Password"); ?></label></th>
+  <td><input type="password" class="int" name="password" id="password" size="26"/></td>
+</tr>
+<tr>
+  <th><label for="password"><?php __("Confirm password"); ?></label></th>
+  <td><input type="password" class="int" name="passconf" id="passconf" size="26"/></td>
+</tr>
+
+<tr><td colspan="2"><input type="submit" class="inb" name="submit" value="<?php __("Create this new user"); ?>" /></td></tr>
+</table>
+</form>
+
+</body>
+</html>
diff --git a/bureau/admin/sql_users_del.php b/bureau/admin/sql_users_del.php
new file mode 100644
index 00000000..41e6001f
--- /dev/null
+++ b/bureau/admin/sql_users_del.php
@@ -0,0 +1,73 @@
+<?php
+/*
+ $Id: sql_del.php,v 1.3 2003/06/10 07:20:29 root Exp $
+ ----------------------------------------------------------------------
+ AlternC - Web Hosting System
+ Copyright (C) 2002 by the AlternC Development Team.
+ http://alternc.org/
+ ----------------------------------------------------------------------
+ Based on:
+ Valentin Lacambre's web hosting softwares: http://altern.org/
+ ----------------------------------------------------------------------
+ LICENSE
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License (GPL)
+ as published by the Free Software Foundation; either version 2
+ of the License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ To read the license please visit http://www.gnu.org/copyleft/gpl.html
+ ----------------------------------------------------------------------
+ Original Author of file: Benjamin Sonntag
+ Purpose of file: Delete a mysql user database
+ ----------------------------------------------------------------------
+*/
+require_once("../class/config.php");
+
+if ($confirm=="y") {
+  reset($_POST);
+  while (list($key,$val)=each($_POST)) {
+    if (substr($key,0,4)=="del_") {
+      // Effacement de la base $val
+      $r=$mysql->del_user($val);
+      if (!$r) {
+	$error.=$err->errstr()."<br />";
+      } else {
+	$error.=sprintf(_("The user %s has been successfully deleted"),$mem->user["login"]."_$val")."<br />";
+      }
+    }
+  }
+  include("sql_users_list.php");
+  exit();
+}
+
+include("head.php");
+?>
+</head>
+<body>
+<h3><?php __("MySQL users"); ?></h3>
+<p class="error"><?php __("WARNING"); ?></big><br /><?php __("Confirm the deletion of the following MySQL users"); ?><br />
+</p>
+<form method="post" action="sql_users_del.php" id="main">
+<p>
+<input type="hidden" name="confirm" value="y" />
+<?php
+reset($_POST);
+while (list($key,$val)=each($_POST)) {
+  if (substr($key,0,4)=="del_") {
+    echo "<input type=\"hidden\" name=\"$key\" value=\"$val\" />".$mem->user["login"]."_$val<br />\n";
+  }
+}
+
+?>
+<br />
+<input type="submit" class="inb" name="sub" value="<?php __("Yes"); ?>" /> - <input type="button" class="inb" name="non" value="<?php __("No"); ?>" onclick="history.back()" />
+</p>
+</form>
+</body>
+</html>
diff --git a/bureau/admin/sql_users_doadd.php b/bureau/admin/sql_users_doadd.php
new file mode 100644
index 00000000..64e2258c
--- /dev/null
+++ b/bureau/admin/sql_users_doadd.php
@@ -0,0 +1,47 @@
+<?php
+/*
+ $Id: sql_users_doadd.php,v 1.2 2003/06/10 07:20:29 nahuel Exp $
+ ----------------------------------------------------------------------
+ AlternC - Web Hosting System
+ Copyright (C) 2002 by the AlternC Development Team.
+ http://alternc.org/
+ ----------------------------------------------------------------------
+ Based on:
+ Valentin Lacambre's web hosting softwares: http://altern.org/
+ ----------------------------------------------------------------------
+ LICENSE
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License (GPL)
+ as published by the Free Software Foundation; either version 2
+ of the License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ To read the license please visit http://www.gnu.org/copyleft/gpl.html
+ ----------------------------------------------------------------------
+ Original Author of file: Nahuel ANGELINETTI
+ Purpose of file:
+ ----------------------------------------------------------------------
+*/
+require_once("../class/config.php");
+
+
+if (!$quota->cancreate("mysql_users")) {
+//	$error=_("err_mysql_1");
+	include("sql_users_add.php");
+	exit;
+}
+
+if (!$mysql->add_user($usern,$password,$passconf)) {
+  $error=$err->errstr();
+  include("sql_users_add.php");
+  exit;
+}
+
+include("sql_users_list.php");
+
+?>
diff --git a/bureau/admin/sql_users_dorights.php b/bureau/admin/sql_users_dorights.php
new file mode 100644
index 00000000..2cb78e5c
--- /dev/null
+++ b/bureau/admin/sql_users_dorights.php
@@ -0,0 +1,47 @@
+<?php
+/*
+ $Id: sql_users_rights.php,v 1.8 2006/02/16 16:26:28 nahuel Exp $
+ ----------------------------------------------------------------------
+ AlternC - Web Hosting System
+ Copyright (C) 2002 by the AlternC Development Team.
+ http://alternc.org/
+ ----------------------------------------------------------------------
+ Based on:
+ Valentin Lacambre's web hosting softwares: http://altern.org/
+ ----------------------------------------------------------------------
+ LICENSE
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License (GPL)
