A user could not edit his own global privileges.
This commit is contained in:
@@ -5,6 +5,9 @@ phpMyAdmin - Changelog
|
||||
$Id$
|
||||
$Source$
|
||||
|
||||
2003-07-27 Alexander M. Turek <rabus@users.sourceforge.net>
|
||||
* server_privileges.php3: A user could not edit his own global privileges.
|
||||
|
||||
2003-07-25 Garvin Hicking <me@supergarv.de>
|
||||
* Documentation.html: Updated my E-Mail, added latest credits-items
|
||||
* images/*, config.inc.php3, db_details_structure.php3,
|
||||
@@ -12,7 +15,7 @@ $Source$
|
||||
libraries/display_tbl.lib.php3, Documentation.html,
|
||||
left.php3:
|
||||
Even more new images on more places: DB properties, Table
|
||||
properties, Table Display (LinkOrButton unified as well),
|
||||
properties, Table Display (LinkOrButton unified as well),
|
||||
Left frame.
|
||||
Multi-column mode also works for MySQL < 3.23.03 (does anybody even
|
||||
care?)
|
||||
@@ -20,7 +23,7 @@ $Source$
|
||||
2003-07-25 Marc Delisle <lem9@users.sourceforge.net>
|
||||
* header.inc.php3: XHTML compatibility
|
||||
* libraries/sqlparser.lib.php3, /relation.lib.php3: bug 776789,
|
||||
unable to insert record with FK in another db
|
||||
unable to insert record with FK in another db
|
||||
|
||||
2003-07-24 Garvin Hicking <me@supergarv.de>
|
||||
* libraries/sqlparser.lib.php3 - Confirmation is also needed on
|
||||
|
@@ -738,7 +738,9 @@ if (!empty($update_privs)) {
|
||||
if (PMA_MYSQL_INT_VERSION >= 32211) {
|
||||
$db_and_table = empty($dbname) ? '*.*' : PMA_backquote($dbname) . '.' . (empty($tablename) ? '*' : PMA_backquote($tablename));
|
||||
$sql_query0 = 'REVOKE ALL PRIVILEGES ON ' . $db_and_table . ' FROM "' . PMA_sqlAddslashes($username) . '"@"' . $hostname . '";';
|
||||
$sql_query1 = 'REVOKE GRANT OPTION ON ' . $db_and_table . ' FROM "' . PMA_sqlAddslashes($username) . '"@"' . $hostname . '";';
|
||||
if (!isset($Grant_priv) || $Grant_priv != 'Y') {
|
||||
$sql_query1 = 'REVOKE GRANT OPTION ON ' . $db_and_table . ' FROM "' . PMA_sqlAddslashes($username) . '"@"' . $hostname . '";';
|
||||
}
|
||||
$sql_query2 = 'GRANT ' . join(', ', PMA_extractPrivInfo()) . ' ON ' . $db_and_table . ' TO "' . PMA_sqlAddslashes($username) . '"@"' . $hostname . '"';
|
||||
if ((isset($Grant_priv) && $Grant_priv == 'Y') || (empty($dbname) && (isset($max_questions) || isset($max_connections) || isset($max_updates)))) {
|
||||
$sql_query2 .= 'WITH';
|
||||
@@ -757,9 +759,11 @@ if (!empty($update_privs)) {
|
||||
}
|
||||
$sql_query2 .= ';';
|
||||
PMA_mysql_query($sql_query0, $userlink); // this query may fail, but this does not matter :o)
|
||||
PMA_mysql_query($sql_query1, $userlink); // this one may fail, too...
|
||||
if (isset($sql_query1)) {
|
||||
PMA_mysql_query($sql_query1, $userlink); // this one may fail, too...
|
||||
}
|
||||
PMA_mysql_query($sql_query2, $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), $sql_query2);
|
||||
$sql_query = $sql_query0 . ' ' . $sql_query1 . ' ' . $sql_query2;
|
||||
$sql_query = $sql_query0 . ' ' . (isset($sql_query1) ? $sql_query1 . ' ' : '') . $sql_query2;
|
||||
$message = sprintf($strUpdatePrivMessage, '\'' . $username . '\'@\'' . $hostname . '\'');
|
||||
} else {
|
||||
$sql_query = 'SHOW COLUMNS FROM `user`;';
|
||||
|
Reference in New Issue
Block a user