' . $GLOBALS['strAction'] . '' . "\n"; echo ' ' . "\n"; echo ' '; } else { echo "\n"; echo ' '; } echo "\n"; echo ' ' . "\n"; echo ' ' . "\n"; echo ' ' . "\n"; if (!$dbcheck) { echo ' ' . "\n"; } ?> ' . $row['user'] . '@' . $row['host'] . '') . '&goto=user_details.php3'; if ($grantopt) { $revoke_grant_url = 'sql.php3' . '?' . $url_query . '&sql_query=' . urlencode('REVOKE GRANT OPTION ON ' . backquote($db) . '.' . backquote($table) . ' FROM \'' . $row['user'] . '\'@\'' . $row['host'] . '\'') . '&zero_rows=' . urlencode($GLOBALS['strRevokeGrantMessage'] . ' ' . $row['user'] . '@' . $row['host'] . '') . '&goto=user_details.php3'; } ?> > > 0 } // end while $row ?>

' . $GLOBALS['strHost'] . '	' . $GLOBALS['strUser'] . '	' . $GLOBALS['strAction'] . '		' . $GLOBALS['strDatabase'] . '	' . UCFirst($GLOBALS['strTable']) . '	' . $GLOBALS['strPrivileges'] . '	Grant Option
			' . $GLOBALS['strAny'] . ''; ?>	' . $GLOBALS['strAll'] . '' : $db; ?>	' . $GLOBALS['strAll'] . '' : $table; ?>	' . $GLOBALS['strNoPrivileges'] . ''; ?>

' . "\n"; } else { echo ' ' . "\n"; } echo ' ' . "\n"; echo ' ' . "\n"; if ($item % 2 == 0) { echo ' ' . "\n"; } } // end while if ($item % 2 == 1) { echo ' ' . "\n"; } // end if ?>

	' . "\n"; echo ' ' . "\n"; echo '	' . $priv . '
		' . "\n"; echo '

	:
	:
	:	:
:

" /> " />

/>		/> :
/>		/> :
		:

/>	/> :	" onchange="this.form.anyhost[1].checked = true" />
/>	/> :	" onchange="this.form.anyuser[1].checked = true" />


	:	:

" /> " />

" /> " />

' . $GLOBALS['strEnglishPrivileges'] . '
' . "\n"; echo '' . "\n"; echo '' . "\n"; echo ' ' . "\n"; echo ' ' . "\n"; echo ' ' . "\n"; echo ' ' . "\n"; echo ' ' . "\n"; echo '' . "\n"; $i = 0; while ($row = mysql_fetch_array($result)) { $bgcolor = ($i % 2) ? $GLOBALS['cfgBgcolorOne'] : $GLOBALS['cfgBgcolorTwo']; $strPriv = ''; if ($row['Select_priv'] == 'Y') { $strPriv .= 'Select '; } if ($row['Insert_priv'] == 'Y') { $strPriv .= 'Insert '; } if ($row['Update_priv'] == 'Y') { $strPriv .= 'Update '; } if ($row['Delete_priv'] == 'Y') { $strPriv .= 'Delete '; } if ($row['Create_priv'] == 'Y') { $strPriv .= 'Create '; } if ($row['Drop_priv'] == 'Y') { $strPriv .= 'Drop '; } if ($row['Reload_priv'] == 'Y') { $strPriv .= 'Reload '; } if ($row['Shutdown_priv'] == 'Y') { $strPriv .= 'Shutdown '; } if ($row['Process_priv'] == 'Y') { $strPriv .= 'Process '; } if ($row['File_priv'] == 'Y') { $strPriv .= 'File '; } if ($row['Grant_priv'] == 'Y') { $strPriv .= 'Grant '; } if ($row['References_priv'] == 'Y') { $strPriv .= 'References '; } if ($row['Index_priv'] == 'Y') { $strPriv .= 'Index '; } if ($row['Alter_priv'] == 'Y') { $strPriv .= 'Alter '; } if ($strPriv == '') { $strPriv = '' . $GLOBALS['strNoPrivileges'] . ''; } $query = 'lang=' . $lang . '&server=' . $server . '&db=mysql&table=user'; if (!$user) { $edit_url = 'user_details.php3' . '?lang=' . $lang . '&server=' . $server . '&edit=1&host=' . urlencode($row['Host']) . '&pma_user=' . urlencode($row['User']); } $delete_url = 'user_details.php3' . '?' . $query . '&delete=1&confirm=1&delete_host=' . urlencode($row['Host']) . '&delete_user=' . urlencode($row['User']); $check_url = 'user_details.php3' . '?lang=' . $lang . '&server=' . $server . '&grants=1&host=' . urlencode($row['Host']) . '&pma_user=' . urlencode($row['User']); // $check_result = mysql_query('SHOW GRANTS FOR \'' . $row['User'] . '\'@\'' . $row['Host'] . '\''); // if (@mysql_num_rows($check_result) == 0) { // $check_url = ''; // } ?>