+ as published by the Free Software Foundation; either version 2
+ of the License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ To read the license please visit http://www.gnu.org/copyleft/gpl.html
+ ----------------------------------------------------------------------
+ Original Author of file: Nahuel ANGELINETTI
+ Purpose of file: Manage the MySQL users of a member
+ ----------------------------------------------------------------------
+*/
+require_once("../class/config.php");
+
+$keys=array_keys($_REQUEST);
+$dblist=$mysql->get_dblist();
+
+for( $i=0 ; $i<count($dblist) ; $i++ ) {
+  $rights=array();
+  for( $j=0 ; $j<count($keys) ; $j++ ) {
+      if( strpos( $keys[$j], $dblist[$i]["name"]."_" ) === 0 )
+        $rights[]=substr($keys[$j], strlen( $dblist[$i]["name"]."_" ));
+  }
+  $mysql->set_user_rights($id,$dblist[$i]["name"],$rights);
+}
+
+$error=_("The rights has been successfully applied to the user");
+include("sql_users_list.php");
+
+?>
diff --git a/bureau/admin/sql_users_list.php b/bureau/admin/sql_users_list.php
new file mode 100644
index 00000000..f01a63e3
--- /dev/null
+++ b/bureau/admin/sql_users_list.php
@@ -0,0 +1,118 @@
+<?php
+/*
+ $Id: sql_users_list.php,v 1.8 2006/02/16 16:26:28 nahuel Exp $
+ ----------------------------------------------------------------------
+ AlternC - Web Hosting System
+ Copyright (C) 2002 by the AlternC Development Team.
+ http://alternc.org/
+ ----------------------------------------------------------------------
+ Based on:
+ Valentin Lacambre's web hosting softwares: http://altern.org/
+ ----------------------------------------------------------------------
+ LICENSE
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License (GPL)
+ as published by the Free Software Foundation; either version 2
+ of the License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ To read the license please visit http://www.gnu.org/copyleft/gpl.html
+ ----------------------------------------------------------------------
+ Original Author of file: Nahuel ANGELINETTI
+ Purpose of file: Manage the MySQL users of a member
+ ----------------------------------------------------------------------
+*/
+require_once("../class/config.php");
+
+
+$r=$mysql->get_userslist();
+$rdb=$mysql->get_dblist();
+
+include("head.php");
+?>
+</head>
+<body>
+<h3><?php __("MySQL Users"); ?></h3>
+<?php
+	if ($error) {
+		echo "<p class=\"error\">$error</p><p>&nbsp;</p>";
+	}
+
+if ($rdb) {
+  if($r){
+echo "<p>"._("help_sql_users_list_ok")."</p>";
+?>
+
+<form method="post" action="sql_users_del.php">
+<table cellspacing="0" cellpadding="4">
+   <tr><th>&nbsp;</th><th><?php __("User"); ?></th><th><?php __("Rights"); ?></th></tr>
+        <tr class="lst<?php echo $col; ?>">
+          <td align="center">
+            <input type="checkbox" class="inc" id="del_<?php echo $val["name"]; ?>" name="del_<?php echo $val["name"]; ?>" value="<?php echo $val["name"]; ?>" />
+          </td>
+          <td><label for="del_<?php echo $val["name"]; ?>"><?php echo $mem->user["login"]; ?></label></td>
+          <td><a href="sql_users_rights.php?id=<?php echo $val["name"] ?>"><?php __("Rights"); ?></a></td>
+        </tr>
+
+<?php
+$col=1;
+for($i=0;$i<count($r);$i++) {
+  $val=$r[$i];
+  $col=3-$col;
+?>
+	<tr class="lst<?php echo $col; ?>">
+	  <td align="center">
+            <input type="checkbox" class="inc" id="del_<?php echo $val["name"]; ?>" name="del_<?php echo $val["name"]; ?>" value="<?php echo $val["name"]; ?>" />
+          </td>
+	  <td><label for="del_<?php echo $val["name"]; ?>"><?php echo $mem->user["login"]."_".$val["name"]; ?></label></td>
+	  <td><a href="sql_users_rights.php?id=<?php echo $val["name"] ?>"><?php __("Rights"); ?></a></td>
+	</tr>
+<?php
+
+
+ }
+?>
+
+<tr><td colspan="5">
+   <input type="submit" name="sub" value="<?php __("Delete the checked users"); ?>" class="inb" />
+</td></tr>
+</table>
+</form>
+
+<p>&nbsp;</p>
+<p>
+
+<?php
+  }
+  if ($quota->cancreate("mysql_users")) { 
+?>
+      <a href="sql_users_add.php"><?php __("Create a new MySQL user"); ?></a><br /><br />
+<?php
+  }
+} else {
+  echo "<p>"._("help_sql_list_no")."</p>";
+ 
+?>
+<form method="post" action="sql_addmain.php">
+<table cellspacing="0" cellpadding="4">
+		<tr  class="lst2"><th><?php __("Username"); ?></th><td><code><?php echo $mem->user["login"]; ?></code></td></tr>
+		<tr  class="lst1"><th><label for="pass"><?php __("Password"); ?></label></th><td><code><input class="int" type="password" name="pass" id="pass" value="" /></code></td></tr>
+		<tr  class="lst2"><th><?php __("SQL Server"); ?></th><td><code><?php echo $mysql->server; ?></code></td></tr>
+		<tr  class="lst1"><th><?php __("Database"); ?></th><td><code><?php echo $mem->user["login"]; ?></code></td></tr>
+	<tr><td><input type="submit" class="inb" name="submit" value="<?php __("Create my main database"); ?>" /></td></tr>
+</table>
+</form>
+<?php
+	}
+ ?>
+
+</p>
+
+
+</body>
+</html>
diff --git a/bureau/admin/sql_users_rights.php b/bureau/admin/sql_users_rights.php
new file mode 100644
index 00000000..902fd3b4
--- /dev/null
