remove remaining charset introducers
This commit is contained in:
Marc Delisle
@@ -152,11 +152,11 @@ function PMA_displayPrivTable($db = '*', $table = '*', $submit = TRUE, $indent =
|
||||
$username = $GLOBALS['username'];
|
||||
$hostname = $GLOBALS['hostname'];
|
||||
if ($db == '*') {
|
||||
$sql_query = 'SELECT * FROM `user` WHERE `User` = ' . PMA_charsetIntroducerCollate(PMA_sqlAddslashes($username)) . ' AND `Host` = ' . PMA_charsetIntroducerCollate($hostname) . ';';
|
||||
$sql_query = 'SELECT * FROM `user` WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($hostname, 'quoted') . ';';
|
||||
} else if ($table == '*') {
|
||||
$sql_query = 'SELECT * FROM `db` WHERE `User` = ' . PMA_charsetIntroducerCollate(PMA_sqlAddslashes($username)) . ' AND `Host` = ' . PMA_charsetIntroducerCollate($hostname) . ' AND `Db` =' . PMA_charsetIntroducerCollate($db) . ';';
|
||||
$sql_query = 'SELECT * FROM `db` WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($hostname, 'quoted') . ' AND ' . PMA_convert_using('Db') . ' = ' . PMA_convert_using($db, 'quoted') . ';';
|
||||
} else {
|
||||
$sql_query = 'SELECT `Table_priv` FROM `tables_priv` WHERE `User` = ' . PMA_charsetIntroducerCollate(PMA_sqlAddslashes($username)) . ' AND `Host` = ' . PMA_charsetIntroducerCollate($hostname) . ' AND `Db` =' . PMA_charsetIntroducerCollate($db) . ' AND `Table_name` = ' . PMA_charsetIntroducerCollate($table) . ';';
|
||||
$sql_query = 'SELECT `Table_priv` FROM `tables_priv` WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' .PMA_convert_using('Host') . ' = ' . PMA_convert_using($hostname, 'quoted') . ' AND ' . PMA_convert_using('Db') . ' = ' . PMA_convert_using($db, 'quoted') . ' AND ' . PMA_convert_using('Table_name') . ' = ' . PMA_convert_using($table, 'quoted') . ';';
|
||||
}
|
||||
$res = PMA_DBI_query($sql_query);
|
||||
$row = PMA_DBI_fetch_assoc($res);
|
||||
@@ -209,7 +209,8 @@ function PMA_displayPrivTable($db = '*', $table = '*', $submit = TRUE, $indent =
|
||||
unset($res, $row1);
|
||||
}
|
||||
if (!empty($columns)) {
|
||||
$res = PMA_DBI_QUERY('SELECT `Column_name`, `Column_priv` FROM `columns_priv` WHERE `User` = ' . PMA_charsetIntroducerCollate(PMA_sqlAddslashes($username)) . ' AND `Host` = ' . PMA_charsetIntroducerCollate($hostname) . ' AND `Db` =' . PMA_charsetIntroducerCollate($db) . ' AND `Table_name` = ' . PMA_charsetIntroducerCollate($table) . ';');
|
||||
$res = PMA_DBI_QUERY('SELECT `Column_name`, `Column_priv` FROM `columns_priv` WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($hostname, 'quoted') . ' AND ' . PMA_convert_using('Db') . ' = ' . PMA_convert_using($db, 'quoted') . ' AND ' . PMA_convert_using('Table_name') . ' = ' . PMA_convert_using($table, 'quoted') . ';');
|
||||
|
||||
while ($row1 = PMA_DBI_fetch_row($res)) {
|
||||
$row1[1] = explode(',', $row1[1]);
|
||||
foreach ($row1[1] as $current) {
|
||||
@@ -543,7 +544,7 @@ function PMA_displayLoginInformationFields($mode = 'new', $indent = 0)
|
||||
* Changes / copies a user, part I
|
||||
*/
|
||||
if (!empty($change_copy)) {
|
||||
$user_host_condition = ' WHERE `User` = ' . PMA_charsetIntroducerCollate(PMA_sqlAddslashes($old_username)) . ' AND `Host` = ' . PMA_charsetIntroducerCollate($old_hostname) . ';';
|
||||
$user_host_condition = ' WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($old_username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($old_hostname, 'quoted') . ';';
|
||||
$res = PMA_DBI_query('SELECT * FROM `mysql`.`user` ' . $user_host_condition);
|
||||
if (!$res) {
|
||||
