nettika/phpmyadmin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'QA_3_3'

Browse Source 
Conflicts:
	libraries/core.lib.php
	server_databases.php
	server_privileges.php
This commit is contained in:
Michal Čihař
2010-08-20 13:40:37 +02:00
parent 7b1c0187cf 41145feb12
commit 862e3ca2a7
16 changed files with 84 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

30
server_privileges.php
View File

@@ -1182,7 +1182,7 @@ if (!empty($update_privs)) {
}
$sql_query = $sql_query0 . ' ' . $sql_query1 . ' ' . $sql_query2;
$message = PMA_Message::success(__('You have updated the privileges for %s.'));
$message->addParam('\'' . $username . '\'@\'' . $hostname . '\'');
$message->addParam('\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'');
}
@@ -1206,7 +1206,7 @@ if (isset($_REQUEST['revokeall'])) {
}
$sql_query = $sql_query0 . ' ' . $sql_query1;
$message = PMA_Message::success(__('You have revoked the privileges for %s'));
$message->addParam('\'' . $username . '\'@\'' . $hostname . '\'');
$message->addParam('\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'');
if (! isset($tablename)) {
unset($dbname);
} else {
@@ -1242,7 +1242,7 @@ if (isset($_REQUEST['change_pw'])) {
PMA_DBI_try_query($local_query)
or PMA_mysqlDie(PMA_DBI_getError(), $sql_query, FALSE, $err_url);
$message = PMA_Message::success(__('The password for %s was changed successfully.'));
$message->addParam('\'' . $username . '\'@\'' . $hostname . '\'');
$message->addParam('\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'');
}
}
@@ -1647,8 +1647,8 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
if (isset($dbname)) {
echo ' <i><a href="server_privileges.php?'
. $GLOBALS['url_query'] . '&amp;username=' . urlencode($username)
. '&amp;hostname=' . urlencode($hostname) . '&amp;dbname=&amp;tablename=">\''
. $GLOBALS['url_query'] . '&amp;username=' . htmlspecialchars(urlencode($username))
. '&amp;hostname=' . htmlspecialchars(urlencode($hostname)) . '&amp;dbname=&amp;tablename=">\''
. htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname)
. '\'</a></i>' . "\n";
$url_dbname = urlencode(str_replace(array('\_', '\%'), array('_', '%'), $dbname));
@@ -1656,8 +1656,8 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
echo ' - ' . ($dbname_is_wildcard ? __('Databases') : __('Database') );
if (isset($tablename)) {
echo ' <i><a href="server_privileges.php?' . $GLOBALS['url_query']
. '&amp;username=' . urlencode($username) . '&amp;hostname=' . urlencode($hostname)
. '&amp;dbname=' . $url_dbname . '&amp;tablename=">' . htmlspecialchars($dbname) . '</a></i>';
. '&amp;username=' . htmlspecialchars(urlencode($username)) . '&amp;hostname=' . htmlspecialchars(urlencode($hostname))
. '&amp;dbname=' . htmlspecialchars($url_dbname) . '&amp;tablename=">' . htmlspecialchars($dbname) . '</a></i>';
echo ' - ' . __('Table') . ' <i>' . htmlspecialchars($tablename) . '</i>';
} else {
echo ' <i>' . htmlspecialchars($dbname) . '</i>';
@@ -1891,16 +1891,16 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
}
echo '</td>' . "\n"
. ' <td>';
printf($link_edit, urlencode($username),
urlencode($hostname),
urlencode((! isset($dbname)) ? $row['Db'] : $dbname),
printf($link_edit, htmlspecialchars(urlencode($username)),
urlencode(htmlspecialchars($hostname)),
urlencode((! isset($dbname)) ? $row['Db'] : htmlspecialchars($dbname)),
urlencode((! isset($dbname)) ? '' : $row['Table_name']));
echo '</td>' . "\n"
. ' <td>';
if (! empty($row['can_delete']) || isset($row['Table_name']) && strlen($row['Table_name'])) {
printf($link_revoke, urlencode($username),
urlencode($hostname),
urlencode((! isset($dbname)) ? $row['Db'] : $dbname),
printf($link_revoke, htmlspecialchars(urlencode($username)),
urlencode(htmlspecialchars($hostname)),
urlencode((! isset($dbname)) ? $row['Db'] : htmlspecialchars($dbname)),
urlencode((! isset($dbname)) ? '' : $row['Table_name']));
}
echo '</td>' . "\n"
@@ -1980,7 +1980,7 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
if (isset($tablename)) {
echo ' [ ' . __('Table') . ' <a href="'
. $GLOBALS['cfg']['DefaultTabTable'] . '?' . $GLOBALS['url_query']
. '&amp;db=' . $url_dbname . '&amp;table=' . urlencode($tablename)
. '&amp;db=' . $url_dbname . '&amp;table=' . htmlspecialchars(urlencode($tablename))
. '&amp;reload=1">' . htmlspecialchars($tablename) . ': '
. PMA_getTitleForTarget($GLOBALS['cfg']['DefaultTabTable'])
. "</a> ]\n";
@@ -2207,7 +2207,7 @@ if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs
// Offer to create a new user for the current database
echo '<fieldset id="fieldset_add_user">' . "\n"
. ' <a href="server_privileges.php?' . $GLOBALS['url_query'] . '&amp;adduser=1&amp;dbname=' . $checkprivs .'">' . "\n"
. ' <a href="server_privileges.php?' . $GLOBALS['url_query'] . '&amp;adduser=1&amp;dbname=' . htmlspecialchars($checkprivs) .'">' . "\n"
. PMA_getIcon('b_usradd.png')
. ' ' . __('Add a new User') . '</a>' . "\n"
. '</fieldset>' . "\n";