c208bd906b3991555db11b9229846c4601ca408c
bernd webinterface => /webinterface

bernd authored 17 years ago

1) <?php
Bernd Wurst Added license tags for CC0,...

Bernd Wurst authored 12 years ago

2) /*
3) This file belongs to the Webinterface of schokokeks.org Hosting
4) 
5) Written 2008-2012 by schokokeks.org Hosting, namely
6)   Bernd Wurst <bernd@schokokeks.org>
7)   Hanno Böck <hanno@schokokeks.org>
8) 
9) To the extent possible under law, the author(s) have dedicated all copyright and related and neighboring rights to this software to the public domain worldwide. This software is distributed without any warranty.
10) 
11) You should have received a copy of the CC0 Public Domain Dedication along with this software. If not, see 
12) http://creativecommons.org/publicdomain/zero/1.0/
13) 
14) Nevertheless, in case you use a significant part of this code, we ask (but not require, see the license) that you keep the authors' names in place and return your changes to the public. We would be especially happy if you tell us what you're going to do with this code.
15) */
bernd webinterface => /webinterface

bernd authored 17 years ago

16) 
17) function get_mysql_accounts($UID)
18) {
19)   $UID = (int) $UID;
hanno sortiere in mysql-ansicht u...

hanno authored 13 years ago

20)   $result = db_query("SELECT username, description, created FROM misc.mysql_accounts WHERE useraccount=$UID ORDER BY username");
bernd webinterface => /webinterface

bernd authored 17 years ago

21)   if (mysql_num_rows($result) == 0)
22)     return array();
23)   $list = array();
bernd * Erlaube Beschreibung zu D...

bernd authored 15 years ago

24)   while ($item = mysql_fetch_assoc($result))
bernd webinterface => /webinterface

bernd authored 17 years ago

25)   {
bernd * Erlaube Beschreibung zu D...

bernd authored 15 years ago

26)     $list[] = $item;
bernd webinterface => /webinterface

bernd authored 17 years ago

27)   }
28)   return $list;
29) }
30) 
31) function get_mysql_databases($UID)
32) {
33)   $UID = (int) $UID;
hanno sortiere in mysql-ansicht u...

hanno authored 13 years ago

34)   $result = db_query("SELECT id, name, description, created FROM misc.mysql_database WHERE useraccount=$UID ORDER BY name");
bernd webinterface => /webinterface

bernd authored 17 years ago

35)   if (mysql_num_rows($result) == 0)
36)     return array();
37)   $list = array();
bernd * Erlaube Beschreibung zu D...

bernd authored 15 years ago

38)   while ($item = mysql_fetch_assoc($result))
bernd webinterface => /webinterface

bernd authored 17 years ago

39)   {
bernd * Erlaube Beschreibung zu D...

bernd authored 15 years ago

40)     $list[] = $item;
bernd webinterface => /webinterface

bernd authored 17 years ago

41)   }
42)   return $list;
43) }
44) 
45) 
bernd Link zu phpMyAdmin prominen...

bernd authored 13 years ago

46) function servers_for_databases()
bernd Zeige Link zum phpMyAdmin i...

bernd authored 13 years ago

47) {
bernd Link zu phpMyAdmin prominen...

bernd authored 13 years ago

48)   $uid = (int) $_SESSION['userinfo']['uid'];
bernd Zeige Link zum phpMyAdmin i...

bernd authored 13 years ago

49)   
bernd Link zu phpMyAdmin prominen...

bernd authored 13 years ago

50)   $result = db_query("SELECT db.name AS db, hostname FROM misc.mysql_database AS db LEFT JOIN system.useraccounts AS u ON (db.useraccount=u.uid) LEFT JOIN system.servers ON (COALESCE(db.server, u.server) = servers.id) WHERE db.useraccount={$uid}");
51)   $ret = array();
52)   while ($line = mysql_fetch_assoc($result)) {
53)     $ret[$line['db']] = $line['hostname'];
54)   }
55)   DEBUG($ret);
56)   return $ret;
bernd Zeige Link zum phpMyAdmin i...

bernd authored 13 years ago

57) }
58) 
59) 
bernd webinterface => /webinterface

bernd authored 17 years ago

60) function get_mysql_access($db, $account)
61) {
62)   $uid = $_SESSION['userinfo']['uid'];
63)   global $mysql_access;
64)   if (!is_array($mysql_access))
65)   {
66)     $mysql_access = array();
bernd sql-abfragen abstrahiert

bernd authored 17 years ago

67)     $result = db_query("SELECT db.name AS db, acc.username AS user FROM misc.mysql_access AS access LEFT JOIN misc.mysql_database AS db ON (db.id=access.database) LEFT JOIN misc.mysql_accounts AS acc ON (acc.id = access.user) WHERE acc.useraccount={$uid} OR db.useraccount={$uid};");
bernd webinterface => /webinterface

bernd authored 17 years ago

68)     if (mysql_num_rows($result) == 0)
69)       return false;
70)     while ($line = mysql_fetch_object($result))
71)       $mysql_access[$line->db][$line->user] = true;
72)   }
73)   return (array_key_exists($db, $mysql_access) && array_key_exists($account, $mysql_access[$db]));
74) }
75) 
76) 
77) function set_mysql_access($db, $account, $status)
78) {
79)   $uid = $_SESSION['userinfo']['uid'];
80)   $db = mysql_real_escape_string($db);
81)   $account = mysql_real_escape_string($account);
bernd Fehlende geschweifte Klamme...