+++ b/bureau/admin/sql_users_rights.php
@@ -0,0 +1,129 @@
+<?php
+/*
+ $Id: sql_users_rights.php,v 1.8 2006/02/16 16:26:28 nahuel Exp $
+ ----------------------------------------------------------------------
+ AlternC - Web Hosting System
+ Copyright (C) 2002 by the AlternC Development Team.
+ http://alternc.org/
+ ----------------------------------------------------------------------
+ Based on:
+ Valentin Lacambre's web hosting softwares: http://altern.org/
+ ----------------------------------------------------------------------
+ LICENSE
+
+ This program is free software; you can redistribute it and/or
+ modify it under the terms of the GNU General Public License (GPL)
+ as published by the Free Software Foundation; either version 2
+ of the License, or (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ To read the license please visit http://www.gnu.org/copyleft/gpl.html
+ ----------------------------------------------------------------------
+ Original Author of file: Nahuel ANGELINETTI
+ Purpose of file: Manage the MySQL users of a member
+ ----------------------------------------------------------------------
+*/
+require_once("../class/config.php");
+
+$r=$mysql->get_user_dblist($id);
+
+include("head.php");
+?>
+</head>
+<body>
+<h3><?php printf(_("MySQL Rights for %s"),$mem->user["login"]."_".$id) ?></h3>
+<?php
+	if ($error) {
+		echo "<p class=\"error\">$error</p><p>&nbsp;</p>";
+	}
+
+if ($r) {
+
+echo "<p>"._("help_sql_users_rights_ok")."</p>";
+?>
+
+<form method="post" action="sql_users_dorights.php">
+<input type="hidden" name="id" value="<?php echo $id; ?>" />
+<table cellspacing="0" cellpadding="4">
+   <tr>
+     <th>&nbsp;</th>
+     <th>SELECT</th>
+     <th>INSERT</th>
+     <th>UPDATE</th>
+     <th>DELETE</th>
+     <th>CREATE</th>
+     <th>DROP</th>
+     <th>REFERENCES</th>
+     <th>INDEX</th>
+     <th>ALTER</th>
+     <th>CREATE_TMP_TABLE</th>
+     <th>LOCK</th>
+  </tr>
+
+<?php
+$col=1;
+for($i=0;$i<count($r);$i++) {
+  $val=$r[$i];
+  $col=3-$col;
+?>
+	<tr class="lst<?php echo $col; ?>">
+          <td><strong><?php echo $mem->user["login"].($val["db"]?"_":"").$val["db"] ?></strong></td>
+	  <td align="center">
+            <input type="checkbox" class="inc" id="<?php echo $val["db"]; ?>_select" name="<?php echo $val["db"]; ?>_select"<?php if($val["select"]=="Y") echo " checked"; ?> />
+          </td>
+	  <td align="center">
+            <input type="checkbox" class="inc" id="<?php echo $val["db"]; ?>_insert" name="<?php echo $val["db"]; ?>_insert""<?php if($val["insert"]=="Y") echo " checked"; ?> />
+          </td>
+	  <td align="center">
+            <input type="checkbox" class="inc" id="<?php echo $val["db"]; ?>_update" name="<?php echo $val["db"]; ?>_update"<?php if($val["update"]=="Y") echo " checked"; ?> />
+          </td>
+	  <td align="center">
+            <input type="checkbox" class="inc" id="<?php echo $val["db"]; ?>_delete" name="<?php echo $val["db"]; ?>_delete"<?php if($val["delete"]=="Y") echo " checked"; ?> />
+          </td>
+	  <td align="center">
+            <input type="checkbox" class="inc" id="<?php echo $val["db"]; ?>_create" name="<?php echo $val["db"]; ?>_create"<?php if($val["create"]=="Y") echo " checked"; ?> />
+          </td>
+	  <td align="center">
+            <input type="checkbox" class="inc" id="<?php echo $val["db"]; ?>_drop" name="<?php echo $val["db"]; ?>_drop"<?php if($val["drop"]=="Y") echo " checked"; ?> />
+          </td>
+	  <td align="center">
+            <input type="checkbox" class="inc" id="<?php echo $val["db"]; ?>_references" name="<?php echo $val["db"]; ?>_references"<?php if($val["references"]=="Y") echo " checked"; ?> />
+          </td>
+	  <td align="center">
+            <input type="checkbox" class="inc" id="<?php echo $val["db"]; ?>_index" name="<?php echo $val["db"]; ?>_index"<?php if($val["index"]=="Y") echo " checked"; ?> />
+          </td>
+	  <td align="center">
+            <input type="checkbox" class="inc" id="<?php echo $val["db"]; ?>_alter" name="<?php echo $val["db"]; ?>_alter"<?php if($val["alter"]=="Y") echo " checked"; ?> />
+          </td>
+	  <td align="center">
+            <input type="checkbox" class="inc" id="<?php echo $val["db"]; ?>_create_tmp" name="<?php echo $val["db"]; ?>_create_tmp"<?php if($val["create_tmp"]=="Y") echo " checked"; ?> />
+          </td>
+	  <td align="center">
+            <input type="checkbox" class="inc" id="<?php echo $val["db"]; ?>_lock" name="<?php echo $val["db"]; ?>_lock"<?php if($val["lock"]=="Y") echo " checked"; ?> />
+          </td>
+	</tr>
+<?php
+
+
+ }
+?>
+<tr><td colspan="5">
+   <input type="submit" value="<?php __("Apply"); ?>" class="inb" />
+</td></tr>
+</table>
+</form>
+
+<p>&nbsp;</p>
+<p>
+<?php 
+}
+?>
+</p>
+
+
+</body>
+</html>
diff --git a/bureau/class/m_mysql.php b/bureau/class/m_mysql.php
index 564e3ae4..d2ead13a 100644
--- a/bureau/class/m_mysql.php
+++ b/bureau/class/m_mysql.php
@@ -52,7 +52,7 @@ class m_mysql {
    * Quota name
    */
   function alternc_quota_names() {
-    return "mysql";
+    return array("mysql","mysql_users");
   }
 
