modules/mysql/include/mysql.php (fbbc80e) - webinterface.git

fbbc80e14589767aac24358eeb347f338cf66e3c

webinterface => /webinterface bernd authored 17 years ago	`1) <?php 2) 3) function get_mysql_accounts($UID) 4) { 5) $UID = (int) $UID;`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`6) $result = db_query("SELECT username, description FROM misc.mysql_accounts WHERE useraccount=$UID");`
webinterface => /webinterface bernd authored 17 years ago	`7) if (mysql_num_rows($result) == 0) 8) return array(); 9) $list = array();`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`10) while ($item = mysql_fetch_assoc($result))`
webinterface => /webinterface bernd authored 17 years ago	`11) {`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`12) $list[] = $item;`
webinterface => /webinterface bernd authored 17 years ago	`13) } 14) return $list; 15) } 16) 17) function get_mysql_databases($UID) 18) { 19) $UID = (int) $UID;`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`20) $result = db_query("SELECT name, description FROM misc.mysql_database WHERE useraccount=$UID");`
webinterface => /webinterface bernd authored 17 years ago	`21) if (mysql_num_rows($result) == 0) 22) return array(); 23) $list = array();`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`24) while ($item = mysql_fetch_assoc($result))`
webinterface => /webinterface bernd authored 17 years ago	`25) {`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`26) $list[] = $item;`
webinterface => /webinterface bernd authored 17 years ago	`27) } 28) return $list; 29) } 30) 31) 32) function get_mysql_access($db, $account) 33) { 34) $uid = $_SESSION['userinfo']['uid']; 35) global $mysql_access; 36) if (!is_array($mysql_access)) 37) { 38) $mysql_access = array();`
sql-abfragen abstrahiert bernd authored 16 years ago	`39) $result = db_query("SELECT db.name AS db, acc.username AS user FROM misc.mysql_access AS access LEFT JOIN misc.mysql_database AS db ON (db.id=access.database) LEFT JOIN misc.mysql_accounts AS acc ON (acc.id = access.user) WHERE acc.useraccount={$uid} OR db.useraccount={$uid};");`
webinterface => /webinterface bernd authored 17 years ago	40) if (mysql_num_rows($result) == 0) 41) return false; 42) while ($line = mysql_fetch_object($result)) 43) $mysql_access[$line->db][$line->user] = true; 44) } 45) return (array_key_exists($db, $mysql_access) && array_key_exists($account, $mysql_access[$db])); 46) } 47) 48) 49) function set_mysql_access($db, $account, $status) 50) { 51) $uid = $_SESSION['userinfo']['uid']; 52) $db = mysql_real_escape_string($db); 53) $account = mysql_real_escape_string($account); 54) $query = ''; 55) if ($status) 56) { 57) if (get_mysql_access($db, $account)) 58) return NULL; 59) $query = "INSERT INTO misc.mysql_access (`database`,user) VALUES ((SELECT id FROM misc.mysql_database WHERE name='{$db}' AND useraccount={$uid} LIMIT 1), (SELECT id FROM misc.mysql_accounts WHERE username='{$account}' AND useraccount={$uid}));";
eliminate .php extensions f... bernd authored 15 years ago	`60) logger("modules/mysql/include/mysql", "mysql", "granting access on »{$db}« to »{$account}«");`
webinterface => /webinterface bernd authored 17 years ago	61) } 62) else 63) { 64) if (! get_mysql_access($db, $account)) 65) return NULL; 66) $query = "DELETE FROM misc.mysql_access WHERE `database`=(SELECT id FROM misc.mysql_database WHERE name='{$db}' AND useraccount={$uid} LIMIT 1) AND user=(SELECT id FROM misc.mysql_accounts WHERE username='{$account}' AND useraccount={$uid});";
eliminate .php extensions f... bernd authored 15 years ago	`67) logger("modules/mysql/include/mysql", "mysql", "revoking access on »{$db}« from »{$account}«");`
webinterface => /webinterface bernd authored 17 years ago	`68) }`
sql-abfragen abstrahiert bernd authored 16 years ago	`69) db_query($query);`
webinterface => /webinterface bernd authored 17 years ago	`70) } 71) 72)`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`73) function create_mysql_account($username, $description = '')`
webinterface => /webinterface bernd authored 17 years ago	`74) {`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`75) if (! validate_mysql_username($username))`
webinterface => /webinterface bernd authored 17 years ago	`76) {`
eliminate .php extensions f... bernd authored 15 years ago	`77) logger("modules/mysql/include/mysql", "mysql", "illegal username »{$username}«");`
webinterface => /webinterface bernd authored 17 years ago	`78) input_error("Der eingegebene Benutzername entspricht leider nicht der Konvention. Bitte tragen Sie einen passenden Namen ein."); 79) return NULL; 80) } 81) $uid = $_SESSION['userinfo']['uid']; 82) $username = mysql_real_escape_string($username);`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`83) $description = maybe_null($description);`
