modules/mysql/include/mysql.php (f12aba6) - webinterface.git

f12aba6daa6e2848a8ed60ea57b26874d6675f52

webinterface => /webinterface bernd authored 17 years ago	`1) <?php`
Added license tags for CC0,... Bernd Wurst authored 12 years ago	`2) /* 3) This file belongs to the Webinterface of schokokeks.org Hosting 4)`
Updated copyright notice (2... Bernd Wurst authored 11 years ago	`5) Written 2008-2013 by schokokeks.org Hosting, namely`
Added license tags for CC0,... Bernd Wurst authored 12 years ago	6) Bernd Wurst <bernd@schokokeks.org> 7) Hanno Böck <hanno@schokokeks.org> 8) 9) To the extent possible under law, the author(s) have dedicated all copyright and related and neighboring rights to this software to the public domain worldwide. This software is distributed without any warranty. 10) 11) You should have received a copy of the CC0 Public Domain Dedication along with this software. If not, see 12) http://creativecommons.org/publicdomain/zero/1.0/ 13) 14) Nevertheless, in case you use a significant part of this code, we ask (but not require, see the license) that you keep the authors' names in place and return your changes to the public. We would be especially happy if you tell us what you're going to do with this code. 15) */
webinterface => /webinterface bernd authored 17 years ago	`16) 17) function get_mysql_accounts($UID) 18) { 19) $UID = (int) $UID;`
sortiere in mysql-ansicht u... hanno authored 12 years ago	`20) $result = db_query("SELECT username, description, created FROM misc.mysql_accounts WHERE useraccount=$UID ORDER BY username");`
webinterface => /webinterface bernd authored 17 years ago	`21) if (mysql_num_rows($result) == 0) 22) return array(); 23) $list = array();`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`24) while ($item = mysql_fetch_assoc($result))`
webinterface => /webinterface bernd authored 17 years ago	`25) {`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`26) $list[] = $item;`
webinterface => /webinterface bernd authored 17 years ago	`27) } 28) return $list; 29) } 30) 31) function get_mysql_databases($UID) 32) { 33) $UID = (int) $UID;`
sortiere in mysql-ansicht u... hanno authored 12 years ago	`34) $result = db_query("SELECT id, name, description, created FROM misc.mysql_database WHERE useraccount=$UID ORDER BY name");`
webinterface => /webinterface bernd authored 17 years ago	`35) if (mysql_num_rows($result) == 0) 36) return array(); 37) $list = array();`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`38) while ($item = mysql_fetch_assoc($result))`
webinterface => /webinterface bernd authored 17 years ago	`39) {`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`40) $list[] = $item;`
webinterface => /webinterface bernd authored 17 years ago	`41) } 42) return $list; 43) } 44) 45)`
Link zu phpMyAdmin prominen... bernd authored 13 years ago	`46) function servers_for_databases()`
Zeige Link zum phpMyAdmin i... bernd authored 13 years ago	`47) {`
Link zu phpMyAdmin prominen... bernd authored 13 years ago	`48) $uid = (int) $_SESSION['userinfo']['uid'];`
Zeige Link zum phpMyAdmin i... bernd authored 13 years ago	`49)`
Link zu phpMyAdmin prominen... bernd authored 13 years ago	`50) $result = db_query("SELECT db.name AS db, hostname FROM misc.mysql_database AS db LEFT JOIN system.useraccounts AS u ON (db.useraccount=u.uid) LEFT JOIN system.servers ON (COALESCE(db.server, u.server) = servers.id) WHERE db.useraccount={$uid}"); 51) $ret = array(); 52) while ($line = mysql_fetch_assoc($result)) { 53) $ret[$line['db']] = $line['hostname']; 54) } 55) DEBUG($ret); 56) return $ret;`
Zeige Link zum phpMyAdmin i... bernd authored 13 years ago	`57) } 58) 59)`
webinterface => /webinterface bernd authored 17 years ago	`60) function get_mysql_access($db, $account) 61) { 62) $uid = $_SESSION['userinfo']['uid']; 63) global $mysql_access; 64) if (!is_array($mysql_access)) 65) { 66) $mysql_access = array();`
sql-abfragen abstrahiert bernd authored 16 years ago	`67) $result = db_query("SELECT db.name AS db, acc.username AS user FROM misc.mysql_access AS access LEFT JOIN misc.mysql_database AS db ON (db.id=access.database) LEFT JOIN misc.mysql_accounts AS acc ON (acc.id = access.user) WHERE acc.useraccount={$uid} OR db.useraccount={$uid};");`
