$ret = 0;
if ($stdout) {
passthru($exe, $ret);
} else {
exec($exe, $ret);
echo "
if ($ret != 0) {
return false;
} else {
return true;
/* ----------------------------------------------------------------- */
/** Get the size of a database
* @param $dbname name of the database
* @return integer database size
* @access private
function get_db_size($dbname) {
$this->dbus->query("SHOW TABLE STATUS FROM ". $db->quote($dbname) .";");
$size = 0;
while ($this->dbus->next_record()) {
$size += $this->dbus->f('Data_length') + $this->dbus->f('Index_length');
if ($this->dbus->f('Engine') != 'InnoDB') {
$size += $this->dbus->f('Data_free');
return $size;
/* ------------------------------------------------------------ */
* Returns the list of database users of an account
* */
function get_userslist($all = null) {
global $db, $err, $cuid;
$err->log("mysql", "get_userslist");
$c = array();
if (!$all) {
$db->query("SELECT name FROM dbusers WHERE uid= ? and enable not in ('ADMIN','HIDDEN') ORDER BY name;", array($cuid));
} else {
$db->query("SELECT name FROM dbusers WHERE uid= ? ORDER BY name;", array($cuid));
while ($db->next_record()) {
$pos = strpos($db->f("name"), "_");
if ($pos === false) {
$c[] = array("name" => ($db->f("name")));
} else {
$c[] = array("name" => ($db->f("name")));
return $c;
function get_defaultsparam($dbn) {
global $db, $err, $cuid;
$err->log("mysql", "getdefaults");
$dbu = $dbn;
$r = array();
$dbn = str_replace('_', '\_', $dbn);
$this->dbus->query("Select * from mysql.db where Db= ? and User!= ? ;", array($dbn, $cuid."_myadm"));
if (!$db->num_rows()) {
return $r;
while ($db->next_record()) {
$variable = $db->Record;
if ($variable['User'] == $dbu) {
$r['Host'] = $db->f('Host');
if ($db->f('Select_priv') !== "Y") {
return $r;
if ($db->f('Insert_priv') !== "Y") {
return $r;
if ($db->f('Update_priv') !== "Y") {
return $r;
if ($db->f('Delete_priv') !== "Y") {
return $r;
if ($db->f('Create_priv') !== "Y") {
return $r;
if ($db->f('Drop_priv') !== "Y") {
return $r;
if ($db->f('References_priv') !== "Y") {
return $r;
if ($db->f('Index_priv') !== "Y") {
return $r;
if ($db->f('Alter_priv') !== "Y") {
return $r;
if ($db->f('Create_tmp_table_priv') !== "Y") {
return $r;
if ($db->f('Lock_tables_priv') !== "Y") {
return $r;
if ($db->f('Create_view_priv') !== "Y") {
return $r;
if ($db->f('Show_view_priv') !== "Y") {
return $r;
if ($db->f('Create_routine_priv') !== "Y") {
return $r;
if ($db->f('Alter_routine_priv') !== "Y") {
return $r;
if ($db->f('Execute_priv') !== "Y") {
return $r;
if ($db->f('Event_priv') !== "Y") {
return $r;
if ($db->f('Trigger_priv') !== "Y") {
return $r;
} //endwhile
if (!$db->query("SELECT name,password from dbusers where name= ? ;", array($dbu))) {
return $r;
if (!$db->num_rows()) {
return $r;
$r['user'] = $db->f('name');
$r['password'] = $db->f('password');
return $r;
/* ------------------------------------------------------------ */
* Create a new user in MySQL rights tables
* @param $usern the username (we will add _[alternc-account] to it)
* @param string $password The password for this username
* @param string $passconf The password confirmation
* @return boolean if the user has been created in MySQL or FALSE if an error occurred
* */
function add_user($usern, $password, $passconf) {