eliminate .php extensions f... bernd authored 15 years ago	`84) logger("modules/mysql/include/mysql", "mysql", "creating user »{$username}«");`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`85) db_query("INSERT INTO misc.mysql_accounts (username, password, useraccount, description) VALUES ('$username', '!', $uid, $description);");`
webinterface => /webinterface bernd authored 17 years ago	`86) } 87) 88) 89) function delete_mysql_account($username) 90) { 91) $username = mysql_real_escape_string($username); 92) $uid = $_SESSION['userinfo']['uid'];`
eliminate .php extensions f... bernd authored 15 years ago	`93) logger("modules/mysql/include/mysql", "mysql", "deleting user »{$username}«");`
sql-abfragen abstrahiert bernd authored 16 years ago	`94) db_query("DELETE FROM misc.mysql_accounts WHERE username='{$username}' AND useraccount='{$uid}' LIMIT 1;");`
webinterface => /webinterface bernd authored 17 years ago	`95) } 96) 97)`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`98) function create_mysql_database($dbname, $description = '')`
webinterface => /webinterface bernd authored 17 years ago	`99) { 100) if (! validate_mysql_dbname($dbname)) 101) {`
eliminate .php extensions f... bernd authored 15 years ago	`102) logger("modules/mysql/include/mysql", "mysql", "illegal db-name »{$dbname}«");`
webinterface => /webinterface bernd authored 17 years ago	`103) input_error("Der eingegebene Datenbankname entspricht leider nicht der Konvention. Bitte tragen Sie einen passenden Namen ein."); 104) return NULL; 105) } 106) $dbname = mysql_real_escape_string($dbname); 107) $uid = $_SESSION['userinfo']['uid'];`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`108) $description = maybe_null($description);`
eliminate .php extensions f... bernd authored 15 years ago	`109) logger("modules/mysql/include/mysql", "mysql", "creating database »{$dbname}«");`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`110) db_query("INSERT INTO misc.mysql_database (name, useraccount, description) VALUES ('$dbname', $uid, $description);");`
webinterface => /webinterface bernd authored 17 years ago	`111) } 112) 113) 114) function delete_mysql_database($dbname) 115) { 116) $dbname = mysql_real_escape_string($dbname); 117) $uid = $_SESSION['userinfo']['uid'];`
eliminate .php extensions f... bernd authored 15 years ago	`118) logger("modules/mysql/include/mysql", "mysql", "removing database »{$dbname}«");`
sql-abfragen abstrahiert bernd authored 16 years ago	`119) db_query("DELETE FROM misc.mysql_database WHERE name='{$dbname}' AND useraccount='{$uid}' LIMIT 1;");`
webinterface => /webinterface bernd authored 17 years ago	`120) } 121) 122)`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`123) function validate_mysql_dbname($dbname)`
webinterface => /webinterface bernd authored 17 years ago	`124) { 125) $sys_username = $_SESSION['userinfo']['username'];`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`126) return preg_match("/^{$sys_username}(_[a-zA-Z0-9_-]+)?$/", $dbname);`
webinterface => /webinterface bernd authored 17 years ago	`127) } 128) 129)`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`130) function validate_mysql_username($username)`
webinterface => /webinterface bernd authored 17 years ago	`131) {`
* Erlaube Beschreibung zu D... bernd authored 15 years ago	`132) return validate_mysql_dbname($username) && (count($username) <= 16);`
webinterface => /webinterface bernd authored 17 years ago	`133) } 134) 135) 136) 137) function set_mysql_password($username, $password) 138) { 139) $username = mysql_real_escape_string($username); 140) $password = mysql_real_escape_string($password); 141) $uid = $_SESSION['userinfo']['uid'];`
eliminate .php extensions f... bernd authored 15 years ago	`142) logger("modules/mysql/include/mysql", "mysql", "updating password for »{$username}«");`
sql-abfragen abstrahiert bernd authored 16 years ago	`143) db_query("UPDATE misc.mysql_accounts SET password=PASSWORD('$password') WHERE username='$username' AND useraccount=$uid;");`
webinterface => /webinterface bernd authored 17 years ago	`144) } 145) 146)`
Fix of bugs #554 and #553 bernd authored 15 years ago	147) function has_mysql_database($dbname) 148) { 149) $uid = $_SESSION['userinfo']['uid']; 150) $dbname = mysql_real_escape_string($dbname); 151) $result = db_query("SELECT NULL FROM misc.mysql_database WHERE name='{$dbname}' AND useraccount='{$uid}' LIMIT 1;"); 152) return (mysql_num_rows($result) == 1); 153) } 154) 155) 156) function has_mysql_user($username) 157) { 158) $uid = $_SESSION['userinfo']['uid']; 159) $userame = mysql_real_escape_string($username); 160) $result = db_query("SELECT NULL FROM misc.mysql_accounts WHERE username='{$username}' AND useraccount='{$uid}' LIMIT 1;"); 161) return (mysql_num_rows($result) == 1); 162) } 163) 164)