' . $GLOBALS['strAction'] . '	' . $GLOBALS['strHost'] . '	' . $GLOBALS['strUser'] . '	' . $GLOBALS['strPassword'] . '	' . $GLOBALS['strPrivileges'] . '
				' . $row['User'] . '' : '' . $GLOBALS['strAny'] . '') . "\n"; ?>	' . $GLOBALS['strNo'] . '') . "\n"; ?>

' . "\n"; echo 'DELETE FROM mysql.user WHERE host = \'' . $the_host . '\' AND user = \'' . $the_user . '\'' . '
' . "\n"; ?> ' . "\n"; echo ' ' . (empty($host) ? $strAnyHost : $strHost . ' ' . $host) . ' - ' . (empty($pma_user) ? $strAnyUser : $strUser . ' ' . $pma_user) . "\n"; echo ''; } if (isset($db_bkp)) { $db = $db_bkp; unset($db_bkp); } if (isset($table_bkp)) { $table = $table_bkp; unset($table_bkp); } /** * Some actions has been submitted */ // Confirms an action if (isset($confirm) && $confirm) { confirm($delete_host, $delete_user); exit(); } // Reloads mysql else if (($server > 0) && isset($mode) && ($mode == 'reload')) { $result = mysql_query('FLUSH PRIVILEGES'); if ($result != 0) { echo '

' . $strMySQLReloaded . '

' . "\n"; } else { echo '

' . $strReloadFailed . '

' . "\n"; } } // Deletes an user else if (isset($delete) && $delete && isset($btnConfirm) && $btnConfirm == $strYes) { if (get_magic_quotes_gpc()) { $delete_host = stripslashes($delete_host); $delete_user = stripslashes($delete_user); } $common_where = ' WHERE host = \'' . sql_addslashes($delete_host) . '\' AND user = \'' . sql_addslashes($delete_user) . '\''; // Delete Grants First! $sql_query = 'DELETE FROM mysql.db' . $common_where; $sql_query_cpy = $sql_query; mysql_query($sql_query); $sql_query = 'DELETE FROM mysql.tables_priv' . $common_where; $sql_query_cpy .= ";\n" . $sql_query; mysql_query($sql_query); $sql_query = 'DELETE FROM mysql.columns_priv' . $common_where; $sql_query_cpy .= ";\n" . $sql_query; mysql_query($sql_query); $sql_query = 'DELETE FROM mysql.user' . $common_where; $sql_query_cpy .= ";\n" . $sql_query; $result = mysql_query($sql_query); $sql_query = $sql_query_cpy; unset($sql_query_cpy); if ($result) { show_message(sprintf($strDeleteUserMessage, '' . $delete_user . '@' . $delete_host . '') . '
' . $strRememberReload); } else { show_message($strDeleteFailed); } } // Adds an user else if (isset($submit_addUser)) { $show_query = 'y'; if (empty($host)) { $host = '%'; } if (empty($pma_user)) { $pma_user = '%'; } // Password is not confirmed if ((!isset($nopass) || !$nopass) && empty($pma_pw)) { echo '

' . $strError . ' : ' . $strPasswordEmpty . '

' . "\n"; unset($host); unset($pma_user); } else if (!empty($pma_pw) && (!isset($pma_pw2) || $pma_pw != $pma_pw2)) { echo '

' . $strError . ' : ' . $strPasswordNotSame . '