   /*---------------------------------------------------------------------------*/
@@ -100,7 +100,6 @@ class m_mysql {
   function get_mysql_details($dbn) {
     global $db,$err,$bro,$mem,$cuid;
     $root="/var/alternc/html/".substr($mem->user["login"],0,1)."/".$mem->user["login"];
-    $root=realpath($root);
     $err->log("mysql","get_mysql_details");
     $dbname=$mem->user["login"].($dbn?"_":"").$dbn;
     $size=$this->get_db_size($dbname);
@@ -255,7 +254,7 @@ class m_mysql {
     $db->next_record();
     $login=$db->f("login");
 
-    if (strlen($password)>16 || strlen($password)<4 ) {
+    if (strlen($password)>16) {
       $err->raise("mysql",8);
       return false;
     }
@@ -273,7 +272,7 @@ class m_mysql {
   function new_mysql($password) {
     global $db,$err,$mem,$cuid;
     $err->log("mysql","new_mysql");
-    if (strlen($password)>16 || strlen($password)<4 ) {
+    if (strlen($password)>16) {
       $err->raise("mysql",8);
       return false;
     }
@@ -362,6 +361,13 @@ class m_mysql {
       } else {
 	return 0;
       }
+    } elseif ($name=="mysql_users") {
+      $err->log("mysql","alternc_get_quota");
+      $c=$this->get_userslist();
+      if(is_array($c))
+        return count($c);
+      else
+        return 0;
     } else return false;
   }
 
