Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/phpmyadmin/phpmyadmin.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/server_privileges.php
diff options
context:
space:
mode:
authorMarc Delisle <marc@infomarc.info>2012-03-18 23:09:23 +0400
committerMarc Delisle <marc@infomarc.info>2012-03-18 23:09:23 +0400
commita196cbd85f2ed4f28ef28f2233a13e2dce771912 (patch)
tree6777c0ad4db224521133caae9afdbabfe2c1c3a6 /server_privileges.php
parent96fade83196828071c5d4cee0602496fb67baeb4 (diff)
parentc36a9113e0122bf022f823d3db917a855762ecbb (diff)
Merge pull request #7 from mynetx/master
Various
Diffstat (limited to 'server_privileges.php')
-rw-r--r--server_privileges.php152
1 files changed, 106 insertions, 46 deletions
diff --git a/server_privileges.php b/server_privileges.php
index e572abc921..4d6240601e 100644
--- a/server_privileges.php
+++ b/server_privileges.php
@@ -8,7 +8,7 @@
/**
*
*/
-require_once './libraries/common.inc.php';
+require_once 'libraries/common.inc.php';
/**
* Does the common work
@@ -20,7 +20,7 @@ $GLOBALS['js_include'][] = 'codemirror/lib/codemirror.js';
$GLOBALS['js_include'][] = 'codemirror/mode/mysql/mysql.js';
$_add_user_error = false;
-require './libraries/server_common.inc.php';
+require 'libraries/server_common.inc.php';
if ($GLOBALS['cfg']['AjaxEnable']) {
$conditional_class = 'ajax';
@@ -46,6 +46,44 @@ foreach ($get_params as $one_get_param) {
}
}
+/**
+ * Sets globals from $_POST
+ */
+
+$post_params = array(
+ 'createdb-1',
+ 'createdb-2',
+ 'createdb-3',
+ 'grant_count',
+ 'hostname',
+ 'pma_pw',
+ 'pma_pw2',
+ 'pred_hostname',
+ 'pred_password',
+ 'pred_username',
+ 'username'
+);
+foreach ($post_params as $one_post_param) {
+ if (isset($_POST[$one_post_param])) {
+ $GLOBALS[$one_post_param] = $_POST[$one_post_param];
+ }
+}
+
+/**
+ * Sets globals from $_POST patterns, for privileges and max_* vars
+ */
+
+$post_patterns = array(
+ '/_priv$/i',
+ '/^max_/i'
+);
+foreach (array_keys($_POST) as $post_key) {
+ foreach ($post_patterns as $one_post_pattern) {
+ if (preg_match($one_post_pattern, $post_key)) {
+ $GLOBALS[$post_key] = $_POST[$post_key];
+ }
+ }
+}
/**
* Messages are built using the message name
@@ -134,13 +172,13 @@ if (isset($dbname)) {
* Checks if the user is allowed to do what he tries to...
