taken into account wildcards in the databases names get from the "mysql.db" table before displaying the db name in the "create db" box
This commit is contained in:
Loïc Chapeaux
10
ChangeLog
10
ChangeLog
@@ -5,9 +5,15 @@ phpMyAdmin - Changelog
|
|||||||
$Id$
|
$Id$
|
||||||
$Source$
|
$Source$
|
||||||
|
|
||||||
|
2001-10-24 Lo<4C>c Chapeaux <lolo@phpheaven.net>
|
||||||
|
* main.php3:
|
||||||
|
- taken into account wildcards in the databases names get from the
|
||||||
|
"mysql.db" table;
|
||||||
|
- get all privilege at the begenning of the script.
|
||||||
|
|
||||||
2001-10-24 Marc Delisle <lem9@users.sourceforge.net>
|
2001-10-24 Marc Delisle <lem9@users.sourceforge.net>
|
||||||
* main.php3 (for Lo<4C>c): a non-empty only_db was removing the
|
* main.php3 (for Lo<4C>c): a non-empty only_db was removing the MySQL links on
|
||||||
MySQL links on the main page
|
the main page.
|
||||||
|
|
||||||
2001-10-23 Robin Johnson <robbat2@users.sourceforge.net>
|
2001-10-23 Robin Johnson <robbat2@users.sourceforge.net>
|
||||||
* Documentation.html: Redid documentation of advanced authentication mode.
|
* Documentation.html: Redid documentation of advanced authentication mode.
|
||||||
|
|||||||
89
main.php3
89
main.php3
@@ -154,41 +154,51 @@ if ($server > 0)
|
|||||||
|
|
||||||
$common_url_query = 'lang=' . $lang . '&server=' . $server;
|
$common_url_query = 'lang=' . $lang . '&server=' . $server;
|
||||||
|
|
||||||
// Get user's rights ($dbh and $userlink are links to MySQL defined in the
|
// Get user's global privileges ($dbh and $userlink are links to MySQL
|
||||||
// "common.lib.php3" library
|
// defined in the "common.lib.php3" library)
|
||||||
$create = FALSE;
|
$is_create_priv = FALSE;
|
||||||
|
$is_process_priv = FALSE;
|
||||||
|
$is_reload_priv = FALSE;
|
||||||
|
$is_superuser = @mysql_query('USE mysql', $userlink);
|
||||||
if ($dbh) {
|
if ($dbh) {
|
||||||
// Does user have global Create priv?
|
$local_query = 'SELECT * FROM mysql.user WHERE User = \'' . sql_addslashes($cfgServer['user']) . '\'';
|
||||||
$local_query = 'SELECT * FROM mysql.user WHERE User = \'' . sql_addslashes($cfgServer['user']) . '\'';
|
$rs_usr = mysql_query($local_query, $dbh); // Debug: or mysql_die('', $local_query, FALSE);
|
||||||
$rs_usr = mysql_query($local_query, $dbh);
|
|
||||||
if ($rs_usr) {
|
if ($rs_usr) {
|
||||||
$result_usr = mysql_fetch_array($rs_usr);
|
$result_usr = mysql_fetch_array($rs_usr);
|
||||||
$create = ($result_usr['Create_priv'] == 'Y');
|
$is_create_priv = ($result_usr['Create_priv'] == 'Y');
|
||||||
$db_to_create = '';
|
$is_process_priv = ($result_usr['Process_priv'] == 'Y');
|
||||||
}
|
$is_reload_priv = ($result_usr['Reload_priv'] == 'Y');
|
||||||
|
mysql_free_result($rs_usr);
|
||||||
// Does user have Create priv on a inexistant db?