@@ -418,6 +424,160 @@ class m_mysql {
     return $str;
   }
 
+  function get_userslist() {
+    global $db,$err,$bro,$cuid;
+    $err->log("mysql","get_userslist");
+    $db->query("SELECT name FROM dbusers WHERE uid='$cuid';");
+    if (!$db->num_rows()) {
+      $err->raise("mysql",19);
+      return false;
+    }
+    $c=array();
+    while ($db->next_record()) {
+      $c[]=array("name"=>substr($db->f("name"),strpos($db->f("name"),"_")+1));
+    }
+
+    return $c;
+  }
+
+  function add_user($usern,$password,$passconf) {
+    global $db,$err,$quota,$mem,$cuid;
+    $err->log("mysql","add_user",$usern);
+    
+    $user=addslashes($mem->user["login"]."_$usern");
+    $pass=addslashes($password);
+        
+    if (!$quota->cancreate("mysql_users")) {
+      $err->raise("mysql",13);
+      return false;
+    }
+    if (!ereg("^[0-9a-z]",$usern)) {
+      $err->raise("mysql",14);
+      return false;
+    }
+    
+    if (strlen($user) > 16 || strlen($usern) == 0 ) {
+      $err->raise("mysql",15);
+      return false;
+    }
+    $db->query("SELECT * FROM dbusers WHERE name='$user';");
+    if ($db->num_rows()) {
+      $err->raise("mysql",16);
+      return false;
+    }
+    if ($password != $passconf || !$password) {
+      $err->raise("mysql",17);
+      return false;
+    }
+
+
+    // On créé l'utilisateur
+    $db->query("GRANT USAGE ON *.* TO '$user'@'$this->client' IDENTIFIED BY '$pass';");
+    // On le rajoute dans la table des utilisateurs
+    $db->query("INSERT INTO dbusers (uid,name) VALUES($cuid,'$user');");
+    return true;
+  }
+
+  function del_user($user) {
+    global $db,$err,$mem,$cuid,$L_MYSQL_DATABASE;
+    $err->log("mysql","del_user",$user);
+    if (!ereg("^[0-9a-z]",$user)) {
+      $err->raise("mysql",14);
+      return false;
+    }
+    $db->query("SELECT name FROM dbusers WHERE name='".$mem->user["login"]."_$user';");
+    if (!$db->num_rows()) {
+      $err->raise("mysql",18);
+      return false;
+    }
+    $db->next_record();
+    $login=$db->f("name");
+
+    // Ok, database exists and dbname is compliant. Let's proceed
+    $db->query("USE mysql");
+    $db->query("REVOKE ALL PRIVILEGES ON *.* FROM '".$mem->user["login"]."_$user'@'$this->client';");
+    $db->query("DELETE FROM db WHERE User='".$mem->user["login"]."_$user' AND Host='$this->client';");
+    $db->query("DELETE FROM user WHERE User='".$mem->user["login"]."_$user' AND Host='$this->client';");
+    $db->query("FLUSH PRIVILEGES");
+    $db->query("USE $L_MYSQL_DATABASE");
+    $db->query("DELETE FROM dbusers WHERE uid='$cuid' AND name='".$mem->user["login"]."_$user';");
+    return true;
+  }
+
+  function get_user_dblist($user) {
+    global $db,$err,$mem,$cuid,$L_MYSQL_DATABASE;
+    $err->log("mysql","get_user_dblist");
+
+    $r=array();
+    $dblist=$this->get_dblist();
+
+    $db->query("USE mysql;");
+    for ( $i=0 ; $i<count($dblist) ; $i++ ) {
+      $db->query("SELECT Db, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, References_priv, Index_priv, Alter_priv, Create_tmp_table_priv, Lock_tables_priv FROM db WHERE User='".$mem->user["login"].($user?"_":"").$user."' AND Host='$this->client' AND Db='".$dblist[$i]["db"]."';");
+      if ($db->next_record())
+        $r[]=array("db"=>$dblist[$i]["name"], "select"=>$db->f("Select_priv"), "insert"=>$db->f("Insert_priv"),	"update"=>$db->f("Update_priv"), "delete"=>$db->f("Delete_priv"), "create"=>$db->f("Create_priv"), "drop"=>$db->f("Drop_priv"), "references"=>$db->f("References_priv"), "index"=>$db->f("Index_priv"), "alter"=>$db->f("Alter_priv"), "create_tmp"=>$db->f("Create_tmp_table_priv"), "lock"=>$db->f("Lock_tables_priv"));
+      else
+        $r[]=array("db"=>$dblist[$i]["name"], "select"=>"N", "insert"=>"N", "update"=>"N", "delete"=>"N", "create"=>"N", "drop"=>"N", "references"=>"N", "index"=>"N", "alter"=>"N", "Create_tmp"=>"N", "lock"=>"N" );
+    }
+    $db->query("FLUSH PRIVILEGES");
+    $db->query("USE $L_MYSQL_DATABASE");
+
+    return $r;
+  }
+
+  function set_user_rights($user,$dbn,$rights) {
+    global $mem, $db;
+
+    $usern=addslashes($mem->user["login"].($user?"_":"").$user);
+    $dbname=addslashes($mem->user["login"].($dbn?"_":"").$dbn);
+    // On génère les droits en fonction du tableau de droits
+    for( $i=0 ; $i<count($rights) ; $i++ ) {
+      switch ($rights[$i]) {
+        case "select":
+          $strrights.="SELECT,";
+          break;
+        case "insert":
+          $strrights.="INSERT,";
+          break;
+        case "update":
+          $strrights.="UPDATE,";
+          break;
+        case "delete":
+          $strrights.="DELETE,";
+          break;
+        case "create":
+          $strrights.="CREATE,";
+          break;
+        case "drop":
+          $strrights.="DROP,";
+          break;
+        case "references":
+          $strrights.="REFERENCES,";
+          break;
+        case "index":
+          $strrights.="INDEX,";
+          break;
+        case "alter":
+          $strrights.="ALTER,";
+          break;
+        case "create_tmp":
+          $strrights.="CREATE TEMPORARY TABLES,";
+          break;
+        case "lock":
+          $strrights.="LOCK TABLES,";
+          break;
+      }
+    }
+
+    
+    // On remet à zéro tous les droits de l'utilisateur
+    $db->query("REVOKE ALL PRIVILEGES ON *.* FROM '$usern'@'$this->client';");
+    if( $strrights ){
+      $strrights=substr($strrights,0,strlen($strrights)-1);
+      $db->query("GRANT $strrights ON $dbname.* TO '$usern'@'$this->client';");      
+    }
+    return TRUE;
+  }
 