$message = $strNoUsersFound;
|
||||
@@ -591,7 +592,7 @@ if (!empty($adduser_submit) || !empty($change_copy)) {
|
||||
unset($row);
|
||||
break;
|
||||
}
|
||||
$res = PMA_DBI_query('SELECT "foo" FROM `user` WHERE `User` = ' . PMA_charsetIntroducerCollate(PMA_sqlAddslashes($username)) . ' AND `Host` = ' . PMA_charsetIntroducerCollate($hostname) . ';');
|
||||
$res = PMA_DBI_query('SELECT "foo" FROM `user` WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($hostname, 'quoted') . ';');
|
||||
if (PMA_DBI_affected_rows() == 1) {
|
||||
PMA_DBI_free_result($res);
|
||||
$message = sprintf($strUserAlreadyExists, '<i>\'' . $username . '\'@\'' . $hostname . '\'</i>');
|
||||
@@ -656,16 +657,16 @@ if (!empty($adduser_submit) || !empty($change_copy)) {
|
||||
* Changes / copies a user, part III
|
||||
*/
|
||||
if (!empty($change_copy)) {
|
||||
$user_host_condition = ' WHERE `User` = ' . PMA_charsetIntroducerCollate(PMA_sqlAddslashes($old_username)) . ' AND `Host` = ' . PMA_charsetIntroducerCollate($old_hostname) . ';';
|
||||
$user_host_condition = ' WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($old_username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($old_hostname, 'quoted') . ';';
|
||||
$res = PMA_DBI_query('SELECT * FROM `mysql`.`db`' . $user_host_condition );
|
||||
while ($row = PMA_DBI_fetch_assoc($res)) {
|
||||
$queries[] = 'GRANT ' . join(', ', PMA_extractPrivInfo($row)) . ' ON `' . $row['Db'] . '`.* TO "' . PMA_sqlAddslashes($username) . '"@"' . $hostname . '"' . ($row['Grant_priv'] == 'Y' ? ' WITH GRANT OPTION' : '') . ';';
|
||||
}
|
||||
PMA_DBI_free_result($res);
|
||||
$res = PMA_DBI_query('SELECT `Db`, `Table_name`, `Table_priv` FROM `mysql`.`tables_priv`' . $user_host_condition, $userlink);
|
||||
$res = PMA_DBI_query('SELECT `Db`, `Table_name`, `Table_priv` FROM `mysql`.`tables_priv`' . $user_host_condition, $userlink, PMA_DBI_QUERY_STORE);
|
||||
while ($row = PMA_DBI_fetch_assoc($res)) {
|
||||
|
||||
$res2 = PMA_DBI_QUERY('SELECT `Column_name`, `Column_priv` FROM `mysql`.`columns_priv` WHERE `User` = ' . PMA_charsetIntroducerCollate(PMA_sqlAddslashes($old_username)) . ' AND `Host` = ' . PMA_charsetIntroducerCollate($old_hostname) . ' AND `Db` =' . PMA_charsetIntroducerCollate($row['Db']) . ' AND `Table_name` = ' . PMA_charsetIntroducerCollate($row['Table_name']) . ';');
|
||||
$res2 = PMA_DBI_QUERY('SELECT `Column_name`, `Column_priv` FROM `mysql`.`columns_priv` WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($old_username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($old_hostname, 'quoted') . ' AND ' . PMA_convert_using('Db') . ' = ' . PMA_convert_using($row['Db'], 'quoted') . ' AND ' . PMA_convert_using('Table_name') . ' = ' . PMA_convert_using($row['Table_name'], 'quoted') . ';', NULL, PMA_DBI_QUERY_STORE);
|
||||
|
||||
$tmp_privs1 = PMA_extractPrivInfo($row);
|
||||
$tmp_privs2 = array(
|
||||
@@ -831,11 +832,11 @@ if (!empty($delete) || (!empty($change_copy) && $mode < 4)) {
|
||||
}
|
||||
unset($res);
|
||||
}
|
||||
$queries[] = 'DELETE FROM `user` WHERE `User` = ' . PMA_charsetIntroducerCollate(PMA_sqlAddslashes($this_user)) . ' AND `Host` = ' . PMA_charsetIntroducerCollate($this_host) . ';';
|
||||
$queries[] = 'DELETE FROM `user` WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($this_user), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($this_host, 'quoted') . ';';
|
||||
if ($mode != 2) {
|
||||
// If we REVOKE the table grants, we should not need to modify the
|
||||
// `db`, `tables_priv` and `columns_priv` tables manually...