global $db, $err, $mem, $cuid, $admin;
$err->log("mysql", "add_user", $usern);
$usern = trim($usern);
$login = $mem->user["login"];
if ($login != $usern) {
$user = addslashes($login . "_" . $usern);
} else {
$user = $usern;
if (!$usern) {
$err->raise("mysql", _("The username is mandatory"));
return false;
if (!$pass) {
$err->raise("mysql", _("The password is mandatory"));
return false;
if (!preg_match("#^[0-9a-z]#", $usern)) {
$err->raise("mysql", _("The username can contain only letters and numbers"));
return false;
// We check the length of the COMPLETE username, not only the part after _
$len=variable_get("sql_max_username_length", 16);
if (strlen($user) > $len) {
$err->raise("mysql", _("MySQL username cannot exceed %d characters"), $len);
return false;
$db->query("SELECT * FROM dbusers WHERE name= ? ;", array($user));
if ($db->num_rows()) {
$err->raise("mysql", _("The database user already exists"));
return false;
if ($password != $passconf || !$password) {
$err->raise("mysql", _("The passwords do not match"));
return false;
// Check this password against the password policy using common API :
if (is_callable(array($admin, "checkPolicy"))) {
if (!$admin->checkPolicy("mysql", $user, $password)) {
return false; // The error has been raised by checkPolicy()
// We add him to the user table
$db->query("INSERT INTO dbusers (uid,name,password,enable) VALUES( ?, ?, ?, 'ACTIVATED');", array($cuid, $user, $password));
$this->grant("*", $user, "USAGE", $pass);
return true;
/* ------------------------------------------------------------ */
* Change a user's MySQL password
* @param $usern the username
* @param $password The password for this username
* @param $passconf The password confirmation
* @return boolean if the password has been changed in MySQL or FALSE if an error occurred
* */
function change_user_password($usern, $password, $passconf) {
global $db, $err, $cuid, $admin;
$err->log("mysql", "change_user_pass", $usern);
$usern = trim($usern);
if ($password != $passconf || !$password) {
$err->raise("mysql", _("The passwords do not match"));
return false;
// Check this password against the password policy using common API :
if (is_callable(array($admin, "checkPolicy"))) {
if (!$admin->checkPolicy("mysql", $user, $password)) {
return false; // The error has been raised by checkPolicy()
$this->dbus->query("SET PASSWORD FOR " . $db->quote($usern) . "@" . $db->quote($this->dbus->Client) . "' = PASSWORD(?);", array($pass));
$db->query("UPDATE dbusers set password= ? where name= ? and uid= ? ;", array($pass, $usern, $cuid));
return true;
/* ------------------------------------------------------------ */
* Delete a user in MySQL rights tables
* @param $user the username (we will add "[alternc-account]_" to it) to delete
* @param integer $all
* @return boolean if the user has been deleted in MySQL or FALSE if an error occurred
* */
function del_user($user, $all = null) {
global $db, $err, $cuid;
$err->log("mysql", "del_user", $user);
if (!preg_match("#^[0-9a-z]#", $user)) {
$err->raise("mysql", _("The username can contain only letters and numbers"));
return false;
if (!$all) {
$db->query("SELECT name FROM dbusers WHERE name= ? and enable not in ('ADMIN','HIDDEN');", array($user));
} else {