*/
if (! $is_superuser) {
- include './libraries/server_links.inc.php';
+ include 'libraries/server_links.inc.php';
echo '<h2>' . "\n"
. PMA_getIcon('b_usrlist.png')
. __('Privileges') . "\n"
. '</h2>' . "\n";
PMA_Message::error(__('No Privileges'))->display();
- include './libraries/footer.inc.php';
+ include 'libraries/footer.inc.php';
}
$random_n = mt_rand(0, 1000000); // a random number that will be appended to the id of the user forms
@@ -411,8 +449,8 @@ function PMA_displayColumnPrivs($columns, $row, $name_for_select,
) {
echo ' <div class="item" id="div_item_' . $name . '">' . "\n"
. ' <label for="select_' . $name . '_priv">' . "\n"
- . ' <tt><dfn title="' . $name_for_dfn . '">'
- . $priv_for_header . '</dfn></tt>' . "\n"
+ . ' <code><dfn title="' . $name_for_dfn . '">'
+ . $priv_for_header . '</dfn></code>' . "\n"
. ' </label><br />' . "\n"
. ' <select id="select_' . $name . '_priv" name="'
. $name_for_select . '[]" multiple="multiple" size="8">' . "\n";
@@ -624,11 +662,11 @@ function PMA_displayPrivTable($db = '*', $table = '*', $submit = true)
: $GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, (strlen($tmp_current_grant) - 5)) . 'Tbl']) . '"/>' . "\n";
echo ' <label for="checkbox_' . $current_grant
- . '"><tt><dfn title="'
+ . '"><code><dfn title="'
. (isset($GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, (strlen($tmp_current_grant) - 5))])
? $GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, (strlen($tmp_current_grant) - 5))]
: $GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, (strlen($tmp_current_grant) - 5)) . 'Tbl'])
- . '">' . strtoupper(substr($current_grant, 0, strlen($current_grant) - 5)) . '</dfn></tt></label>' . "\n"
+ . '">' . strtoupper(substr($current_grant, 0, strlen($current_grant) - 5)) . '</dfn></code></label>' . "\n"
. ' </div>' . "\n";
} // end foreach ()
@@ -728,8 +766,8 @@ function PMA_displayPrivTable($db = '*', $table = '*', $submit = true)
. ' value="Y" title="' . $priv[2] . '"'
. ((! empty($GLOBALS['checkall']) || $row[$priv[0] . '_priv'] == 'Y') ? ' checked="checked"' : '')
. '/>' . "\n"
- . ' <label for="checkbox_' . $priv[0] . '_priv"><tt><dfn title="' . $priv[2] . '">'
- . $priv[1] . '</dfn></tt></label>' . "\n"
+ . ' <label for="checkbox_' . $priv[0] . '_priv"><code><dfn title="' . $priv[2] . '">'
+ . $priv[1] . '</dfn></code></label>' . "\n"
. ' </div>' . "\n";
}
echo ' </fieldset>' . "\n";
@@ -741,26 +779,26 @@ function PMA_displayPrivTable($db = '*', $table = '*', $submit = true)
. ' <legend>' . __('Resource limits') . '</legend>' . "\n"
. ' <p><small><i>' . __('Note: Setting these options to 0 (zero) removes the limit.') . '</i></small></p>' . "\n"
. ' <div class="item">' . "\n"
- . ' <label for="text_max_questions"><tt><dfn title="'
- . __('Limits the number of queries the user may send to the server per hour.') . '">MAX QUERIES PER HOUR</dfn></tt></label>' . "\n"
+ . ' <label for="text_max_questions"><code><dfn title="'
+ . __('Limits the number of queries the user may send to the server per hour.') . '">MAX QUERIES PER HOUR</dfn></code></label>' . "\n"
. ' <input type="text" name="max_questions" id="text_max_questions" value="'
. $row['max_questions'] . '" size="11" maxlength="11" title="' . __('Limits the number of queries the user may send to the server per hour.') . '" />' . "\n"
. ' </div>' . "\n"
. ' <div class="item">' . "\n"
- . ' <label for="text_max_updates"><tt><dfn title="'
- . __('Limits the number of commands that change any table or database the user may execute per hour.') . '">MAX UPDATES PER HOUR</dfn></tt></label>' . "\n"
+ . ' <label for="text_max_updates"><code><dfn title="'
+ . __('Limits the number of commands that change any table or database the user may execute per hour.') . '">MAX UPDATES PER HOUR</dfn></code></label>' . "\n"
. ' <input type="text" name="max_updates" id="text_max_updates" value="'
. $row['max_updates'] . '" size="11" maxlength="11" title="' . __('Limits the number of commands that change any table or database the user may execute per hour.') . '" />' . "\n"
. ' </div>' . "\n"
. ' <div class="item">' . "\n"
- . ' <label for="text_max_connections"><tt><dfn title="'
