optimized the test for super user privileges
This commit is contained in:
@@ -26,6 +26,8 @@ $Source$
|
|||||||
* tbl_change.php3; tbl_replace.php3: fixed bugs in function field name with
|
* tbl_change.php3; tbl_replace.php3: fixed bugs in function field name with
|
||||||
special characters and no-parameter functions.
|
special characters and no-parameter functions.
|
||||||
* config.inc.php3: added the "UNIX_TIMESTAMP" function.
|
* config.inc.php3: added the "UNIX_TIMESTAMP" function.
|
||||||
|
* sql.php3; main.php3; db_readdump.php3; db_details.php3: optimized the
|
||||||
|
test for super user privileges.
|
||||||
|
|
||||||
2001-08-28 Olivier M<>ller <om@omnis.ch>
|
2001-08-28 Olivier M<>ller <om@omnis.ch>
|
||||||
* db_stats.php3: fixed the sql query so that the script won't die, even if
|
* db_stats.php3: fixed the sql query so that the script won't die, even if
|
||||||
|
@@ -546,11 +546,10 @@ echo ' ' . ' <input type="submit" value="' . $strGo . '" />' . "\n";
|
|||||||
<?php
|
<?php
|
||||||
// Check if the user is a Superuser
|
// Check if the user is a Superuser
|
||||||
// TODO: set a global variable with this information
|
// TODO: set a global variable with this information
|
||||||
$result = mysql_query('SELECT * FROM mysql.user');
|
// loic1: optimized query
|
||||||
$rows = @mysql_num_rows($result);
|
$result = @mysql_query('USE mysql');
|
||||||
// loic1: empry <> 0 with ceratin php3 releases
|
$is_superuser = (!mysql_error());
|
||||||
$is_superuser = (!empty($rows) || $rows != 0);
|
|
||||||
|
|
||||||
// Display the DROP DATABASE link only if allowed to do so
|
// Display the DROP DATABASE link only if allowed to do so
|
||||||
if ($cfgAllowUserDropDatabase || $is_superuser) {
|
if ($cfgAllowUserDropDatabase || $is_superuser) {
|
||||||
?>
|
?>
|
||||||
|
@@ -75,10 +75,9 @@ if (!$cfgAllowUserDropDatabase
|
|||||||
&& eregi('DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE ', $sql_query)) {
|
&& eregi('DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE ', $sql_query)) {
|
||||||
// Checks if the user is a Superuser
|
// Checks if the user is a Superuser
|
||||||
// TODO: set a global variable with this information
|
// TODO: set a global variable with this information
|
||||||
$result = mysql_query('SELECT * FROM mysql.user');
|
// loic1: optimized query
|
||||||
$rows = @mysql_num_rows($result);
|
$result = @mysql_query('USE mysql');
|
||||||
// empty <> 0 for certain php3 releases
|
if (mysql_error()) {
|
||||||
if (empty($rows) || $rows == 0) {
|
|
||||||
include('./header.inc.php3');
|
include('./header.inc.php3');
|
||||||
mysql_die($strNoDropDatabases);
|
mysql_die($strNoDropDatabases);
|
||||||
}
|
}
|
||||||
|
10
main.php3
10
main.php3
@@ -275,9 +275,8 @@ if ($server > 0
|
|||||||
echo "\n";
|
echo "\n";
|
||||||
}
|
}
|
||||||
|
|
||||||
$result = mysql_query('SELECT * FROM mysql.user');
|
$result = @mysql_query('USE mysql');
|
||||||
$rows = @mysql_num_rows($result);
|
if (!mysql_error()) {
|
||||||
if (!empty($rows)) {
|
|
||||||
?>
|
?>
|
||||||
<tr>
|
<tr>
|
||||||
<td valign="baseline"><img src="images/item.gif" width="7" height="7" alt="item" /></td>
|
<td valign="baseline"><img src="images/item.gif" width="7" height="7" alt="item" /></td>
|
||||||
@@ -367,9 +366,8 @@ if ($server > 0
|
|||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
<?php
|
<?php
|
||||||
$result = mysql_query('SELECT * FROM mysql.user');
|
$result = @mysql_query('USE mysql');
|
||||||
$rows = @mysql_num_rows($result);
|
if (!mysql_error()) {
|
||||||
if (!empty($rows)) {
|
|
||||||
echo "\n";
|
echo "\n";
|
||||||
?>
|
?>
|
||||||
<tr>
|
<tr>
|
||||||
|
7
sql.php3
7
sql.php3
@@ -17,10 +17,9 @@ if (!defined('PMA_CHK_DROP')
|
|||||||
&& eregi('DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE ', $sql_query)) {
|
&& eregi('DROP[[:space:]]+(IF EXISTS[[:space:]]+)?DATABASE ', $sql_query)) {
|
||||||
// Checks if the user is a Superuser
|
// Checks if the user is a Superuser
|
||||||
// TODO: set a global variable with this information
|
// TODO: set a global variable with this information
|
||||||
$result = mysql_query('SELECT * FROM mysql.user');
|
// loic1: optimized query
|
||||||
$rows = @mysql_num_rows($result);
|
$result = @mysql_query('USE mysql');
|
||||||
// empty <> 0 for certain php3 releases
|
if (mysql_error()) {
|
||||||
if (empty($rows) || $rows == 0) {
|
|
||||||
include('./header.inc.php3');
|
include('./header.inc.php3');
|
||||||
mysql_die($strNoDropDatabases);
|
mysql_die($strNoDropDatabases);
|
||||||
} // end if
|
} // end if
|
||||||
|
Reference in New Issue
Block a user