$db->query("SELECT name FROM dbusers WHERE uid= ? ;", array($cuid));
if (!$db->num_rows()) {
$err->raise("mysql", _("The username was not found"));
return false;
$login = $db->f("name");
// Ok, database exists and dbname is compliant. Let's proceed
$this->dbus->query("REVOKE ALL PRIVILEGES ON *.* FROM " . $db->quote($user) . "@" . $db->quote($this->dbus->Client) . ";");
$this->dbus->query("DELETE FROM mysql.db WHERE User= ? AND Host= ? ;", array($user, $this->dbus->Client));
$this->dbus->query("DELETE FROM mysql.user WHERE User= ? AND Host= ? ;", array($user, $this->dbus->Client));
$this->dbus->query("FLUSH PRIVILEGES");
$db->query("DELETE FROM dbusers WHERE uid= ? AND name= ? ;", array($cuid, $user));
return true;
/* ------------------------------------------------------------ */
* Return the list of the database rights of user $user
* @param $user the username
* @return array An array of database name and rights
* */
function get_user_dblist($user) {
global $db, $err;
$this->dbus->query("SELECT * FROM mysql.user WHERE User= ? AND Host= ? ;", array($user, $this->dbus->Client));
if (!$this->dbus->next_record()) {
$err->raise('mysql', _("This user does not exist in the MySQL/User database"));
return false;
$r = array();
$dblist = $this->get_dblist();
foreach ($dblist as $tab) {
$pos = strpos($tab['db'], "_");
if ($pos === false) {
$this->dbus->query("SELECT * FROM mysql.db WHERE User= ? AND Host= ? AND Db= ? ;", array($user, $this->dbus->Client, $tab["db"]));
} else {
$dbname = str_replace('_', '\_', $tab['db']);
$this->dbus->query("SELECT * FROM mysql.db WHERE User= ? AND Host= ? AND Db= ? ;", array($user, $this->dbus->Client, $dbname) );
if ($this->dbus->next_record()) {
$r[] = array("db" => $tab["db"], "select" => $this->dbus->f("Select_priv"), "insert" => $this->dbus->f("Insert_priv"), "update" => $this->dbus->f("Update_priv"), "delete" => $this->dbus->f("Delete_priv"), "create" => $this->dbus->f("Create_priv"), "drop" => $this->dbus->f("Drop_priv"), "references" => $this->dbus->f("References_priv"), "index" => $this->dbus->f("Index_priv"), "alter" => $this->dbus->f("Alter_priv"), "create_tmp" => $this->dbus->f("Create_tmp_table_priv"), "lock" => $this->dbus->f("Lock_tables_priv"),
"create_view" => $this->dbus->f("Create_view_priv"),
"show_view" => $this->dbus->f("Show_view_priv"),
"create_routine" => $this->dbus->f("Create_routine_priv"),
"alter_routine" => $this->dbus->f("Alter_routine_priv"),
"execute" => $this->dbus->f("Execute_priv"),
"event" => $this->dbus->f("Event_priv"),
"trigger" => $this->dbus->f("Trigger_priv")
} else {
$r[] = array("db" => $tab['db'], "select" => "N", "insert" => "N", "update" => "N", "delete" => "N", "create" => "N", "drop" => "N", "references" => "N", "index" => "N", "alter" => "N", "create_tmp" => "N", "lock" => "N", "create_view" => "N", "show_view" => "N", "create_routine" => "N", "alter_routine" => "N", "execute" => "N", "event" => "N", "trigger" => "N");
return $r;
/* ------------------------------------------------------------ */
* Set the access rights of user $user to database $dbn to be rights $rights
* @param $user the username to give rights to
* @param $dbn The database to give rights to
* @param $rights The rights as an array of MySQL keywords (insert, select ...)