- . __('Limits the number of new connections the user may open per hour.') . '">MAX CONNECTIONS PER HOUR</dfn></tt></label>' . "\n"
+ . ' <label for="text_max_connections"><code><dfn title="'
+ . __('Limits the number of new connections the user may open per hour.') . '">MAX CONNECTIONS PER HOUR</dfn></code></label>' . "\n"
. ' <input type="text" name="max_connections" id="text_max_connections" value="'
. $row['max_connections'] . '" size="11" maxlength="11" title="' . __('Limits the number of new connections the user may open per hour.') . '" />' . "\n"
. ' </div>' . "\n"
. ' <div class="item">' . "\n"
- . ' <label for="text_max_user_connections"><tt><dfn title="'
- . __('Limits the number of simultaneous connections the user may have.') . '">MAX USER_CONNECTIONS</dfn></tt></label>' . "\n"
+ . ' <label for="text_max_user_connections"><code><dfn title="'
+ . __('Limits the number of simultaneous connections the user may have.') . '">MAX USER_CONNECTIONS</dfn></code></label>' . "\n"
. ' <input type="text" name="max_user_connections" id="text_max_user_connections" value="'
. $row['max_user_connections'] . '" size="11" maxlength="11" title="' . __('Limits the number of simultaneous connections the user may have.') . '" />' . "\n"
. ' </div>' . "\n"
@@ -1509,7 +1547,7 @@ $link_export_all = '<a class="export_user_anchor ' . $conditional_class . '" hre
* If we are in an Ajax request for Create User/Edit User/Revoke User/
* Flush Privileges, show $message and exit.
*/
-if ($GLOBALS['is_ajax_request'] && ! isset($_REQUEST['export']) && (! isset($_REQUEST['adduser']) || $_add_user_error) && ! isset($_REQUEST['initial']) && ! isset($_REQUEST['showall']) && ! isset($_REQUEST['edit_user_dialog']) && ! isset($_REQUEST['db_specific'])) {
+if ($GLOBALS['is_ajax_request'] && ! isset($_REQUEST['export']) && (! isset($_REQUEST['submit_mult']) || $_REQUEST['submit_mult'] != 'export') && (! isset($_REQUEST['adduser']) || $_add_user_error) && ! isset($_REQUEST['initial']) && ! isset($_REQUEST['showall']) && ! isset($_REQUEST['edit_user_dialog']) && ! isset($_REQUEST['db_specific'])) {
if (isset($sql_query)) {
$extra_data['sql_query'] = PMA_showMessage(null, $sql_query);
@@ -1532,7 +1570,7 @@ if ($GLOBALS['is_ajax_request'] && ! isset($_REQUEST['export']) && (! isset($_RE
};
$new_user_string .= '</td>'."\n";
- $new_user_string .= '<td><tt>' . join(', ', PMA_extractPrivInfo('', true)) . '</tt></td>'; //Fill in privileges here
+ $new_user_string .= '<td><code>' . join(', ', PMA_extractPrivInfo('', true)) . '</code></td>'; //Fill in privileges here
$new_user_string .= '<td>';
if ((isset($Grant_priv) && $Grant_priv == 'Y')) {
@@ -1585,10 +1623,10 @@ if (isset($viewing_mode) && $viewing_mode == 'db') {
// Gets the database structure
$sub_part = '_structure';
- include './libraries/db_info.inc.php';
+ include 'libraries/db_info.inc.php';
echo "\n";
} else {
- include './libraries/server_links.inc.php';
+ include 'libraries/server_links.inc.php';
}
@@ -1597,8 +1635,8 @@ if (isset($viewing_mode) && $viewing_mode == 'db') {
*/
// export user definition
-if (isset($_REQUEST['export'])) {
- $response = '<textarea cols="' . $GLOBALS['cfg']['TextareaCols'] . '" rows="' . $GLOBALS['cfg']['TextareaRows'] . '">';
+if (isset($_REQUEST['export']) || (isset($_REQUEST['submit_mult']) && $_REQUEST['submit_mult'] == 'export')) {
+ $response = '<textarea class="export" cols="' . $GLOBALS['cfg']['TextareaCols'] . '" rows="' . $GLOBALS['cfg']['TextareaRows'] . '">';
if ($username == '%') {
// export privileges for all users
$title = __('Privileges for all users');
@@ -1606,11 +1644,26 @@ if (isset($_REQUEST['export'])) {
$response .= PMA_getGrants($pair['user'], $pair['host']);
$response .= "\n";
}
- } else {
+ } elseif (isset($_REQUEST['selected_usr'])) {
+ // export privileges for selected users
+ $title = __('Privileges');
+ foreach ($_REQUEST['selected_usr'] as $export_user) {
+ $export_username = substr($export_user, 0, strpos($export_user, '&'));
+ $export_hostname = substr($export_user, strrpos($export_user, ';') + 1);
+ $response .= '# ' . __('Privileges for ') . '`' .