' . "\n"; unset($host); unset($pma_user); } // Password confirmed else { $sql_query = ''; $list_priv = array('Select', 'Insert', 'Update', 'Delete', 'Create', 'Drop', 'Reload', 'Shutdown', 'Process', 'File', 'Grant', 'References', 'Index', 'Alter'); for ($i = 0; $i < 14; $i++) { $priv_name = $list_priv[$i] . '_priv'; if (isset($$priv_name)) { $sql_query .= (empty($sql_query) ? $priv_name : ', ' . $priv_name) . ' = \'Y\''; } else { $sql_query .= (empty($sql_query) ? $priv_name : ', ' . $priv_name) . ' = \'N\''; } } // end for unset($list_priv); $sql_query = 'INSERT INTO mysql.user ' . 'SET host = \'' . sql_addslashes($host) . '\', user = \'' . sql_addslashes($pma_user) . '\', password = ' . (empty($pma_pw) ? '\'\'' : 'PASSWORD(\'' . sql_addslashes($pma_pw) . '\')') . ', ' . $sql_query; $result = @mysql_query($sql_query) or mysql_die('', '', FALSE, $err_url); unset($host); unset($pma_user); show_message($strAddUserMessage . '
' . $strRememberReload); } // end else } // Updates the profile of an user else if (isset($submit_updProfile)) { $show_query = 'y'; $edit = TRUE; if (empty($host)) { $host = '%'; } if (empty($pma_user)) { $pma_user = '%'; } // Builds the sql query $common_upd = ''; if (isset($anyhost) && $anyhost) { $new_server = '%'; } else if (!empty($new_server) && get_magic_quotes_gpc()) { $new_server = stripslashes($new_server); } if (!empty($new_server) && $new_server != $host) { $common_upd .= 'host = \'' . sql_addslashes($new_server) . '\''; } else if (isset($new_server)) { unset($new_server); } if (isset($anyuser) && $anyuser) { $new_user = '%'; } else if (!empty($new_user) && get_magic_quotes_gpc()) { $new_user = stripslashes($new_user); } if (!empty($new_user) && $new_user != $pma_user) { $common_upd .= (empty($common_upd) ? '' : ', ') . 'user = \'' . sql_addslashes($new_user) . '\''; } else if (isset($new_user)) { unset($new_user); } if (isset($nopass) && $nopass == -1) { $sql_query = $common_upd; } else if ((!isset($nopass) || $nopass == 0) && empty($new_pw)) { echo '

' . "\n"; echo ' ' . $strHost . ' ' . $host . ' - ' . $strUser . ' ' . (($pma_user) ? $pma_user : $strAny) . "\n"; echo '

' . "\n"; echo '

' . $strError . ' : ' . $strPasswordEmpty . '

' . "\n"; } else if (!empty($new_pw) && (!isset($new_pw2) || $new_pw != $new_pw2)) { echo '

' . "\n"; echo ' ' . $strHost . ' ' . $host . ' - ' . $strUser . ' ' . (($pma_user) ? $pma_user : $strAny) . "\n"; echo '

' . "\n"; echo '

' . $strError . ' : ' . $strPasswordNotSame . '

' . "\n"; } else { $sql_query = (empty($common_upd) ? '' : $common_upd . ', ') . 'password = ' . (empty($new_pw) ? '\'\'' : 'PASSWORD(\'' . sql_addslashes($new_pw) . '\')'); } if (!empty($sql_query)) { $common_where = ' WHERE host = \'' . sql_addslashes($host) . '\' AND user = \'' . sql_addslashes($pma_user) . '\''; $sql_query_cpy = ''; // Updates profile $sql_query = 'UPDATE user SET ' . $sql_query . $common_where; $sql_query_cpy = $sql_query; $result = @mysql_query($sql_query) or mysql_die('', '', FALSE, $err_url . '&host=' . urlencode($host) . '&pma_user=' . urlencode($pma_user) . '&edit=1'); // Updates grants if (isset($new_server) || isset($new_user)) { $sql_query = 'UPDATE mysql.db SET ' . $common_upd . $common_where; $sql_query_cpy .= ";\n" . $sql_query; mysql_query($sql_query); $sql_query = 'UPDATE mysql.tables_priv SET ' . $common_upd . $common_where; $sql_query_cpy .= ";\n" . $sql_query; mysql_query($sql_query); $sql_query = 'UPDATE mysql.columns_priv SET ' . $common_upd . $common_where; $sql_query_cpy .= ";\n" . $sql_query; mysql_query($sql_query); unset($common_upd); } $sql_query = $sql_query_cpy; unset($sql_query_cpy); if (isset($new_server)) { $host = $new_server; } if (isset($new_user)) { $pma_user = $new_user; } echo '

