tag with tooltips * * @return array */ function PMA_extractPrivInfo($row = '', $enableHTML = FALSE) { $grants = array( array('Select_priv', 'SELECT', $GLOBALS['strPrivDescSelect']), array('Insert_priv', 'INSERT', $GLOBALS['strPrivDescInsert']), array('Update_priv', 'UPDATE', $GLOBALS['strPrivDescUpdate']), array('Delete_priv', 'DELETE', $GLOBALS['strPrivDescDelete']), array('Create_priv', 'CREATE', $GLOBALS['strPrivDescCreate' . (isset($GOLBALS['tablename']) ? 'Tbl' : 'Db')]), array('Drop_priv', 'DROP', $GLOBALS['strPrivDescDrop' . (isset($GOLBALS['tablename']) ? 'Tbl' : 'Db')]), array('Reload_priv', 'RELOAD', $GLOBALS['strPrivDescReload']), array('Shutdown_priv', 'SHUTDOWN', $GLOBALS['strPrivDescShutdown']), array('Process_priv', 'PROCESS', $GLOBALS['strPrivDescProcess' . ((!empty($row) && isset($row['Super_priv'])) || (empty($row) && isset($GLOBALS['Super_priv'])) ? '4' : '3')]), array('File_priv', 'FILE', $GLOBALS['strPrivDescFile']), array('References_priv', 'REFERENCES', $GLOBALS['strPrivDescReferences']), array('Index_priv', 'INDEX', $GLOBALS['strPrivDescIndex']), array('Alter_priv', 'ALTER', $GLOBALS['strPrivDescAlter']), array('Show_db_priv', 'SHOW DATABASES', $GLOBALS['strPrivDescShowDb']), array('Super_priv', 'SUPER', $GLOBALS['strPrivDescSuper']), array('Create_tmp_table_priv', 'CREATE TEMPORARY TABLES', $GLOBALS['strPrivDescCreateTmpTable']), array('Lock_tables_priv', 'LOCK TABLES', $GLOBALS['strPrivDescLockTables']), array('Execute_priv', 'EXECUTE', $GLOBALS['strPrivDescExecute']), array('Repl_slave_priv', 'REPLICATION SLAVE', $GLOBALS['strPrivDescReplSlave']), array('Repl_client_priv', 'REPLICATION CLIENT', $GLOBALS['strPrivDescReplClient']) ); $privs = array(); $allPrivileges = TRUE; while (list(, $current_grant) = each($grants)) { if ((!empty($row) && isset($row[$current_grant[0]])) || (empty($row) && isset($GLOBALS[$current_grant[0]]))) { if ((!empty($row) && $row[$current_grant[0]] == 'Y') || (empty($row) && $GLOBALS[$current_grant[0]] == 'Y')) { if ($enableHTML) { $privs[] = '' . str_replace(' ', ' ', $current_grant[1]) . ''; } else { $privs[] = $current_grant[1]; } } else { $allPrivileges = FALSE; } } } if (empty($privs)) { if ($enableHTML) { $privs[] = 'USAGE'; } else { $privs[] = 'USAGE'; } } else if ($allPrivileges && (!isset($GLOBALS['grant_count']) || count($privs) == $GLOBALS['grant_count'])) { if ($enableHTML) { $privs = array('ALL PRIVILEGES'); } else { $privs = array('ALL PRIVILEGES'); } } return $privs; } /** * Updates privileges */ if (!empty($update_privs)) { if (empty($hostname)) { $hostname = '%'; } $sql_query0 = 'REVOKE ALL PRIVILEGES ON *.* FROM "' . $username . '"@"' . $hostname . '";'; $sql_query1 = 'REVOKE GRANT OPTION ON *.* FROM "' . $username . '"@"' . $hostname . '";'; $sql_query2 = 'GRANT ' . join(', ', PMA_extractPrivInfo()) . ' ON *.* TO "' . $username . '"@"' . $hostname . '"'; if (isset($Grant_priv) || isset($max_questions) || isset($max_connections) || isset($max_updates)) { $sql_query2 .= 'WITH'; if (isset($Grant_priv) && $Grant_priv == 'Y') { $sql_query2 .= ' GRANT OPTION'; } if (isset($max_questions)) { $sql_query2 .= ' MAX_QUERIES_PER_HOUR ' . (int)$max_questions; } if (isset($max_connections)) { $sql_query2 .= ' MAX_CONNECTIONS_PER_HOUR ' . (int)$max_connections; } if (isset($max_updates)) { $sql_query2 .= ' MAX_UPDATES_PER_HOUR ' . (int)$max_updates; } } $sql_query2 .= ';'; if (!@PMA_mysql_query($sql_query0, $userlink)) { PMA_mysqlDie(PMA_mysql_error($userlink), $sql_query0); } if (!@PMA_mysql_query($sql_query1, $userlink)) { PMA_mysqlDie(PMA_mysql_error($userlink), $sql_query1); } if (!