diff options
author | Marc Delisle <marc@infomarc.info> | 2012-03-18 23:09:23 +0400 |
---|---|---|
committer | Marc Delisle <marc@infomarc.info> | 2012-03-18 23:09:23 +0400 |
commit | a196cbd85f2ed4f28ef28f2233a13e2dce771912 (patch) | |
tree | 6777c0ad4db224521133caae9afdbabfe2c1c3a6 /server_privileges.php | |
parent | 96fade83196828071c5d4cee0602496fb67baeb4 (diff) | |
parent | c36a9113e0122bf022f823d3db917a855762ecbb (diff) |
Merge pull request #7 from mynetx/master
Various
Diffstat (limited to 'server_privileges.php')
-rw-r--r-- | server_privileges.php | 152 |
1 files changed, 106 insertions, 46 deletions
diff --git a/server_privileges.php b/server_privileges.php index e572abc921..4d6240601e 100644 --- a/server_privileges.php +++ b/server_privileges.php @@ -8,7 +8,7 @@ /** * */ -require_once './libraries/common.inc.php'; +require_once 'libraries/common.inc.php'; /** * Does the common work @@ -20,7 +20,7 @@ $GLOBALS['js_include'][] = 'codemirror/lib/codemirror.js'; $GLOBALS['js_include'][] = 'codemirror/mode/mysql/mysql.js'; $_add_user_error = false; -require './libraries/server_common.inc.php'; +require 'libraries/server_common.inc.php'; if ($GLOBALS['cfg']['AjaxEnable']) { $conditional_class = 'ajax'; @@ -46,6 +46,44 @@ foreach ($get_params as $one_get_param) { } } +/** + * Sets globals from $_POST + */ + +$post_params = array( + 'createdb-1', + 'createdb-2', + 'createdb-3', + 'grant_count', + 'hostname', + 'pma_pw', + 'pma_pw2', + 'pred_hostname', + 'pred_password', + 'pred_username', + 'username' +); +foreach ($post_params as $one_post_param) { + if (isset($_POST[$one_post_param])) { + $GLOBALS[$one_post_param] = $_POST[$one_post_param]; + } +} + +/** + * Sets globals from $_POST patterns, for privileges and max_* vars + */ + +$post_patterns = array( + '/_priv$/i', + '/^max_/i' +); +foreach (array_keys($_POST) as $post_key) { + foreach ($post_patterns as $one_post_pattern) { + if (preg_match($one_post_pattern, $post_key)) { + $GLOBALS[$post_key] = $_POST[$post_key]; + } + } +} /** * Messages are built using the message name @@ -134,13 +172,13 @@ if (isset($dbname)) { * Checks if the user is allowed to do what he tries to... */ if (! $is_superuser) { - include './libraries/server_links.inc.php'; + include 'libraries/server_links.inc.php'; echo '<h2>' . "\n" . PMA_getIcon('b_usrlist.png') . __('Privileges') . "\n" . '</h2>' . "\n"; PMA_Message::error(__('No Privileges'))->display(); - include './libraries/footer.inc.php'; + include 'libraries/footer.inc.php'; } $random_n = mt_rand(0, 1000000); // a random number that will be appended to the id of the user forms @@ -411,8 +449,8 @@ function PMA_displayColumnPrivs($columns, $row, $name_for_select, ) { echo ' <div class="item" id="div_item_' . $name . '">' . "\n" . ' <label for="select_' . $name . '_priv">' . "\n" - . ' <tt><dfn title="' . $name_for_dfn . '">' - . $priv_for_header . '</dfn></tt>' . "\n" + . ' <code><dfn title="' . $name_for_dfn . '">' + . $priv_for_header . '</dfn></code>' . "\n" . ' </label><br />' . "\n" . ' <select id="select_' . $name . '_priv" name="' . $name_for_select . '[]" multiple="multiple" size="8">' . "\n"; @@ -624,11 +662,11 @@ function PMA_displayPrivTable($db = '*', $table = '*', $submit = true) : $GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, (strlen($tmp_current_grant) - 5)) . 'Tbl']) . '"/>' . "\n"; echo ' <label for="checkbox_' . $current_grant - . '"><tt><dfn title="' + . '"><code><dfn title="' . (isset($GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, (strlen($tmp_current_grant) - 5))]) ? $GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, (strlen($tmp_current_grant) - 5))] : $GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, (strlen($tmp_current_grant) - 5)) . 