|
||||
$user_host_condition = ' WHERE `User` = ' . PMA_charsetIntroducerCollate(PMA_sqlAddslashes($this_user)) . ' AND `Host` = ' . PMA_charsetIntroducerCollate($this_host) . ';';
|
||||
$user_host_condition = ' WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($this_user), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($this_host, 'quoted') . ';';
|
||||
$queries[] = 'DELETE FROM `db`' . $user_host_condition;
|
||||
$queries[] = 'DELETE FROM `tables_priv`' . $user_host_condition;
|
||||
$queries[] = 'DELETE FROM `columns_priv`' . $user_host_condition;
|
||||
@@ -1043,7 +1044,7 @@ if (empty($adduser) && empty($checkprivs)) {
|
||||
}
|
||||
}
|
||||
echo '</h2>' . "\n";
|
||||
$res = PMA_DBI_query('SELECT "foo" FROM `user` WHERE `User` = ' . PMA_charsetIntroducerCollate(PMA_sqlAddslashes($username)) . ' AND `Host` = ' . PMA_charsetIntroducerCollate($hostname) . ';');
|
||||
$res = PMA_DBI_query('SELECT "foo" FROM `user` WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($hostname, 'quoted') . ';');
|
||||
if (PMA_DBI_affected_rows($userlink) < 1) {
|
||||
echo $strUserNotFound;
|
||||
require_once('./footer.inc.php');
|
||||
@@ -1077,11 +1078,11 @@ if (empty($adduser) && empty($checkprivs)) {
|
||||
. ' <th> ' . (empty($dbname) ? $strTblPrivileges : $strColumnPrivileges) . ' </th>' . "\n"
|
||||
. ' <th colspan="2"> ' . $strAction . ' </th>' . "\n"
|
||||
. ' </tr>' . "\n";
|
||||
$user_host_condition = ' WHERE `User` = ' . PMA_charsetIntroducerCollate(PMA_sqlAddslashes($username)) . ' AND `Host` = ' . PMA_charsetIntroducerCollate($hostname);
|
||||
$user_host_condition = ' WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($hostname, 'quoted');
|
||||
if (empty($dbname)) {
|
||||
$sql_query = 'SELECT * FROM `db`' . $user_host_condition . ' ORDER BY `Db` ASC;';
|
||||
} else {
|
||||
$sql_query = 'SELECT `Table_name`, `Table_priv`, IF(`Column_priv` = ' . (PMA_MYSQL_INT_VERSION >= 40100 ? '_latin1 ' : '') . ' "", 0, 1) AS "Column_priv" FROM `tables_priv`' . $user_host_condition . ' AND `Db` = ' . PMA_charsetIntroducerCollate($dbname) . ' ORDER BY `Table_name` ASC;';
|
||||
$sql_query = 'SELECT `Table_name`, `Table_priv`, IF(`Column_priv` = ' . (PMA_MYSQL_INT_VERSION >= 40100 ? '_latin1 ' : '') . ' "", 0, 1) AS "Column_priv" FROM `tables_priv`' . $user_host_condition . ' AND ' . PMA_convert_using('Db') . ' = ' . PMA_convert_using($dbname, 'quoted') . ' ORDER BY `Table_name` ASC;';
|
||||
}
|
||||
$res = PMA_DBI_query($sql_query, NULL, PMA_DBI_QUERY_STORE);
|
||||
if (PMA_DBI_affected_rows() == 0) {
|
||||
|
||||
Reference in New Issue
Block a user