|
|
||||||
// if yes, show him in the dialog the first inexistant db name that we
|
|
||||||
// find, in most cases it's probably the one he just dropped :)
|
|
||||||
// (Note: we only get here after a browser reload, I don't know why)
|
|
||||||
if (!$create) {
|
|
||||||
$local_query = 'SELECT Db FROM mysql.db WHERE User = \'' . sql_addslashes($cfgServer['user']) . '\'';
|
|
||||||
$rs_usr = mysql_query($local_query, $dbh);
|
|
||||||
if ($rs_usr) {
|
|
||||||
while ($row = mysql_fetch_array($rs_usr)) {
|
|
||||||
if (!mysql_select_db($row['Db'], $userlink)) {
|
|
||||||
$db_to_create = $row['Db'];
|
|
||||||
$create = TRUE;
|
|
||||||
break;
|
|
||||||
} // end if
|
|
||||||
} // end while
|
|
||||||
mysql_free_result($rs_usr);
|
|
||||||
} // end if
|
|
||||||
} // end if
|
} // end if
|
||||||
} // end get user privileges
|
} // end if
|
||||||
|
|
||||||
|
// If the user has Create priv on a inexistant db, show him in the dialog
|
||||||
|
// the first inexistant db name that we find, in most cases it's probably
|
||||||
|
// the one he just dropped :)
|
||||||
|
// (Note: we only get here after a browser reload, I don't know why)
|
||||||
|
if (!$is_create_priv) {
|
||||||
|
$local_query = 'SELECT DISTINCT Db FROM mysql.db WHERE Create_priv = \'Y\' AND (User = \'' . sql_addslashes($cfgServer['user']) . '\' OR User = \'\')';
|
||||||
|
$rs_usr = mysql_query($local_query, $dbh); // Debug: or mysql_die('', $local_query, FALSE);
|
||||||
|
if (@mysql_numrows($rs_usr) > 0) {
|
||||||
|
while ($row = mysql_fetch_array($rs_usr)) {
|
||||||
|
if (!mysql_select_db($row['Db'], $dbh)) {
|
||||||
|
$re = '(^|(\\\\\\\\)+|[^\])';
|
||||||
|
$row['Db'] = ereg_replace($re . '%', '\\1...', ereg_replace($re . '_', '\\1?', $row['Db']));
|
||||||
|
$db_to_create = $row['Db'];
|
||||||
|
$is_create_priv = TRUE;
|
||||||
|
break;
|
||||||
|
} // end if
|
||||||
|
} // end while
|
||||||
|
mysql_free_result($rs_usr);
|
||||||
|
} // end if
|
||||||
|
} // end if
|
||||||
|
else {
|
||||||
|
$db_to_create = '';
|
||||||
|
} // end else
|
||||||
|
|
||||||
|
|
||||||
// The user is allowed to create a db
|
// The user is allowed to create a db
|
||||||
if ($create) {
|
if ($is_create_priv) {
|
||||||
echo "\n";
|
echo "\n";
|
||||||
?>
|
?>
|
||||||
<!-- db creation form -->
|
<!-- db creation form -->
|
||||||
@@ -206,8 +216,8 @@ if ($server > 0)
|
|||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
<?php
|
<?php
|
||||||
echo "\n";
|
|
||||||
} // end create db form
|
} // end create db form
|
||||||
|
echo "\n";
|
||||||
|
|
||||||
// Server related links
|
// Server related links
|
||||||
?>
|
?>
|
||||||
@@ -231,7 +241,7 @@ if ($server > 0)
|
|||||||
<?php
|
<?php
|
||||||
echo "\n";
|
echo "\n";
|
||||||
|
|
||||||
if (isset($result_usr) && $result_usr['Process_priv'] == 'Y') {
|
if ($is_process_priv) {
|
||||||
?>
|
?>
|
||||||
<tr>
|
<tr>
|
||||||
<td valign="baseline"><img src="images/item.gif" width="7" height="7" alt="item" /></td>
|
<td valign="baseline"><img src="images/item.gif" width="7" height="7" alt="item" /></td>
|
||||||
@@ -242,10 +252,10 @@ if ($server > 0)
|
|||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
<?php
|
<?php
|
||||||
echo "\n";
|
|
||||||
}
|
}
|
||||||
|
echo "\n";
|
||||||
|
|
||||||
if (isset($result_usr) && $result_usr['Reload_priv'] == 'Y') {
|
if ($is_reload_priv) {
|
||||||
?>
|
?>
|
||||||
<tr>
|
<tr>
|
||||||
<td valign="baseline"><img src="images/item.gif" width="7" height="7" alt="item" /></td>
|
<td valign="baseline"><img src="images/item.gif" width="7" height="7" alt="item" /></td>
|
||||||
@@ -256,11 +266,10 @@ if ($server > 0)
|
|||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
<?php
|
<?php
|
||||||
echo "\n";
|
|
||||||
}
|
}
|
||||||
|
echo "\n";
|
||||||
|
|
||||||
$result = @mysql_query('USE mysql', $userlink);
|
if ($is_superuser) {
|
||||||
if (!mysql_error()) {
|
|
||||||
?>
|
?>
|
||||||
<tr>
|
<tr>
|
||||||
<td valign="baseline"><img src="images/item.gif" width="7" height="7" alt="item" /></td>
|
<td valign="baseline"><img src="images/item.gif" width="7" height="7" alt="item" /></td>
|
||||||
@@ -286,7 +295,7 @@ if ($server > 0)
|
|||||||
}
|
}
|
||||||
echo "\n";
|
echo "\n";
|
||||||
|
|
||||||
// With advanced authentication -> logout
|
// Logout for advanced authentication
|
||||||
if ($cfgServer['adv_auth'])
|
if ($cfgServer['adv_auth'])
|
||||||
{
|
{
|
||||||
?>
|
?>
|
||||||
@@ -299,16 +308,16 @@ if ($server > 0)
|
|||||||
</td>
|
</td>
|
||||||
</tr>
|
</tr>
|
||||||
<?php
|
<?php
|
||||||
echo "\n";
|
|
||||||
} // end if
|
} // end if
|
||||||
|
echo "\n";
|
||||||
?>
|
?>
|
||||||
</table>
|
</table>
|
||||||
</td>
|
</td>
|
||||||
|
|
||||||
<td> </td>
|
<td> </td>
|
||||||
<?php
|
<?php
|
||||||
echo "\n";
|
|
||||||
} // end of if ($server > 0)
|
} // end of if ($server > 0)
|
||||||
|
echo "\n";
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|||||||
Reference in New Issue
Block a user