+ htmlspecialchars($export_username) . '`@`' .
+ htmlspecialchars($export_hostname) . "`\n\n";
+ $response .= PMA_getGrants($export_username, $export_hostname) . "\n";
+ }
+ }
+ else {
// export privileges for a single user
$title = __('User') . ' `' . htmlspecialchars($username) . '`@`' . htmlspecialchars($hostname) . '`';
$response .= PMA_getGrants($username, $hostname);
}
+ // remove trailing whitespace
+ $response = trim($response);
+
$response .= '</textarea>';
unset($username, $hostname, $grants, $one_grant);
if ($GLOBALS['is_ajax_request']) {
@@ -1655,8 +1708,8 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
// a automatic repair feature soon.
$raw = 'Your privilege table structure seems to be older than'
. ' this MySQL version!<br />'
- . 'Please run the <tt>mysql_upgrade</tt> command'
- . '(<tt>mysql_fix_privilege_tables</tt> on older systems)'
+ . 'Please run the <code>mysql_upgrade</code> command'
+ . '(<code>mysql_fix_privilege_tables</code> on older systems)'
. ' that should be included in your MySQL server distribution'
. ' to solve this problem!';
PMA_Message::rawError($raw)->display();
@@ -1803,14 +1856,14 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
break;
} // end switch
echo '</td>' . "\n"
- . ' <td><tt>' . "\n"
+ . ' <td><code>' . "\n"
. ' ' . implode(',' . "\n" . ' ', $host['privs']) . "\n"
- . ' </tt></td>' . "\n"
+ . ' </code></td>' . "\n"
. ' <td>' . ($host['Grant_priv'] == 'Y' ? __('Yes') : __('No')) . '</td>' . "\n"
- . ' <td align="center">';
+ . ' <td class="center">';
printf($link_edit, urlencode($host['User']), urlencode($host['Host']), '', '');
echo '</td>';
- echo '<td align="center">';
+ echo '<td class="center">';
printf($link_export, urlencode($host['User']), urlencode($host['Host']), (isset($initial) ? $initial : ''));
echo '</td>';
echo '</tr>';
@@ -1837,7 +1890,14 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
.'<a href="server_privileges.php?' . $GLOBALS['url_query'] . '"'
.' onclick="if (unMarkAllRows(\'usersForm\')) return false;">'
. __('Uncheck All') . '</a>' . "\n"
- . '</div>'
+ .'<i>' . __('With selected:') . '</i>' . "\n";
+
+ PMA_buttonOrImage(
+ 'submit_mult', 'mult_submit', 'submit_mult_export',
+ __('Export'), 'b_tblexport.png', 'export'
+ );
+ echo '<input type="hidden" name="initial" value="' . (isset($initial) ? $initial : '') . '" />';
+ echo '</div>'
. '<div class="clear_both" style="clear:both"></div>'
. '<div style="float:left; padding-left:10px;">';
printf($link_export_all, urlencode('%'), urlencode('%'), (isset($initial) ? $initial : ''));
@@ -1937,7 +1997,7 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
if ($user_does_not_exists) {
PMA_Message::error(__('The selected user was not found in the privilege table.'))->display();
PMA_displayLoginInformationFields();
- //require './libraries/footer.inc.php';
+ //require 'libraries/footer.inc.php';
}
echo '<form name="usersForm" id="addUsersForm_' . $random_n . '" action="server_privileges.php" method="post">' . "\n";
@@ -2138,9 +2198,9 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
echo '<tr class="' . ($odd_row ? 'odd' : 'even') . '">' . "\n"