'Tbl']) - . '">' . strtoupper(substr($current_grant, 0, strlen($current_grant) - 5)) . '</dfn></tt></label>' . "\n" + . '">' . strtoupper(substr($current_grant, 0, strlen($current_grant) - 5)) . '</dfn></code></label>' . "\n" . ' </div>' . "\n"; } // end foreach () @@ -728,8 +766,8 @@ function PMA_displayPrivTable($db = '*', $table = '*', $submit = true) . ' value="Y" title="' . $priv[2] . '"' . ((! empty($GLOBALS['checkall']) || $row[$priv[0] . '_priv'] == 'Y') ? ' checked="checked"' : '') . '/>' . "\n" - . ' <label for="checkbox_' . $priv[0] . '_priv"><tt><dfn title="' . $priv[2] . '">' - . $priv[1] . '</dfn></tt></label>' . "\n" + . ' <label for="checkbox_' . $priv[0] . '_priv"><code><dfn title="' . $priv[2] . '">' + . $priv[1] . '</dfn></code></label>' . "\n" . ' </div>' . "\n"; } echo ' </fieldset>' . "\n"; @@ -741,26 +779,26 @@ function PMA_displayPrivTable($db = '*', $table = '*', $submit = true) . ' <legend>' . __('Resource limits') . '</legend>' . "\n" . ' <p><small><i>' . __('Note: Setting these options to 0 (zero) removes the limit.') . '</i></small></p>' . "\n" . ' <div class="item">' . "\n" - . ' <label for="text_max_questions"><tt><dfn title="' - . __('Limits the number of queries the user may send to the server per hour.') . '">MAX QUERIES PER HOUR</dfn></tt></label>' . "\n" + . ' <label for="text_max_questions"><code><dfn title="' + . __('Limits the number of queries the user may send to the server per hour.') . '">MAX QUERIES PER HOUR</dfn></code></label>' . "\n" . ' <input type="text" name="max_questions" id="text_max_questions" value="' . $row['max_questions'] . '" size="11" maxlength="11" title="' . __('Limits the number of queries the user may send to the server per hour.') . '" />' . "\n" . ' </div>' . "\n" . ' <div class="item">' . "\n" - . ' <label for="text_max_updates"><tt><dfn title="' - . __('Limits the number of commands that change any table or database the user may execute per hour.') . '">MAX UPDATES PER HOUR</dfn></tt></label>' . "\n" + . ' <label for="text_max_updates"><code><dfn title="' + . __('Limits the number of commands that change any table or database the user may execute per hour.') . '">MAX UPDATES PER HOUR</dfn></code></label>' . "\n" . ' <input type="text" name="max_updates" id="text_max_updates" value="' . $row['max_updates'] . '" size="11" maxlength="11" title="' . __('Limits the number of commands that change any table or database the user may execute per hour.') . '" />' . "\n" . ' </div>' . "\n" . ' <div class="item">' . "\n" - . ' <label for="text_max_connections"><tt><dfn title="' - . __('Limits the number of new connections the user may open per hour.') . '">MAX CONNECTIONS PER HOUR</dfn></tt></label>' . "\n" + . ' <label for="text_max_connections"><code><dfn title="' + . __('Limits the number of new connections the user may open per hour.') . '">MAX CONNECTIONS PER HOUR</dfn></code></label>' . "\n" . ' <input type="text" name="max_connections" id="text_max_connections" value="' . $row['max_connections'] . '" size="11" maxlength="11" title="' . __('Limits the number of new connections the user may open per hour.') . '" />' . "\n" . ' </div>' . "\n" . ' <div class="item">' . "\n" - . ' <label for="text_max_user_connections"><tt><dfn title="' - . __('Limits the number of simultaneous connections the user may have.') . '">MAX USER_CONNECTIONS</dfn></tt></label>' . "\n" + . ' <label for="text_max_user_connections"><code><dfn title="' + . __('Limits the number of simultaneous connections the user may have.') . '">MAX USER_CONNECTIONS</dfn></code></label>' . "\n" . ' <input type="text" name="max_user_connections" id="text_max_user_connections" value="' . $row['max_user_connections'] . '" size="11" maxlength="11" title="' . __('Limits the number of simultaneous connections the user may have.') . '" />' . "\n" . ' </div>' . "\n" @@ -1509,7 +1547,7 @@ $link_export_all = '<a class="export_user_anchor ' . $conditional_class . '" hre * If we are in an Ajax request for Create User/Edit User/Revoke User/ * Flush Privileges, show $message and exit. */ -if ($GLOBALS['is_ajax_request'] && ! isset($_REQUEST['export']) && (! isset($_REQUEST['adduser']) || $_add_user_error) && ! isset($_REQUEST['initial']) && ! isset($_REQUEST['showall']) && ! isset($_REQUEST['edit_user_dialog']) && ! isset($_REQUEST['db_specific'])) { +if ($GLOBALS['is_ajax_request'] && ! isset($_REQUEST['export']) && (! isset($_REQUEST['submit_mult']) || $_REQUEST['submit_mult'] != 'export') && (! isset($_REQUEST['adduser']) || $_add_user_error) && ! isset($_REQUEST['initial']) && ! isset($_REQUEST['showall']) && ! isset($_REQUEST['edit_user_dialog']) && ! isset($_REQUEST['db_specific'])) { if (isset($sql_query)) { $extra_data['sql_query'] = PMA_showMessage(null, $sql_query); @@ -1532,7 +1570,7 @@ if ($GLOBALS['is_ajax_request'] && ! isset($_REQUEST['export']) && (! isset($_RE }; $new_user_string .