' . "\n"; echo ' ' . $strHost . ' ' . $host . ' - ' . $strUser . ' ' . (($pma_user) ? $pma_user : $strAny) . "\n"; echo '

' . "\n"; show_message($strUpdateProfileMessage . '
' . $strRememberReload); } else { echo '

' . "\n"; echo ' ' . $strHost . ' ' . $host . ' - ' . $strUser . ' ' . (($pma_user) ? $pma_user : $strAny) . "\n"; echo '

' . "\n"; show_message($strNoModification); } } // Changes the privileges of an user else if (isset($submit_chgPriv)) { $show_query = 'y'; $edit = TRUE; if (empty($host)) { $host = '%'; } if (empty($pma_user)) { $pma_user = '%'; } $sql_query = ''; $list_priv = array('Select', 'Insert', 'Update', 'Delete', 'Create', 'Drop', 'Reload', 'Shutdown', 'Process', 'File', 'Grant', 'References', 'Index', 'Alter'); for ($i = 0; $i < 14; $i++) { $priv_name = $list_priv[$i] . '_priv'; if (isset($$priv_name)) { $sql_query .= (empty($sql_query) ? $priv_name : ', ' . $priv_name) . ' = \'Y\''; } else { $sql_query .= (empty($sql_query) ? $priv_name : ', ' . $priv_name) . ' = \'N\''; } } // end for unset($list_priv); $sql_query = 'UPDATE user SET ' . $sql_query . ' WHERE host = \'' . sql_addslashes($host) . '\' AND user = \'' . sql_addslashes($pma_user) . '\''; $result = @mysql_query($sql_query) or mysql_die('', '', FALSE, $err_url . '&host=' . urlencode($host) . '&pma_user=' . urlencode($pma_user) . '&edit=1'); show_message(sprintf($strUpdatePrivMessage, '' . $pma_user . '@' . $host . '') . '
' . $strRememberReload); } // Revoke/Grant privileges else if (isset($grants) && $grants) { $show_query = 'y'; if (empty($host)) { $host = '%'; } if (empty($pma_user)) { $pma_user = '%'; } if (isset($upd_grants)) { $sql_query = ''; $col_list = ''; if (isset($colgrant) && !$anycolumn) { $colgrant_cnt = count($colgrant); for ($i = 0; $i < $colgrant_cnt; $i++) { if (get_magic_quotes_gpc()) { $colgrant[$i] = stripslashes($colgrant[$i]); } $col_list .= (empty($col_list) ? backquote($colgrant[$i]) : ', ' . backquote($colgrant[$i])); } // end for unset($colgrant); $col_list = ' (' . $col_list . ')'; } // end if $list_priv = array('Select', 'Insert', 'Update', 'Delete', 'Create', 'Drop', 'Reload', 'Shutdown', 'Process', 'File', 'Grant', 'References', 'Index', 'Alter'); for ($i = 0; $i < 14; $i++) { $priv_name = $list_priv[$i] . '_priv'; if (isset($$priv_name)) { $sql_query .= (empty($sql_query) ? $list_priv[$i] : ', ' . $list_priv[$i]) . $col_list; } } // end for unset($list_priv); $sql_query .= ' ON ' . (($anydb || empty($dbgrant)) ? '*' : backquote($dbgrant)) . '.' . (($anytable || empty($tablegrant)) ? '*' : backquote($tablegrant)); $sql_query .= ' TO ' . '\'' . sql_addslashes($pma_user) . '\'' . '@' . '\'' . sql_addslashes($host) . '\''; $sql_query = 'GRANT ' . $sql_query; $result = @mysql_query($sql_query) or mysql_die('', '', FALSE, $err_url . '&host=' . urlencode($host) . '&pma_user=' . urlencode($pma_user) . '&grants=1'); show_message($strAddPrivMessage); } // end if } /** * Displays the page */ // Edit an user properies if (isset($edit) && $edit) { table_users($host, $pma_user); edit_operations($host, $pma_user); } // Revoke/Grant privileges for an user else if (isset($grants) && $grants) { $result = mysql_query('SELECT * FROM mysql.user WHERE host = \'' . sql_addslashes($host) . '\' AND user = \'' . sql_addslashes($pma_user) . '\''); grant_operations(mysql_fetch_array($result)); } // Check database privileges else if (isset($check) && $check) { check_db($db); ?>