diff options
| -rw-r--r-- | libraries/server_privileges.lib.php | 20 | ||||
| -rw-r--r-- | server_privileges.php | 9 |
2 files changed, 16 insertions, 13 deletions
diff --git a/libraries/server_privileges.lib.php b/libraries/server_privileges.lib.php index 1198d52e64..2b83f07cd5 100644 --- a/libraries/server_privileges.lib.php +++ b/libraries/server_privileges.lib.php @@ -1484,7 +1484,6 @@ function PMA_getListOfPrivilegesAndComparedPrivileges() /** * Get the HTML for user form and check the privileges for a particular database. * - * @param string $dbToCheck database to check for privileges * @param string $link_edit standard link for edit * @param string $conditional_class if ajaxable 'Ajax' otherwise '' * @@ -1501,8 +1500,8 @@ function PMA_getHtmlForSpecificDbPrivileges($dbToCheck, $link_edit, $conditional . sprintf( __('Users having access to "%s"'), '<a href="' . $GLOBALS['cfg']['DefaultTabDatabase'] . '?' - . PMA_generate_common_url($dbToCheck) . '">' - . htmlspecialchars($dbToCheck) + . PMA_generate_common_url($_REQUEST['checkprivs']) . '">' + . htmlspecialchars($_REQUEST['checkprivs']) . '</a>' ) . "\n" @@ -1525,7 +1524,7 @@ function PMA_getHtmlForSpecificDbPrivileges($dbToCheck, $link_edit, $conditional $sql_query = '(SELECT ' . $list_of_privileges . ', `Db`' .' FROM `mysql`.`db`' - .' WHERE \'' . $common_functions->sqlAddSlashes($dbToCheck) . "'" + .' WHERE \'' . $common_functions->sqlAddSlashes($_REQUEST['checkprivs']) . "'" .' LIKE `Db`' .' AND NOT (' . $list_of_compared_privileges. ')) ' .'UNION ' @@ -1541,7 +1540,7 @@ function PMA_getHtmlForSpecificDbPrivileges($dbToCheck, $link_edit, $conditional $found = true; } $html_output .= PMA_getHtmlTableBodyForSpecificDbPrivs( - $found, $row, $odd_row, $link_edit, $res, $dbToCheck + $found, $row, $odd_row, $link_edit, $res ); $html_output .= '</table>' . '</fieldset>' @@ -1560,9 +1559,9 @@ function PMA_getHtmlForSpecificDbPrivileges($dbToCheck, $link_edit, $conditional $html_output .= '<a href="server_privileges.php?' . $GLOBALS['url_query'] . '&adduser=1&' - . 'dbname=' . htmlspecialchars($dbToCheck) + . 'dbname=' . htmlspecialchars($_REQUEST['checkprivs']) .'" rel="' - .'checkprivs='.htmlspecialchars($dbToCheck). '&'.$GLOBALS['url_query'] + .'checkprivs='.htmlspecialchars($_REQUEST['checkprivs']). '&'.$GLOBALS['url_query'] . '" class="'.$conditional_class .'" name="db_specific">' . "\n" . $common_functions->getIcon('b_usradd.png') @@ -1581,12 +1580,11 @@ function PMA_getHtmlForSpecificDbPrivileges($dbToCheck, $link_edit, $conditional * @param boolean $odd_row whether odd or not * @param string $link_edit standard link for edit * @param string $res ran sql query - * @param string $dbToCheck database to check for privileges * * @return string $html_output */ function PMA_getHtmlTableBodyForSpecificDbPrivs($found, $row, $odd_row, - $link_edit, $res, $dbToCheck + $link_edit, $res ) { $html_output = '<tbody>' . "\n"; if ($found) { @@ -1626,7 +1624,9 @@ function PMA_getHtmlTableBodyForSpecificDbPrivs($found, $row, $odd_row, if (! isset($current['Db']) || $current['Db'] == '*') { $html_output .= __('global'); } elseif ( - $current['Db'] == PMA_CommonFunctions::getInstance()->escapeMysqlWildcards($dbToCheck) + $current['Db'] == PMA_CommonFunctions::getInstance()->escapeMysqlWildcards( + $_REQUEST['checkprivs'] + ) ) { $html_output .= __('database-specific'); } else { diff --git a/server_privileges.php b/server_privileges.php index 56d4faa5d9..8f5c23e70a 100644 --- a/server_privileges.php +++ b/server_privileges.php @@ -476,7 +476,7 @@ if ($GLOBALS['is_ajax_request'] * Displays the links */ if (isset($viewing_mode) && $viewing_mode == 'db') { - $db = $checkprivs; + $db = $_REQUEST['checkprivs']; $url_query .= '&goto=db_operations.php'; // Gets the database structure @@ -512,7 +512,10 @@ if (isset($_REQUEST['export']) } } -if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs))) { +if (empty($_REQUEST['adduser']) + && (! isset($_REQUEST['checkprivs']) + || ! strlen($_REQUEST['checkprivs'])) +) { if (! isset($username)) { // No username is given --> display the overview $response->addHTML( @@ -549,7 +552,7 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs } else { // check the privileges for a particular database. $response->addHTML( - PMA_getHtmlForSpecificDbPrivileges($checkprivs, $link_edit, $conditional_class) + PMA_getHtmlForSpecificDbPrivileges($link_edit, $conditional_class) ); } // end if (empty($_REQUEST['adduser']) && empty($checkprivs)) ... elseif ... else ... |