Check the privileges of the anonymous user, too.
This commit is contained in:
@@ -11,6 +11,7 @@ $Source$
|
||||
* tbl_create.php: Use default tab.
|
||||
* tbl_properties.inc.php: Don't offer the BINARY field attribute in
|
||||
MySQL 4.1.
|
||||
* main.php: Check the privileges of the anonymous user, too.
|
||||
|
||||
2004-09-05 Michal Čihař <michal@cihar.com>
|
||||
* Documentation.html: Add information about theme versions and names.
|
||||
|
4
main.php
4
main.php
@@ -182,7 +182,7 @@ if ($server > 0) {
|
||||
// (even if they cannot see the tables)
|
||||
$is_superuser = PMA_DBI_try_query('SELECT COUNT(*) FROM mysql.user', $userlink, PMA_DBI_QUERY_STORE);
|
||||
if ($dbh) {
|
||||
$local_query = 'SELECT Create_priv, Reload_priv FROM mysql.user WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($mysql_cur_user), 'quoted') . ';';
|
||||
$local_query = 'SELECT Create_priv, Reload_priv FROM mysql.user WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($mysql_cur_user), 'quoted') . ' OR ' . PMA_convert_using('User') . ' = ' . PMA_convert_using('', 'quoted') . ';';
|
||||
$rs_usr = PMA_DBI_try_query($local_query, $dbh); // Debug: or PMA_mysqlDie('', $local_query, FALSE);
|
||||
if ($rs_usr) {
|
||||
while ($result_usr = PMA_DBI_fetch_assoc($rs_usr)) {
|
||||
@@ -201,7 +201,7 @@ if ($server > 0) {
|
||||
// the first inexistant db name that we find, in most cases it's probably
|
||||
// the one he just dropped :)
|
||||
if (!$is_create_priv) {
|
||||
$local_query = 'SELECT DISTINCT Db FROM mysql.db WHERE ' . PMA_convert_using('Create_priv') . ' = ' . PMA_convert_using('Y', 'quoted') . ' AND ' . PMA_convert_using('User') . ' = ' .PMA_convert_using(PMA_sqlAddslashes($mysql_cur_user), 'quoted') . ';';
|
||||
$local_query = 'SELECT DISTINCT Db FROM mysql.db WHERE ' . PMA_convert_using('Create_priv') . ' = ' . PMA_convert_using('Y', 'quoted') . ' AND (' . PMA_convert_using('User') . ' = ' .PMA_convert_using(PMA_sqlAddslashes($mysql_cur_user), 'quoted') . ' OR ' . PMA_convert_using('User') . ' = ' . PMA_convert_using('', 'quoted') . ');';
|
||||
$rs_usr = PMA_DBI_try_query($local_query, $dbh, PMA_DBI_QUERY_STORE);
|
||||
if ($rs_usr) {
|
||||
$re0 = '(^|(\\\\\\\\)+|[^\])'; // non-escaped wildcards
|
||||
|
Reference in New Issue
Block a user