= '</td>'."\n"; - $new_user_string .= '<td><tt>' . join(', ', PMA_extractPrivInfo('', true)) . '</tt></td>'; //Fill in privileges here + $new_user_string .= '<td><code>' . join(', ', PMA_extractPrivInfo('', true)) . '</code></td>'; //Fill in privileges here $new_user_string .= '<td>'; if ((isset($Grant_priv) && $Grant_priv == 'Y')) { @@ -1585,10 +1623,10 @@ if (isset($viewing_mode) && $viewing_mode == 'db') { // Gets the database structure $sub_part = '_structure'; - include './libraries/db_info.inc.php'; + include 'libraries/db_info.inc.php'; echo "\n"; } else { - include './libraries/server_links.inc.php'; + include 'libraries/server_links.inc.php'; } @@ -1597,8 +1635,8 @@ if (isset($viewing_mode) && $viewing_mode == 'db') { */ // export user definition -if (isset($_REQUEST['export'])) { - $response = '<textarea cols="' . $GLOBALS['cfg']['TextareaCols'] . '" rows="' . $GLOBALS['cfg']['TextareaRows'] . '">'; +if (isset($_REQUEST['export']) || (isset($_REQUEST['submit_mult']) && $_REQUEST['submit_mult'] == 'export')) { + $response = '<textarea class="export" cols="' . $GLOBALS['cfg']['TextareaCols'] . '" rows="' . $GLOBALS['cfg']['TextareaRows'] . '">'; if ($username == '%') { // export privileges for all users $title = __('Privileges for all users'); @@ -1606,11 +1644,26 @@ if (isset($_REQUEST['export'])) { $response .= PMA_getGrants($pair['user'], $pair['host']); $response .= "\n"; } - } else { + } elseif (isset($_REQUEST['selected_usr'])) { + // export privileges for selected users + $title = __('Privileges'); + foreach ($_REQUEST['selected_usr'] as $export_user) { + $export_username = substr($export_user, 0, strpos($export_user, '&')); + $export_hostname = substr($export_user, strrpos($export_user, ';') + 1); + $response .= '# ' . __('Privileges for ') . '`' . + htmlspecialchars($export_username) . '`@`' . + htmlspecialchars($export_hostname) . "`\n\n"; + $response .= PMA_getGrants($export_username, $export_hostname) . "\n"; + } + } + else { // export privileges for a single user $title = __('User') . ' `' . htmlspecialchars($username) . '`@`' . htmlspecialchars($hostname) . '`'; $response .= PMA_getGrants($username, $hostname); } + // remove trailing whitespace + $response = trim($response); + $response .= '</textarea>'; unset($username, $hostname, $grants, $one_grant); if ($GLOBALS['is_ajax_request']) { @@ -1655,8 +1708,8 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs // a automatic repair feature soon. $raw = 'Your privilege table structure seems to be older than' . ' this MySQL version!<br />' - . 'Please run the <tt>mysql_upgrade</tt> command' - . '(<tt>mysql_fix_privilege_tables</tt> on older systems)' + . 'Please run the <code>mysql_upgrade</code> command' + . '(<code>mysql_fix_privilege_tables</code> on older systems)' . ' that should be included in your MySQL server distribution' . ' to solve this problem!'; PMA_Message::rawError($raw)->display(); @@ -1803,14 +1856,14 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs break; } // end switch echo '</td>' . "\n" - . ' <td><tt>' . "\n" + . ' <td><code>' . "\n" . ' ' . implode(',' . "\n" . ' ', $host['privs']) . "\n" - . ' </tt></td>' . "\n" + . ' </code></td>' . "\n" . ' <td>' . ($host['Grant_priv'] == 'Y' ? __('Yes') : __('No')) . '</td>' . "\n" - . ' <td align="center">'; + . ' <td class="center">'; printf($link_edit, urlencode($host['User']), urlencode($host['Host']), '', ''); echo '</td>'; - echo '<td align="center">'; + echo '<td class="center">'; printf($link_export, urlencode($host['User']), urlencode($host['Host']), (isset($initial) ? $initial : '')); echo '</td>'; echo '</tr>'; @@ -1837,7 +1890,14 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs .'<a href="server_privileges.php?' . $GLOBALS['url_query'] . '"' .' onclick="if (unMarkAllRows(\'usersForm\')) return false;">' . __('Uncheck All') . '</a>' . "\n" - . '</div>' + .'