* @return boolean TRUE if the rights has been applied or FALSE if an error occurred
* */
function set_user_rights($user, $dbn, $rights) {
global $err;
$err->log("mysql", "set_user_rights");
// On genere les droits en fonction du tableau de droits
$strrights = "";
for ($i = 0; $i < count($rights); $i++) {
switch ($rights[$i]) {
case "select":
case "insert":
case "update":
case "delete":
case "create":
case "drop":
case "references":
case "index":
case "alter":
case "create_tmp":
case "lock":
$strrights.="LOCK TABLES,";
case "create_view":
$strrights.="CREATE VIEW,";
case "show_view":
$strrights.="SHOW VIEW,";
case "create_routine":
$strrights.="CREATE ROUTINE,";
case "alter_routine":
$strrights.="ALTER ROUTINE,";
case "execute":
case "event":
case "trigger":
// We reset all user rights on this DB :
$this->dbus->query("SELECT * FROM mysql.db WHERE User = ? AND Db = ?;", array($user, $dbn));
// @TODO:EM: This has to be verified, and maybe we should use another way to escape those requests
if ($this->dbus->num_rows()) {
$this->dbus->query("REVOKE ALL PRIVILEGES ON ".$db->quote($dbn).".* FROM ".$db->quote($user)."@" . $db->quote($this->dbus->Client) . ";");
if ($strrights) {
$strrights = substr($strrights, 0, strlen($strrights) - 1);
$this->grant($dbn, $user, $strrights);
$this->dbus->query("FLUSH PRIVILEGES");
return TRUE;
function available_sql_rights() {
return Array('select', 'insert', 'update', 'delete', 'create', 'drop', 'references', 'index', 'alter', 'create_tmp', 'lock', 'create_view', 'show_view', 'create_routine', 'alter_routine', 'execute', 'event', 'trigger');
/* ----------------------------------------------------------------- */
/** Hook function called by the lxc class to set mysql_host and port
* parameters
* @access private
function hook_lxc_params($params) {
global $err;
$err->log("mysql", "alternc_get_quota");
$p = array();
if (isset($this->dbus["Host"]) && $this->dbus["Host"] != "") {
$p["mysql_host"] = $this->dbus["Host"];
$p["mysql_port"] = 3306;
return $p;
/* ----------------------------------------------------------------- */
/** Hook function called by the quota class to compute user used quota
* Returns the used quota for the $name service for the current user.
* @param $name string name of the quota
* @return integer the number of service used or false if an error occured
* @access private
function hook_quota_get() {
global $err;
$err->log("mysql", "alternc_get_quota");
$q = Array("name" => "mysql", "description" => _("MySQL Databases"), "used" => 0);
$c = $this->get_dblist();
if (is_array($c)) {
$q['used'] = count($c);
return $q;
/* ----------------------------------------------------------------- */
/** Hook function called when a user is created.
* AlternC's standard function that create a member
* @access private
function alternc_add_member() {
global $db, $err, $cuid, $mem;
$err->log("mysql", "alternc_add_member");
//checking for the phpmyadmin user
$db->query("SELECT name,password FROM dbusers WHERE uid= ? AND Type='ADMIN';", array($cuid));
if ($db->num_rows()) {
$myadm = $db->f("name");
$password = $db->f("password");
} else {
$myadm = $cuid . "_myadm";
$password = create_pass(8);
$db->query("INSERT INTO dbusers (uid,name,password,enable) VALUES (?, ?, ?, 'ADMIN');", array($cuid, $myadm, $password));
return true;
/* ----------------------------------------------------------------- */
/** Hook function called when a user is deleted.
* AlternC's standard function that delete a member
* @access private
function alternc_del_member() {
global $err;
$err->log("mysql", "alternc_del_member");
$c = $this->get_dblist();
if (is_array($c)) {
for ($i = 0; $i < count($c); $i++) {
$d = $this->get_userslist(1);
if (!empty($d)) {
for ($i = 0; $i < count($d); $i++) {
$this->del_user($d[$i]["name"], 1);
return true;
/* ----------------------------------------------------------------- */
/** Hook function called when a user is logged out.
* We just remove the cookie created in admin/sql_admin.php
a @access private
function alternc_del_session() {
$_SESSION['PMA_single_signon_user'] = '';
$_SESSION['PMA_single_signon_password'] = '';
$_SESSION['PMA_single_signon_host'] = '';
/* ----------------------------------------------------------------- */
* Exporte all the mysql information of an account
* @access private
* EXPERIMENTAL 'sid' function ;)
function alternc_export_conf() {
//TODO don't work with separated sql server for dbusers
global $db, $err, $cuid;
$err->log("mysql", "export");
$db->query("SELECT login, pass, db, bck_mode, bck_dir, bck_history, bck_gzip FROM db WHERE uid= ? ;", array($cuid));
$str = "";
if ($db->next_record()) {