webinterface => /webinterface bernd authored 17 years ago	`68) if (mysql_num_rows($result) == 0) 69) return false; 70) while ($line = mysql_fetch_object($result)) 71) $mysql_access[$line->db][$line->user] = true; 72) } 73) return (array_key_exists($db, $mysql_access) && array_key_exists($account, $mysql_access[$db])); 74) } 75) 76) 77) function set_mysql_access($db, $account, $status) 78) { 79) $uid = $_SESSION['userinfo']['uid']; 80) $db = mysql_real_escape_string($db); 81) $account = mysql_real_escape_string($account);`
Fehlende geschweifte Klamme... bernd authored 13 years ago	`82) DEBUG("User »{$account}« soll ".($status ? "" : "NICHT ")."auf die Datenbank »{$db}« zugreifen");`
webinterface => /webinterface bernd authored 17 years ago	`83) $query = ''; 84) if ($status) 85) { 86) if (get_mysql_access($db, $account)) 87) return NULL;`
stringlänge mit strlen und... bernd authored 14 years ago	`88) $result = db_query("SELECT id FROM misc.mysql_database WHERE name='{$db}' AND useraccount={$uid} LIMIT 1"); 89) if (mysql_num_rows($result) != 1) 90) { 91) logger(LOG_ERR, "modules/mysql/include/mysql", "mysql", "cannot find database {$db}"); 92) system_failure("cannot find database »{$db}«"); 93) }`
typo bernd authored 14 years ago	`94) $result = db_query("SELECT id FROM misc.mysql_accounts WHERE username='{$account}' AND useraccount={$uid} LIMIT 1");`
stringlänge mit strlen und... bernd authored 14 years ago	`95) if (mysql_num_rows($result) != 1) 96) { 97) logger(LOG_ERR, "modules/mysql/include/mysql", "mysql", "cannot find user {$account}"); 98) system_failure("cannot find database user »{$account}«"); 99) }`
webinterface => /webinterface bernd authored 17 years ago	100) $query = "INSERT INTO misc.mysql_access (`database`,user) VALUES ((SELECT id FROM misc.mysql_database WHERE name='{$db}' AND useraccount={$uid} LIMIT 1), (SELECT id FROM misc.mysql_accounts WHERE username='{$account}' AND useraccount={$uid}));";
Logger mit Logleveln bernd authored 14 years ago	`101) logger(LOG_INFO, "modules/mysql/include/mysql", "mysql", "granting access on »{$db}« to »{$account}«");`
webinterface => /webinterface bernd authored 17 years ago	102) } 103) else 104) { 105) if (! get_mysql_access($db, $account)) 106) return NULL; 107) $query = "DELETE FROM misc.mysql_access WHERE `database`=(SELECT id FROM misc.mysql_database WHERE name='{$db}' AND useraccount={$uid} LIMIT 1) AND user=(SELECT id FROM misc.mysql_accounts WHERE username='{$account}' AND useraccount={$uid});";
Logger mit Logleveln bernd authored 14 years ago	`108) logger(LOG_INFO, "modules/mysql/include/mysql", "mysql", "revoking access on »{$db}« from »{$account}«");`
webinterface => /webinterface bernd authored 17 years ago	`109) }`
sql-abfragen abstrahiert bernd authored 16 years ago	`110) db_query($query);`
webinterface => /webinterface bernd authored 17 years ago	`111) } 112) 113)`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`114) function create_mysql_account($username, $description = '')`
webinterface => /webinterface bernd authored 17 years ago	`115) {`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`116) if (! validate_mysql_username($username))`
webinterface => /webinterface bernd authored 17 years ago	`117) {`
Logger mit Logleveln bernd authored 14 years ago	`118) logger(LOG_WARNING, "modules/mysql/include/mysql", "mysql", "illegal username »{$username}«");`
webinterface => /webinterface bernd authored 17 years ago	`119) input_error("Der eingegebene Benutzername entspricht leider nicht der Konvention. Bitte tragen Sie einen passenden Namen ein."); 120) return NULL; 121) } 122) $uid = $_SESSION['userinfo']['uid']; 123) $username = mysql_real_escape_string($username);`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`124) $description = maybe_null($description);`
Logger mit Logleveln bernd authored 14 years ago	`125) logger(LOG_INFO, "modules/mysql/include/mysql", "mysql", "creating user »{$username}«");`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`126) db_query("INSERT INTO misc.mysql_accounts (username, password, useraccount, description) VALUES ('$username', '!', $uid, $description);");`
webinterface => /webinterface bernd authored 17 years ago	`127) } 128) 129) 130) function delete_mysql_account($username) 131) { 132) $username = mysql_real_escape_string($username); 133) $uid = $_SESSION['userinfo']['uid'];`
