" ;
if ($stdout) {
passthru($exe,$ret);
} else {
exec ($exe,$ret);
}
echo "
" ;
if ($ret != 0) {
return false ;
} else {
return true ;
}
}
/* ----------------------------------------------------------------- */
/** Get the size of a database
* @param $dbname name of the database
* @return integer database size
* @access private
*/
function get_db_size($dbname) {
global $db,$err;
$this->dbus->query("SHOW TABLE STATUS FROM `$dbname`;");
$size = 0;
while ($db->next_record()) {
$size += $db->f('Data_length') + $db->f('Index_length');
if ( $db->f('Engine') != 'InnoDB') $size += $db->f('Data_free');
}
return $size;
}
/* ------------------------------------------------------------ */
/**
* Returns the list of database users of an account
**/
function get_userslist() {
global $db,$err,$bro,$cuid;
$err->log("mysql","get_userslist");
$c=array();
$db->query("SELECT name FROM dbusers WHERE uid='$cuid' and enable not in ('ADMIN','HIDDEN') ORDER BY name;");
while ($db->next_record()) {
$pos=strpos($db->f("name"),"_");
if($pos === false){
$c[]=array("name"=>($db->f("name")));
}else{
$c[]=array("name"=>($db->f("name")));
//$c[]=array("name"=>substr($db->f("name"),strpos($db->f("name"),"_")+1));
}
}
return $c;
}
function get_defaultsparam($dbn){
global $db,$err,$bro,$cuid;
$err->log("mysql","getdefaults");
$dbu=$dbn;
$r=array();
$dbn=str_replace('_','\_',$dbn);
$q=$db->query("Select * from mysql.db where Db='".$dbn."' and User!='".$cuid."_myadm';");
if(!$db->num_rows()){
return $r;
}
while ($db->next_record()) {
$variable = $db->Record;
if($variable['User'] == $dbu){
$r['Host']=$db->f('Host');
if($db->f('Select_priv') !== "Y"){
return $r;
}
if($db->f('Insert_priv') !== "Y"){
return $r;
}
if($db->f('Update_priv') !== "Y"){
return $r;
}
if($db->f('Delete_priv') !== "Y"){
return $r;
}
if($db->f('Create_priv') !== "Y"){
return $r;
}
if($db->f('Drop_priv') !== "Y"){
return $r;
}
if($db->f('References_priv') !== "Y"){
return $r;
}
if($db->f('Index_priv') !== "Y"){
return $r;
}
if($db->f('Alter_priv') !== "Y"){
return $r;
}
if($db->f('Create_tmp_table_priv') !== "Y"){
return $r;
}
if($db->f('Lock_tables_priv') !== "Y"){
return $r;
}
if($db->f('Create_view_priv') !== "Y"){
return $r;
}
if($db->f('Show_view_priv') !== "Y"){
return $r;
}
if($db->f('Create_routine_priv') !== "Y"){
return $r;
}
if($db->f('Alter_routine_priv') !== "Y"){
return $r;
}
if($db->f('Execute_priv') !== "Y"){
return $r;
}
if($db->f('Event_priv') !== "Y"){
return $r;
}
if($db->f('Trigger_priv') !== "Y"){
return $r;
}
}
}//endwhile
if(!$db->query("SELECT name,password from dbusers where name='".$dbu."';")){
return $r;
}
if(!$db->num_rows()){
return $r;
}
$db->next_record();
$r['user']=$db->f('name');
$r['password']=$db->f('password');
return $r;
}
/* ------------------------------------------------------------ */
/**
* Create a new user in MySQL rights tables
* @param $usern the username (we will add _[alternc-account] to it)
* @param $password The password for this username
* @param $passconf The password confirmation
* @return TRUE if the user has been created in MySQL or FALSE if an error occurred
**/
function add_user($usern,$password,$passconf) {
global $db,$err,$quota,$mem,$cuid,$admin;
$err->log("mysql","add_user",$usern);
$usern=trim($usern);
$login=$mem->user["login"];
if($login != $usern){
$user=addslashes($login."_".$usern);
}else{
$user=$usern;
}
$pass=addslashes($password);
if (!$usern) {
$err->raise("mysql",_("The username is mandatory"));
return false;
}
if (!$pass) {
$err->raise("mysql",_("The password is mandatory"));
return false;
}
if (!preg_match("#^[0-9a-z]#",$usern)) {
$err->raise("mysql",_("The username can contain only letters and numbers"));
return false;
}
// We check the length of the COMPLETE username, not only the part after _
if (strlen($user) > 16) {
$err->raise("mysql",_("MySQL username cannot exceed 16 characters"));
return false;
}
$db->query("SELECT * FROM dbusers WHERE name='$user';");
if ($db->num_rows()) {
$err->raise("mysql",_("The database user already exists"));
return false;
}
if ($password != $passconf || !$password) {
$err->raise("mysql",_("The passwords do not match"));
return false;
}
// Check this password against the password policy using common API :
if (is_callable(array($admin,"checkPolicy"))) {
if (!$admin->checkPolicy("mysql",$user,$password)) {
return false; // The error has been raised by checkPolicy()
}
}
// We add him to the user table
$db->query("INSERT INTO dbusers (uid,name,password,enable) VALUES($cuid,'$user','$password','ACTIVATED');");
// We create the user account (the "file" right is the only one we need globally to be able to use load data into outfile)
$this->grant("*",$user,"FILE",$pass);
return true;
}
/* ------------------------------------------------------------ */
/**
* Change a user's MySQL password