bernd authored 13 years ago

82)   DEBUG("User »{$account}« soll ".($status ? "" : "NICHT ")."auf die Datenbank »{$db}« zugreifen");
bernd webinterface => /webinterface

bernd authored 17 years ago

83)   $query = '';
84)   if ($status)
85)   {
86)     if (get_mysql_access($db, $account))
87)       return NULL;
bernd stringlänge mit strlen und...

bernd authored 15 years ago

88)     $result = db_query("SELECT id FROM misc.mysql_database WHERE name='{$db}' AND useraccount={$uid} LIMIT 1");
89)     if (mysql_num_rows($result) != 1)
90)     {
91)       logger(LOG_ERR, "modules/mysql/include/mysql", "mysql", "cannot find database {$db}");
92)       system_failure("cannot find database »{$db}«");
93)     }
bernd typo

bernd authored 15 years ago

94)     $result = db_query("SELECT id FROM misc.mysql_accounts WHERE username='{$account}' AND useraccount={$uid} LIMIT 1");
bernd stringlänge mit strlen und...

bernd authored 15 years ago

95)     if (mysql_num_rows($result) != 1)
96)     {
97)       logger(LOG_ERR, "modules/mysql/include/mysql", "mysql", "cannot find user {$account}");
98)       system_failure("cannot find database user »{$account}«");
99)     }
bernd webinterface => /webinterface

bernd authored 17 years ago

100)     $query = "INSERT INTO misc.mysql_access (`database`,user) VALUES ((SELECT id FROM misc.mysql_database WHERE name='{$db}' AND useraccount={$uid} LIMIT 1), (SELECT id FROM misc.mysql_accounts WHERE username='{$account}' AND useraccount={$uid}));";
bernd Logger mit Logleveln

bernd authored 15 years ago

101)     logger(LOG_INFO, "modules/mysql/include/mysql", "mysql", "granting access on »{$db}« to »{$account}«");
bernd webinterface => /webinterface

bernd authored 17 years ago

102)   }
103)   else
104)   {
105)     if (! get_mysql_access($db, $account))
106)       return NULL;
107)     $query = "DELETE FROM misc.mysql_access WHERE `database`=(SELECT id FROM misc.mysql_database WHERE name='{$db}' AND useraccount={$uid} LIMIT 1) AND user=(SELECT id FROM misc.mysql_accounts WHERE username='{$account}' AND useraccount={$uid});";
bernd Logger mit Logleveln

bernd authored 15 years ago

108)     logger(LOG_INFO, "modules/mysql/include/mysql", "mysql", "revoking access on »{$db}« from »{$account}«");
bernd webinterface => /webinterface

bernd authored 17 years ago

109)   }
bernd sql-abfragen abstrahiert

bernd authored 17 years ago

110)   db_query($query);
bernd webinterface => /webinterface

bernd authored 17 years ago

111) }
112) 
113) 
bernd * Erlaube Beschreibung zu D...

bernd authored 15 years ago

114) function create_mysql_account($username, $description = '')
bernd webinterface => /webinterface

bernd authored 17 years ago

115) {
bernd * Erlaube Beschreibung zu D...

bernd authored 15 years ago

116)   if (! validate_mysql_username($username))
bernd webinterface => /webinterface

bernd authored 17 years ago

117)   {
bernd Logger mit Logleveln

bernd authored 15 years ago

118)     logger(LOG_WARNING, "modules/mysql/include/mysql", "mysql", "illegal username »{$username}«");
bernd webinterface => /webinterface

bernd authored 17 years ago

119)     input_error("Der eingegebene Benutzername entspricht leider nicht der Konvention. Bitte tragen Sie einen passenden Namen ein.");
120)     return NULL;
121)   }
122)   $uid = $_SESSION['userinfo']['uid'];
123)   $username = mysql_real_escape_string($username);
bernd * Erlaube Beschreibung zu D...

bernd authored 15 years ago

124)   $description = maybe_null($description);
bernd Logger mit Logleveln

bernd authored 15 years ago

125)   logger(LOG_INFO, "modules/mysql/include/mysql", "mysql", "creating user »{$username}«");
bernd * Erlaube Beschreibung zu D...

bernd authored 15 years ago

126)   db_query("INSERT INTO misc.mysql_accounts (username, password, useraccount, description) VALUES ('$username', '!', $uid, $description);");
bernd webinterface => /webinterface

bernd authored 17 years ago

127) }
128) 
129) 
130) function delete_mysql_account($username)
131) {
132)   $username = mysql_real_escape_string($username);
133)   $uid = $_SESSION['userinfo']['uid'];
bernd Logger mit Logleveln

bernd authored 15 years ago

134)   logger(LOG_INFO, "modules/mysql/include/mysql", "mysql", "deleting user »{$username}«");
bernd sql-abfragen abstrahiert

bernd authored 17 years ago

135)   db_query("DELETE FROM misc.mysql_accounts WHERE username='{$username}' AND useraccount='{$uid}' LIMIT 1;");
bernd webinterface => /webinterface

bernd authored 17 years ago

136) }
137) 
138) 
bernd * Erlaube Beschreibung zu D...