Logger mit Logleveln bernd authored 14 years ago	`134) logger(LOG_INFO, "modules/mysql/include/mysql", "mysql", "deleting user »{$username}«");`
sql-abfragen abstrahiert bernd authored 16 years ago	`135) db_query("DELETE FROM misc.mysql_accounts WHERE username='{$username}' AND useraccount='{$uid}' LIMIT 1;");`
webinterface => /webinterface bernd authored 17 years ago	`136) } 137) 138)`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`139) function create_mysql_database($dbname, $description = '')`
webinterface => /webinterface bernd authored 17 years ago	`140) { 141) if (! validate_mysql_dbname($dbname)) 142) {`
Logger mit Logleveln bernd authored 14 years ago	`143) logger(LOG_WARNING, "modules/mysql/include/mysql", "mysql", "illegal db-name »{$dbname}«");`
webinterface => /webinterface bernd authored 17 years ago	`144) input_error("Der eingegebene Datenbankname entspricht leider nicht der Konvention. Bitte tragen Sie einen passenden Namen ein."); 145) return NULL; 146) } 147) $dbname = mysql_real_escape_string($dbname); 148) $uid = $_SESSION['userinfo']['uid'];`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`149) $description = maybe_null($description);`
Logger mit Logleveln bernd authored 14 years ago	`150) logger(LOG_INFO, "modules/mysql/include/mysql", "mysql", "creating database »{$dbname}«");`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`151) db_query("INSERT INTO misc.mysql_database (name, useraccount, description) VALUES ('$dbname', $uid, $description);");`
webinterface => /webinterface bernd authored 17 years ago	`152) } 153) 154) 155) function delete_mysql_database($dbname) 156) { 157) $dbname = mysql_real_escape_string($dbname); 158) $uid = $_SESSION['userinfo']['uid'];`
Logger mit Logleveln bernd authored 14 years ago	`159) logger(LOG_INFO, "modules/mysql/include/mysql", "mysql", "removing database »{$dbname}«");`
sql-abfragen abstrahiert bernd authored 16 years ago	`160) db_query("DELETE FROM misc.mysql_database WHERE name='{$dbname}' AND useraccount='{$uid}' LIMIT 1;");`
webinterface => /webinterface bernd authored 17 years ago	`161) } 162) 163)`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`164) function validate_mysql_dbname($dbname)`
webinterface => /webinterface bernd authored 17 years ago	`165) { 166) $sys_username = $_SESSION['userinfo']['username'];`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`167) return preg_match("/^{$sys_username}(_[a-zA-Z0-9_-]+)?$/", $dbname);`
webinterface => /webinterface bernd authored 17 years ago	`168) } 169) 170)`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`171) function validate_mysql_username($username)`
webinterface => /webinterface bernd authored 17 years ago	`172) {`
stringlänge mit strlen und... bernd authored 14 years ago	`173) return validate_mysql_dbname($username) && (strlen($username) <= 16);`
webinterface => /webinterface bernd authored 17 years ago	`174) } 175) 176) 177) 178) function set_mysql_password($username, $password) 179) { 180) $username = mysql_real_escape_string($username); 181) $password = mysql_real_escape_string($password); 182) $uid = $_SESSION['userinfo']['uid'];`
Logger mit Logleveln bernd authored 14 years ago	`183) logger(LOG_INFO, "modules/mysql/include/mysql", "mysql", "updating password for »{$username}«");`
sql-abfragen abstrahiert bernd authored 16 years ago	`184) db_query("UPDATE misc.mysql_accounts SET password=PASSWORD('$password') WHERE username='$username' AND useraccount=$uid;");`
webinterface => /webinterface bernd authored 17 years ago	`185) } 186) 187)`
Fix of bugs #554 and #553 bernd authored 15 years ago	188) function has_mysql_database($dbname) 189) { 190) $uid = $_SESSION['userinfo']['uid']; 191) $dbname = mysql_real_escape_string($dbname); 192) $result = db_query("SELECT NULL FROM misc.mysql_database WHERE name='{$dbname}' AND useraccount='{$uid}' LIMIT 1;"); 193) return (mysql_num_rows($result) == 1); 194) } 195) 196) 197) function has_mysql_user($username) 198) { 199) $uid = $_SESSION['userinfo']['uid']; 200) $userame = mysql_real_escape_string($username); 201) $result = db_query("SELECT NULL FROM misc.mysql_accounts WHERE username='{$username}' AND useraccount='{$uid}' LIMIT 1;"); 202) return (mysql_num_rows($result) == 1); 203) } 204) 205)