* @param $usern the username
* @param $password The password for this username
* @param $passconf The password confirmation
* @return TRUE if the password has been changed in MySQL or FALSE if an error occurred
**/
function change_user_password($usern,$password,$passconf) {
global $db,$err,$quota,$mem,$cuid,$admin;
$err->log("mysql","change_user_pass",$usern);
$usern=trim($usern);
$user=addslashes($usern);
$pass=addslashes($password);
if ($password != $passconf || !$password) {
$err->raise("mysql",_("The passwords do not match"));
return false;
}
// Check this password against the password policy using common API :
if (is_callable(array($admin,"checkPolicy"))) {
if (!$admin->checkPolicy("mysql",$user,$password)) {
return false; // The error has been raised by checkPolicy()
}
}
$db->query("SET PASSWORD FOR '".$user."'@'".$this->dbus->Client."' = PASSWORD('".$pass."');");
$db->query("UPDATE dbusers set password='".$pass."' where name='".$usern."' and uid=$cuid ;");
return true;
}
/* ------------------------------------------------------------ */
/**
* Delete a user in MySQL rights tables
* @param $user the username (we will add "[alternc-account]_" to it) to delete
* @return TRUE if the user has been deleted in MySQL or FALSE if an error occurred
**/
function del_user($user) {
global $db,$err,$mem,$cuid,$L_MYSQL_DATABASE;
$err->log("mysql","del_user",$user);
if (!preg_match("#^[0-9a-z]#",$user)) {
$err->raise("mysql",_("The username can contain only letters and numbers"));
return false;
}
$db->query("SELECT name FROM dbusers WHERE name='".$user."' and enable not in ('ADMIN','HIDDEN');");
if (!$db->num_rows()) {
$err->raise("mysql",_("The username was not found"));
return false;
}
$db->next_record();
$login=$db->f("name");
// Ok, database exists and dbname is compliant. Let's proceed
$db->query("REVOKE ALL PRIVILEGES ON *.* FROM '".$user."'@'".$this->dbus->Client."';");
$db->query("DELETE FROM mysql.db WHERE User='".$user."' AND Host='".$this->dbus->Client."';");
$db->query("DELETE FROM mysql.user WHERE User='".$user."' AND Host='".$this->dbus->Client."';");
$db->query("FLUSH PRIVILEGES");
$db->query("DELETE FROM dbusers WHERE uid='$cuid' AND name='".$user."';");
return true;
}
/* ------------------------------------------------------------ */
/**
* Return the list of the database rights of user $user
* @param $user the username
* @return array An array of database name and rights
**/
function get_user_dblist($user){
global $db,$err,$mem,$cuid;
$r=array();
$db->free();
$dblist=$this->get_dblist();
foreach($dblist as $tab){
$pos=strpos($tab['db'],"_");
if($pos === false){
$this->dbus->query("SELECT * FROM mysql.db WHERE User='".$user."' AND Host='".$this->dbus->Client."' AND Db='".$tab["db"]."';");
}else{
$dbname=str_replace('_','\_',$tab['db']);
$this->dbus->query("SELECT * FROM mysql.db WHERE User='".$user."' AND Host='".$this->dbus->Client."' AND Db='".$dbname."';");
}
if ($this->dbus->next_record()){
$r[]=array("db"=>$tab["db"], "select"=>$this->dbus->f("Select_priv"), "insert"=>$this->dbus->f("Insert_priv"), "update"=>$this->dbus->f("Update_priv"), "delete"=>$this->dbus->f("Delete_priv"), "create"=>$this->dbus->f("Create_priv"), "drop"=>$this->dbus->f("Drop_priv"), "references"=>$this->dbus->f("References_priv"), "index"=>$this->dbus->f("Index_priv"), "alter"=>$this->dbus->f("Alter_priv"), "create_tmp"=>$this->dbus->f("Create_tmp_table_priv"), "lock"=>$this->dbus->f("Lock_tables_priv"),
"create_view"=>$this->dbus->f("Create_view_priv"),
"show_view"=>$this->dbus->f("Show_view_priv"),
"create_routine"=>$this->dbus->f("Create_routine_priv"),
"alter_routine"=>$this->dbus->f("Alter_routine_priv"),
"execute"=>$this->dbus->f("Execute_priv"),
"event"=>$this->dbus->f("Event_priv"),
"trigger"=>$this->dbus->f("Trigger_priv")
);
}else{
$r[]=array("db"=>$tab['db'], "select"=>"N", "insert"=>"N", "update"=>"N", "delete"=>"N", "create"=>"N", "drop"=>"N", "references"=>"N", "index"=>"N", "alter"=>"N", "Create_tmp"=>"N", "lock"=>"N","create_view"=>"N","show_view"=>"N","create_routine"=>"N","alter_routine"=>"N","execute"=>"N","event"=>"N","trigger"=>"N");
}
}
return $r;
}
/* ------------------------------------------------------------ */
/**
* Set the access rights of user $user to database $dbn to be rights $rights
* @param $user the username to give rights to
* @param $dbn The database to give rights to
* @param $rights The rights as an array of MySQL keywords (insert, select ...)
* @return boolean TRUE if the rights has been applied or FALSE if an error occurred
*
**/
function set_user_rights($user,$dbn,$rights) {
global $mem,$err,$db;
$err->log("mysql","set_user_rights");
$usern=addslashes($user);
$dbname=addslashes($dbn);
$dbname=str_replace('_','\_',$dbname);
// On génère les droits en fonction du tableau de droits
$strrights="";
for( $i=0 ; $i