bernd authored 15 years ago

139) function create_mysql_database($dbname, $description = '')
bernd webinterface => /webinterface

bernd authored 17 years ago

140) {
141)   if (! validate_mysql_dbname($dbname))
142)   {
bernd Logger mit Logleveln

bernd authored 15 years ago

143)     logger(LOG_WARNING, "modules/mysql/include/mysql", "mysql", "illegal db-name »{$dbname}«");
bernd webinterface => /webinterface

bernd authored 17 years ago

144)     input_error("Der eingegebene Datenbankname entspricht leider nicht der Konvention. Bitte tragen Sie einen passenden Namen ein.");
145)     return NULL;
146)   }
147)   $dbname = mysql_real_escape_string($dbname);
148)   $uid = $_SESSION['userinfo']['uid'];
bernd * Erlaube Beschreibung zu D...

bernd authored 15 years ago

149)   $description = maybe_null($description);
bernd Logger mit Logleveln

bernd authored 15 years ago

150)   logger(LOG_INFO, "modules/mysql/include/mysql", "mysql", "creating database »{$dbname}«");
bernd * Erlaube Beschreibung zu D...

bernd authored 15 years ago

151)   db_query("INSERT INTO misc.mysql_database (name, useraccount, description) VALUES ('$dbname', $uid, $description);");
bernd webinterface => /webinterface

bernd authored 17 years ago

152) }
153) 
154) 
155) function delete_mysql_database($dbname)
156) {
157)   $dbname = mysql_real_escape_string($dbname);
158)   $uid = $_SESSION['userinfo']['uid'];
bernd Logger mit Logleveln

bernd authored 15 years ago

159)   logger(LOG_INFO, "modules/mysql/include/mysql", "mysql", "removing database »{$dbname}«");
bernd sql-abfragen abstrahiert

bernd authored 17 years ago

160)   db_query("DELETE FROM misc.mysql_database WHERE name='{$dbname}' AND useraccount='{$uid}' LIMIT 1;");
bernd webinterface => /webinterface

bernd authored 17 years ago

161) }
162) 
163) 
bernd * Erlaube Beschreibung zu D...

bernd authored 15 years ago

164) function validate_mysql_dbname($dbname)
bernd webinterface => /webinterface

bernd authored 17 years ago

165) {
166)   $sys_username = $_SESSION['userinfo']['username'];
bernd * Erlaube Beschreibung zu D...

bernd authored 15 years ago

167)   return preg_match("/^{$sys_username}(_[a-zA-Z0-9_-]+)?$/", $dbname);
bernd webinterface => /webinterface

bernd authored 17 years ago

168) }
169) 
170) 
bernd * Erlaube Beschreibung zu D...

bernd authored 15 years ago

171) function validate_mysql_username($username)
bernd webinterface => /webinterface

bernd authored 17 years ago

172) {
bernd stringlänge mit strlen und...

bernd authored 15 years ago

173)   return validate_mysql_dbname($username) && (strlen($username) <= 16);
bernd webinterface => /webinterface

bernd authored 17 years ago

174) }
175) 
176) 
177) 
178) function set_mysql_password($username, $password)
179) {
180)   $username = mysql_real_escape_string($username);
181)   $password = mysql_real_escape_string($password);
182)   $uid = $_SESSION['userinfo']['uid'];
bernd Logger mit Logleveln

bernd authored 15 years ago

183)   logger(LOG_INFO, "modules/mysql/include/mysql", "mysql", "updating password for »{$username}«");
bernd sql-abfragen abstrahiert

bernd authored 17 years ago

184)   db_query("UPDATE misc.mysql_accounts SET password=PASSWORD('$password') WHERE username='$username' AND useraccount=$uid;");
bernd webinterface => /webinterface

bernd authored 17 years ago

185) }
186) 
187) 
bernd Fix of bugs #554 and #553

bernd authored 16 years ago

188) function has_mysql_database($dbname)
189) {
190)   $uid = $_SESSION['userinfo']['uid'];
191)   $dbname = mysql_real_escape_string($dbname);
192)   $result = db_query("SELECT NULL FROM misc.mysql_database WHERE name='{$dbname}' AND useraccount='{$uid}' LIMIT 1;");
193)   return (mysql_num_rows($result) == 1);
194) }
195) 
196) 
197) function has_mysql_user($username)
198) {
199)   $uid = $_SESSION['userinfo']['uid'];
200)   $userame = mysql_real_escape_string($username);
201)   $result = db_query("SELECT NULL FROM misc.mysql_accounts WHERE username='{$username}' AND useraccount='{$uid}' LIMIT 1;");
202)   return (mysql_num_rows($result) == 1);
203) }
204) 
205)