. ' <td>' . htmlspecialchars((! isset($dbname)) ? $row['Db'] : $row['Table_name']) . '</td>' . "\n"
- . ' <td><tt>' . "\n"
+ . ' <td><code>' . "\n"
. ' ' . join(',' . "\n" . ' ', PMA_extractPrivInfo($row, true)) . "\n"
- . ' </tt></td>' . "\n"
+ . ' </code></td>' . "\n"
. ' <td>' . ((((! isset($dbname)) && $row['Grant_priv'] == 'Y') || (isset($dbname) && in_array('Grant', explode(',', $row['Table_priv'])))) ? __('Yes') : __('No')) . '</td>' . "\n"
. ' <td>';
if (! empty($row['Table_privs']) || ! empty ($row['Column_priv'])) {
@@ -2254,7 +2314,7 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
}
if (! isset($dbname) && ! $user_does_not_exists) {
- include_once './libraries/display_change_password.lib.php';
+ include_once 'libraries/display_change_password.lib.php';
echo '<form action="server_privileges.php" method="post" onsubmit="return checkPassword(this);">' . "\n"
. PMA_generate_common_hidden_inputs('', '')
@@ -2294,15 +2354,15 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
echo '<fieldset id="fieldset_add_user_database">' . "\n"
. '<legend>' . __('Database for user') . '</legend>' . "\n";
- PMA_display_html_checkbox('createdb-1', __('Create database with same name and grant all privileges'), false, false);
- echo '<br />' . "\n";
- PMA_display_html_checkbox('createdb-2', __('Grant all privileges on wildcard name (username\\_%)'), false, false);
- echo '<br />' . "\n";
+ PMA_display_html_checkbox('createdb-1', __('Create database with same name and grant all privileges'), false, false);
+ echo '<br />' . "\n";
+ PMA_display_html_checkbox('createdb-2', __('Grant all privileges on wildcard name (username\\_%)'), false, false);
+ echo '<br />' . "\n";
if (! empty($dbname) ) {
- PMA_display_html_checkbox('createdb-3', sprintf(__('Grant all privileges on database &quot;%s&quot;'), htmlspecialchars($dbname)), true, false);
+ PMA_display_html_checkbox('createdb-3', sprintf(__('Grant all privileges on database &quot;%s&quot;'), htmlspecialchars($dbname)), true, false);
echo '<input type="hidden" name="dbname" value="' . htmlspecialchars($dbname) . '" />' . "\n";
- echo '<br />' . "\n";
+ echo '<br />' . "\n";
}
echo '</fieldset>' . "\n";
@@ -2429,14 +2489,14 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
} elseif ($current['Db'] == PMA_escape_mysql_wildcards($checkprivs)) {
$user_form .= __('database-specific');
} else {
- $user_form .= __('wildcard'). ': <tt>' . htmlspecialchars($current['Db']) . '</tt>';
+ $user_form .= __('wildcard'). ': <code>' . htmlspecialchars($current['Db']) . '</code>';
}
$user_form .= "\n"
. ' </td>' . "\n"
. ' <td>' . "\n"
- . ' <tt>' . "\n"
+ . ' <code>' . "\n"
. ' ' . join(',' . "\n" . ' ', PMA_extractPrivInfo($current, true)) . "\n"
- . ' </tt>' . "\n"
+ . ' </code>' . "\n"
. ' </td>' . "\n"
. ' <td>' . "\n"
. ' ' . ($current['Grant_priv'] == 'Y' ? __('Yes') : __('No')) . "\n"
@@ -2492,6 +2552,6 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
* Displays the footer
*/
echo "\n\n";
-require './libraries/footer.inc.php';
+require 'libraries/footer.inc.php';
?>
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-25 01:53:33 +0300