 } /* Class m_mysql */
 
diff --git a/bureau/locales/fr_FR/LC_MESSAGES/sql.po b/bureau/locales/fr_FR/LC_MESSAGES/sql.po
index 934d3770..156d0ba0 100644
--- a/bureau/locales/fr_FR/LC_MESSAGES/sql.po
+++ b/bureau/locales/fr_FR/LC_MESSAGES/sql.po
@@ -6,7 +6,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: $Id: sql.po,v 1.6 2004/11/10 22:14:22 anonymous Exp $\n"
 "Report-Msgid-Bugs-To: i18n@alternc.org\n"
-"POT-Creation-Date: 2004-11-01 16:18+0100\n"
+"POT-Creation-Date: 2006-04-02 03:58+0000\n"
 "PO-Revision-Date: 2002-06-16 13:50CEST\n"
 "Last-Translator: Benjamin Sonntag <benjamin@alternc.org>\n"
 "Language-Team: French <i18n@alternc.org>\n"
@@ -15,6 +15,10 @@ msgstr ""
 "Content-Transfer-Encoding: 8bit\n"
 "X-Generator: Emacs 21\n"
 
+#: admin/menu_sql.php:34
+msgid "MySQL Users"
+msgstr "Utilisateurs MySQL"
+
 #: admin/menu_sql.php:35
 msgid "Databases"
 msgstr "Bases de données"
@@ -31,6 +35,11 @@ msgstr "Votre base de donn
 msgid "err_mysql_1"
 msgstr "Vous avez atteint votre quota de bases, vous ne pouvez plus en créer."
 
+#: admin/sql_users_add.php:34 admin/sql_users_doadd.php:34
+msgid "err_mysql_20"
+msgstr ""
+"Vous avez atteint votre quota d'utilisateurs, vous ne pouvez plus en créer."
+
 #: admin/sql_add.php:41 admin/sql_list.php:82
 msgid "Create a new database"
 msgstr "Création d'une base de données"
@@ -95,7 +104,7 @@ msgstr "O
 msgid "Change the SQL backup parameters"
 msgstr "Changer les paramètres de sauvegarde SQL"
 
-#: admin/sql_bck.php:101 admin/sql_dorestore.php:55 admin/sql_restore.php:68
+#: admin/sql_bck.php:101 admin/sql_dorestore.php:55 admin/sql_restore.php:69
 msgid "You currently have no database defined"
 msgstr "Vous n'avez pas de base de données de définie"
 
@@ -201,7 +210,7 @@ msgstr ""
 msgid "Change the password"
 msgstr "Changement de mot de passe SQL"
 
-#: admin/sql_pass.php:36
+#: admin/sql_pass.php:38
 msgid "Your password has been successfully changed."
 msgstr "Votre mot de passe a été modifié avec succès"
 
@@ -210,16 +219,58 @@ msgstr "Votre mot de passe a 
 msgid "Restore a SQL backup for database %s"
 msgstr "Restaurer la sauvegarde SQL de la base %s"
 
-#: admin/sql_restore.php:53
+#: admin/sql_restore.php:54
 msgid "Please enter the filename containing SQL data to be restored."
 msgstr ""
 "Entrez le nom du fichier contenant des données SQL à restaurer dans la base."
 
-#: admin/sql_restore.php:57
+#: admin/sql_restore.php:58
 msgid "Restore my database"
 msgstr "Restaurer ma base de données"
 
-#: admin/sql_restore.php:63
+#: admin/sql_restore.php:64
 msgid "Note: If the filename ends with .gz, it will be uncompressed before."
 msgstr ""
 "Note : Si le nom du fichier se termine par .gz, il sera décompressé avant."
+
+#: admin/sql_users_add.php:41
+msgid "Create a new MySQL user"
+msgstr "Créer un nouvel utilisateur MySQL"
+
+#: admin/sql_users_add.php:66
+msgid "Create this new user"
+msgstr "Créer ce nouvel utilisateur"
+
+#: admin/sql_users_del.php:41
+msgid "The user %s has been successfully deleted"
+msgstr "L'utilisateur %s a été effacée avec succès"
+
+#: admin/sql_users_del.php:54
+msgid "Confirm the deletion of the following MySQL users"
+msgstr "Confirmez l'effacement des utilisateurs MySQL suivants"
+
+#: admin/sql_users_dorights.php:44
+msgid "The rights has been successfully applied to the user"
+msgstr "La droits ont été appliqués avec succès à l'utilisateur"
+
+#: admin/sql_users_list.php:48
+msgid "help_sql_users_list_ok"
+msgstr ""
+"Utilisez le tableau ci-dessous pour gérer vos utilisateurs MySQL : "
+
+#: admin/sql_users_rights.php:46
+msgid "help_sql_users_rights_ok"
+msgstr ""
+"Cochez les droits sur les bases dont vous voulez fournir à l'utilisateur : "
+
+#: admin/sql_users_list.php:53
+msgid "Rights"
+msgstr "Droits"
+
+#: admin/sql_users_rights.php:38
+msgid "MySQL Rights for %s"
+msgstr "Droits MySQL pour %s"
+
+#: admin/sql_users_rights.php:115
+msgid "Apply"
+msgstr "Appliquer"
diff --git a/bureau/locales/fr_FR/LC_MESSAGES/sql_manual.po b/bureau/locales/fr_FR/LC_MESSAGES/sql_manual.po
index 0ab9cee9..6bcacbaa 100644
--- a/bureau/locales/fr_FR/LC_MESSAGES/sql_manual.po
+++ b/bureau/locales/fr_FR/LC_MESSAGES/sql_manual.po
@@ -4,7 +4,8 @@
 # $Id: sql_manual.po,v 1.2 2005/05/27 20:10:19 arnaud-lb Exp $
 msgid ""
 msgstr ""
-"Project-Id-Version: $Id: sql_manual.po,v 1.2 2005/05/27 20:10:19 arnaud-lb Exp $\n"
+"Project-Id-Version: $Id: sql_manual.po,v 1.2 2005/05/27 20:10:19 arnaud-lb "
+"Exp $\n"
 "Report-Msgid-Bugs-To: i18n@alternc.org\n"
 "POT-Creation-Date: 2004-05-24 19:34+0200\n"
 "PO-Revision-Date: 2002-06-16 13:50CEST\n"
@@ -18,6 +19,9 @@ msgstr ""
 msgid "quota_mysql"
 msgstr "Bases de données MySQL"
 
