nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

optimized the test for super user privileges

Browse Source
This commit is contained in:
Loïc Chapeaux
2001-08-28 18:11:00 +00:00
parent 2e702f6f11
commit 252b3d3d80
5 changed files with 16 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog
View File

@@ -26,6 +26,8 @@ $Source$
* tbl_change.php3; tbl_replace.php3: fixed bugs in function field name with * tbl_change.php3; tbl_replace.php3: fixed bugs in function field name with
special characters and no-parameter functions. special characters and no-parameter functions.
* config.inc.php3: added the "UNIX_TIMESTAMP" function. * config.inc.php3: added the "UNIX_TIMESTAMP" function.
* sql.php3; main.php3; db_readdump.php3; db_details.php3: optimized the
test for super user privileges.
2001-08-28 Olivier M<>ller <om@omnis.ch> 2001-08-28 Olivier M<>ller <om@omnis.ch>
* db_stats.php3: fixed the sql query so that the script won't die, even if * db_stats.php3: fixed the sql query so that the script won't die, even if

9
db_details.php3
View File

@@ -546,11 +546,10 @@ echo ' ' . '&nbsp;<input type="submit" value="' . $strGo . '" />' . "\n";
<?php <?php
// Check if the user is a Superuser // Check if the user is a Superuser
// TODO: set a global variable with this information // TODO: set a global variable with this information
$result = mysql_query('SELECT * FROM mysql.user'); // loic1: optimized query
$rows = @mysql_num_rows($result); $result = @mysql_query('USE mysql');
// loic1: empry <> 0 with ceratin php3 releases $is_superuser = (!mysql_error());
$is_superuser = (!empty($rows) || $rows != 0);
// Display the DROP DATABASE link only if allowed to do so // Display the DROP DATABASE link only if allowed to do so
if ($cfgAllowUserDropDatabase || $is_superuser) { if ($cfgAllowUserDropDatabase || $is_superuser) {
?> ?>

7
db_readdump.php3
View File

@@ -75,10 +75,9 @@ if (!$cfgAllowUserDropDatabase
&& eregi('DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE ', $sql_query)) { && eregi('DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE ', $sql_query)) {
// Checks if the user is a Superuser // Checks if the user is a Superuser
// TODO: set a global variable with this information // TODO: set a global variable with this information
$result = mysql_query('SELECT * FROM mysql.user'); // loic1: optimized query
$rows = @mysql_num_rows($result); $result = @mysql_query('USE mysql');
// empty <> 0 for certain php3 releases if (mysql_error()) {
if (empty($rows) || $rows == 0) {
include('./header.inc.php3'); include('./header.inc.php3');
mysql_die($strNoDropDatabases); mysql_die($strNoDropDatabases);
} }

10
main.php3
View File

@@ -275,9 +275,8 @@ if ($server > 0
echo "\n"; echo "\n";
} }
$result = mysql_query('SELECT * FROM mysql.user'); $result = @mysql_query('USE mysql');
$rows = @mysql_num_rows($result); if (!mysql_error()) {
if (!empty($rows)) {
?> ?>
<tr> <tr>
<td valign="baseline"><img src="images/item.gif" width="7" height="7" alt="item" /></td> <td valign="baseline"><img src="images/item.gif" width="7" height="7" alt="item" /></td>
@@ -367,9 +366,8 @@ if ($server > 0
</td> </td>
</tr> </tr>
<?php <?php
$result = mysql_query('SELECT * FROM mysql.user'); $result = @mysql_query('USE mysql');
$rows = @mysql_num_rows($result); if (!mysql_error()) {
if (!empty($rows)) {
echo "\n"; echo "\n";
?> ?>
<tr> <tr>

7
sql.php3
View File

@@ -17,10 +17,9 @@ if (!defined('PMA_CHK_DROP')
&& eregi('DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE ', $sql_query)) { && eregi('DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE ', $sql_query)) {
// Checks if the user is a Superuser // Checks if the user is a Superuser
// TODO: set a global variable with this information // TODO: set a global variable with this information
$result = mysql_query('SELECT * FROM mysql.user'); // loic1: optimized query
$rows = @mysql_num_rows($result); $result = @mysql_query('USE mysql');
// empty <> 0 for certain php3 releases if (mysql_error()) {
if (empty($rows) || $rows == 0) {
include('./header.inc.php3'); include('./header.inc.php3');
mysql_die($strNoDropDatabases); mysql_die($strNoDropDatabases);
} // end if } // end if