<i>' . __('With selected:') . '</i>' . "\n"; + + PMA_buttonOrImage( + 'submit_mult', 'mult_submit', 'submit_mult_export', + __('Export'), 'b_tblexport.png', 'export' + ); + echo '<input type="hidden" name="initial" value="' . (isset($initial) ? $initial : '') . '" />'; + echo '</div>' . '<div class="clear_both" style="clear:both"></div>' . '<div style="float:left; padding-left:10px;">'; printf($link_export_all, urlencode('%'), urlencode('%'), (isset($initial) ? $initial : '')); @@ -1937,7 +1997,7 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs if ($user_does_not_exists) { PMA_Message::error(__('The selected user was not found in the privilege table.'))->display(); PMA_displayLoginInformationFields(); - //require './libraries/footer.inc.php'; + //require 'libraries/footer.inc.php'; } echo '<form name="usersForm" id="addUsersForm_' . $random_n . '" action="server_privileges.php" method="post">' . "\n"; @@ -2138,9 +2198,9 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs echo '<tr class="' . ($odd_row ? 'odd' : 'even') . '">' . "\n" . ' <td>' . htmlspecialchars((! isset($dbname)) ? $row['Db'] : $row['Table_name']) . '</td>' . "\n" - . ' <td><tt>' . "\n" + . ' <td><code>' . "\n" . ' ' . join(',' . "\n" . ' ', PMA_extractPrivInfo($row, true)) . "\n" - . ' </tt></td>' . "\n" + . ' </code></td>' . "\n" . ' <td>' . ((((! isset($dbname)) && $row['Grant_priv'] == 'Y') || (isset($dbname) && in_array('Grant', explode(',', $row['Table_priv'])))) ? __('Yes') : __('No')) . '</td>' . "\n" . ' <td>'; if (! empty($row['Table_privs']) || ! empty ($row['Column_priv'])) { @@ -2254,7 +2314,7 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs } if (! isset($dbname) && ! $user_does_not_exists) { - include_once './libraries/display_change_password.lib.php'; + include_once 'libraries/display_change_password.lib.php'; echo '<form action="server_privileges.php" method="post" onsubmit="return checkPassword(this);">' . "\n" . PMA_generate_common_hidden_inputs('', '') @@ -2294,15 +2354,15 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs echo '<fieldset id="fieldset_add_user_database">' . "\n" . '<legend>' . __('Database for user') . '</legend>' . "\n"; - PMA_display_html_checkbox('createdb-1', __('Create database with same name and grant all privileges'), false, false);
- echo '<br />' . "\n";
- PMA_display_html_checkbox('createdb-2', __('Grant all privileges on wildcard name (username\\_%)'), false, false);
- echo '<br />' . "\n";
+ PMA_display_html_checkbox('createdb-1', __('Create database with same name and grant all privileges'), false, false); + echo '<br />' . "\n"; + PMA_display_html_checkbox('createdb-2', __('Grant all privileges on wildcard name (username\\_%)'), false, false); + echo '<br />' . "\n"; if (! empty($dbname) ) { - PMA_display_html_checkbox('createdb-3', sprintf(__('Grant all privileges on database "%s"'), htmlspecialchars($dbname)), true, false);
+ PMA_display_html_checkbox('createdb-3', sprintf(__('Grant all privileges on database "%s"'), htmlspecialchars($dbname)), true, false); echo '<input type="hidden" name="dbname" value="' . htmlspecialchars($dbname) . '" />' . "\n"; - echo '<br />' . "\n";
+ echo '<br />' . "\n"; } echo '</fieldset>' . "\n"; @@ -2429,14 +2489,14 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs } elseif ($current['Db'] == PMA_escape_mysql_wildcards($checkprivs)) { $user_form .= __('database-specific'); } else { - $user_form .= __('wildcard'). ': <tt>' . htmlspecialchars($current['Db']) . '</tt>'; + $user_form .= __('wildcard'). ': <code>' . htmlspecialchars($current['Db']) . '</code>'; } $user_form .= "\n" . ' </td>' . "\n" . ' <td>' . "\n" - . ' <tt>' . "\n" + . ' <code>' . "\n" . ' ' . join(',' . "\n" . ' ', PMA_extractPrivInfo($current, true)) . "\n" - . ' </tt>' . "\n" + . ' </code>' . "\n" . ' </td>' . "\n" . ' <td>' . "\n" . ' ' . ($current['Grant_priv'] == 'Y' ? __('Yes') : __('No')) . "\n" @@ -2492,6 +2552,6 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs * Displays the footer */ echo "\n\n"; -require './libraries/footer.inc.php'; +require 'libraries/footer.inc.php'; ?> |