+msgid "quota_mysql_users"
+msgstr "Utilisateurs MySQL"
+
 msgid "err_mysql_2"
 msgstr ""
 "Le nom de la base de données ne peut contenir que des chiffres ou lettres "
@@ -46,17 +50,41 @@ msgstr "Le fichier entr
 
 msgid "err_mysql_10"
 msgstr ""
-"Erreur : vous ne pouvez créer votre base principale : il vous reste "
-"d'autres bases !"
+"Erreur : vous ne pouvez créer votre base principale : il vous reste d'autres "
+"bases !"
 
 msgid "err_mysql_11"
 msgstr ""
-"Vous n'avez aucune base de données, cliquez sur 'Bases de données' pour "
-"en créer une"
+"Vous n'avez aucune base de données, cliquez sur 'Bases de données' pour en "
+"créer une"
 
 msgid "err_mysql_12"
 msgstr "Le nom de la base de données est trop long (64 caractères maximum)"
 
+msgid "err_mysql_13"
+msgstr ""
+"Vous avez atteint votre quota d'utilisateurs SQL, vous ne pouvez plus en "
+"créer"
+
+msgid "err_mysql_14"
+msgstr "Le nom d'utilisateur ne peut contenir que des chiffres et/ou lettres minuscules"
+
+msgid "err_mysql_15"
+msgstr "Nom d'utilisateur trop long (16 caractères maximum)"
+
+msgid "err_mysql_16"
+msgstr "Un utilisateur du même nom existe déjà"
+
+msgid "err_mysql_17"
+msgstr "Les mot de passes ne correspondent pas"
+
+msgid "err_mysql_18"
+msgstr "L'utilisateur n'existe pas"
+
+#, fuzzy
+msgid "err_mysql_19"
+msgstr "Le fichier entré n'existe pas ou est incorect."
+
 msgid "General SQL Admin"
 msgstr "Admin SQL Général"
 
@@ -71,10 +99,10 @@ msgstr "D
 
 msgid "hlp_sql_bck"
 msgstr ""
-"Les sauvegardes de votre base MySQL sont stockées dans le répertoire "
-"choisi sous le nom <code>db.sql.1</code> à <code>db.sql.19</code><br /> "
-"où 'db' est remplacé par le nom de la base de données.<br />ATTENTION : "
-"si vous modifiez les paramètres de la sauvegarde (nombre de sauvegardes, "
-"compression ...) des vieilles sauvegardes peuvent rester dans le "
-"répertoire concerné. Vous pouvez les effacer dans le gestionnaire de "
-"fichier."
+"Les sauvegardes de votre base MySQL sont stockées dans le répertoire choisi "
+"sous le nom <code>db.sql.1</code> à <code>db.sql.19</code><br /> où 'db' est "
+"remplacé par le nom de la base de données.<br />ATTENTION : si vous modifiez "
+"les paramètres de la sauvegarde (nombre de sauvegardes, compression ...) des "
+"vieilles sauvegardes peuvent rester dans le répertoire concerné. Vous pouvez "
+"les effacer dans le gestionnaire de fichier."
+
diff --git a/bureau/locales/sql.po b/bureau/locales/sql.po
index f6e70168..74dff2fe 100644
--- a/bureau/locales/sql.po
+++ b/bureau/locales/sql.po
@@ -16,6 +16,10 @@ msgstr ""
 "Content-Type: text/plain; charset=ISO-8859-1\n"
 "Content-Transfer-Encoding: 8bit\n"
 
+#: admin/menu_sql.php:34
+msgid "MySQL Users"
+msgstr ""
+
 #: admin/menu_sql.php:35
 msgid "Databases"
 msgstr ""
@@ -32,6 +36,10 @@ msgstr ""
 msgid "err_mysql_1"
 msgstr ""
 
+#: admin/sql_users_add.php:34 admin/sql_users_doadd.php:34
+msgid "err_mysql_20"
+msgstr ""
+
 #: admin/sql_add.php:41 admin/sql_list.php:82
 msgid "Create a new database"
 msgstr ""
@@ -213,3 +221,43 @@ msgstr ""
 #: admin/sql_restore.php:64
 msgid "Note: If the filename ends with .gz, it will be uncompressed before."
 msgstr ""
+
+#: admin/sql_users_add.php:41
+msgid "Create a new MySQL user"
+msgstr ""
+
+#: admin/sql_users_add.php:66
+msgid "Create this new user"
+msgstr ""
+
+#: admin/sql_users_del.php:41
+msgid "The user %s has been successfully deleted"
+msgstr ""
+
+#: admin/sql_users_del.php:54
+msgid "Confirm the deletion of the following MySQL users"
+msgstr ""
+
+#: admin/sql_users_dorights.php:44
+msgid "The rights has been successfully applied to the user"
+msgstr ""
+
+#: admin/sql_users_list.php:48
+msgid "help_sql_users_list_ok"
+msgstr ""
+
+#: admin/sql_users_rights.php:46
+msgid "help_sql_users_rights_ok"
+msgstr ""
+
+#: admin/sql_users_list.php:53
+msgid "Rights"
+msgstr ""
+
+#: admin/sql_users_rights.php:38
+msgid "MySQL Rights for %s"
+msgstr ""
+
+#: admin/sql_users_rights.php:115
+msgid "Apply"
+msgstr ""
diff --git a/bureau/locales/sql_manual.po b/bureau/locales/sql_manual.po
index 478c93c3..d3fcab99 100644
--- a/bureau/locales/sql_manual.po
+++ b/bureau/locales/sql_manual.po
@@ -18,6 +18,9 @@ msgstr ""
 msgid "quota_mysql"
 msgstr "Bases de données MySQL"
 
+msgid "quota_mysql_users"
+msgstr "Utilisateurs MySQL"
+
 msgid "err_mysql_2"
 msgstr ""
 "Le nom de la base de données ne peut contenir que des chiffres ou lettres "
@@ -57,6 +60,27 @@ msgstr ""
 msgid "err_mysql_12"
 msgstr "Le nom de la base de données est trop long (64 caractères maximum)"
 
+msgid "err_mysql_13"
+msgstr "Vous n'avez aucun utilisateur SQL autre que l'utilisateur principal"
+
+msgid "err_mysql_14"
+msgstr "Le nom de l'utilisateur ne peut contenir que des chiffres ou lettres minuscules."
+
+msgid "err_mysql_15"
+msgstr "Le nom d'utilisateur est trop long (16 caractères maximum)"
+
+msgid "err_mysql_16"
+msgstr "L'utilisateur existe déjà"
+
+msgid "err_mysql_17"
+msgstr "Les mots de passes ne correspondent pas"
+
+msgid "err_mysql_18"
+msgstr "Aucun utilisateur de ce nom n'existe"
+
+msgid "err_mysql_19"
+msgstr "Vous n'avez aucun utilisateur SQL autre que l'utilisateur principal"
+
 msgid "General SQL Admin"
 msgstr "Admin SQL Général"
 
diff --git a/install/mysql.sql b/install/mysql.sql
index b66704e3..363b77f2 100644
--- a/install/mysql.sql
+++ b/install/mysql.sql
@@ -416,3 +416,15 @@ the user creation dialog requesting the creator if he wants to create
 the domain "username.example.com".
 
 If this is set to 0 or a "false" string, it will be ignored.');
+
+--
+-- Table structure for table `dbusers`
+--
+
+CREATE TABLE `dbusers` (
+  `id` int(10) unsigned NOT NULL auto_increment,
+  `uid` int(10) unsigned NOT NULL default '0',
+  `name` varchar(16) NOT NULL default '',
+  KEY `id` (`id`)
+) TYPE=MyISAM COMMENT='Utilisateurs MySQL des membres';
+
diff --git a/install/upgrades/0.9.5.sql b/install/upgrades/0.9.5.sql
index 2b0c807d..1d52caec 100644
--- a/install/upgrades/0.9.5.sql
+++ b/install/upgrades/0.9.5.sql
@@ -40,3 +40,11 @@ CREATE TABLE IF NOT EXISTS `size_web` (
   KEY `ts` (`ts`)
 ) TYPE=MyISAM COMMENT='Web space used by accounts.';
 
+-- ajout d'une table pour la gestion des utilisateurs mysql
+CREATE TABLE `dbusers` (
+  `id` int(10) unsigned NOT NULL auto_increment,
+  `uid` int(10) unsigned NOT NULL default '0',
+  `name` varchar(16) NOT NULL default '',
+  KEY `id` (`id`)
+) TYPE=MyISAM COMMENT='Utilisateurs MySQL des membres';
+