@PMA_mysql_query($sql_query2, $userlink)) { PMA_mysqlDie(PMA_mysql_error($userlink), $sql_query2); } $sql_query = $sql_query0 . ' ' . $sql_query1 . ' ' . $sql_query2; $message = sprintf($strUpdatePrivMessage, '\'' . $username . '\'@\'' . $hostname . '\''); } /** * Updates the password */ if (!empty($change_pw)) { if (empty($hostname)) { $hostname = '%'; } if ($nopass == 1) { $sql_query = 'SET PASSWORD FOR "' . $username . '"@"' . $hostname . '" = ""'; PMA_mysql_query($sql_query, $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink)); $message = sprintf($strPasswordChanged, '\'' . $username . '\'@\'' . $hostname . '\''); } else if (empty($pma_pw) || empty($pma_pw2)) { $message = $strPasswordEmpty; } else if ($pma_pw != $pma_pw2) { $message = $strPasswordNotSame; } else { $hidden_pw = ''; for ($i = 0; $i < strlen($pma_pw); $i++) { $hidden_pw .= '*'; } $local_query = 'SET PASSWORD FOR "' . $username . '"@"' . $hostname . '" = PASSWORD("' . $pma_pw . '")'; $sql_query = 'SET PASSWORD FOR "' . $username . '"@"' . $hostname . '" = PASSWORD("' . $hidden_pw . '")'; PMA_mysql_query($local_query, $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink)); $message = sprintf($strPasswordChanged, '\'' . $username . '\'@\'' . $hostname . '\''); } } /** * Deletes users */ if (!empty($delete)) { PMA_mysql_query('USE `mysql`;', $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink), 'USE `mysql`;'); $is_superuser = TRUE; $queries = array(); for ($i = 0; isset($selected_usr[$i]); $i++) { list($this_user, $this_host) = explode('@', $selected_usr[$i]); $queries[] = '# ' . sprintf($strDeleting, '\'' . $this_user . '\'@\'' . $this_host . '\'') . ' ...'; if ($mode == 2) { // The SHOW GRANTS query may fail if the user has not been loaded // into memory $res = PMA_mysql_query('SHOW GRANTS FOR "' . $this_user . '"@"' . $this_host . '";', $userlink); if ($res) { $queries[] = 'REVOKE ALL PRIVILEGES ON *.* FROM "' . $this_user . '"@"' . $this_host . '";'; while ($row = PMA_mysql_fetch_row($res)) { $this_table = substr($row[0], (strpos($row[0], 'ON') + 3), -(9 + strlen($this_user . $this_host))); if ($this_table != '*.*') { $queries[] = 'REVOKE ALL PRIVILEGES ON ' . $this_table . ' FROM "' . $this_user . '"@"' . $this_host . '";'; } unset($this_table); } mysql_free_result($res); } unset($res); } $queries[] = 'DELETE FROM `user` WHERE `User` = "' . $this_user . '" AND `Host` = "' . $this_host . '";'; if ($mode != 2) { // If we REVOKE the table grants, we should not need to modify the // `db`, `tables_priv` and `columns_priv` tables manually... $queries[] = 'DELETE FROM `db` WHERE `User` = "' . $this_user . '" AND `Host` = "' . $this_host . '";'; $queries[] = 'DELETE FROM `tables_priv` WHERE `User` = "' . $this_user . '" AND `Host` = "' . $this_host . '";'; $queries[] = 'DELETE FROM `columns_priv` WHERE `User` = "' . $this_user . '" AND `Host` = "' . $this_host . '";'; } } if ($mode == 3) { $queries[] = '# ' . $strReloadingThePrivileges . ' ...' . "\n" . 'FLUSH PRIVILEGES;'; } while (list(, $sql_query) = each($queries)) { PMA_mysql_query($sql_query, $userlink) or PMA_mysqlDie(PMA_mysql_error($userlink)); } $sql_query = join("\n", $queries); unset($queries); $message = $strUsersDeleted; } /** * Reloads the privilege tables into memory */ if (!empty($flush_privileges)) { $sql_query = 'FLUSH PRIVILEGES'; if (@PMA_mysql_query($sql_query, $userlink)) { $message = $strPrivilegesReloaded; } else { PMA_mysqlDie(PMA_mysql_error($userlink)); } } /** * Does the common work */ $js_to_run = 'user_details.js'; require('./server_common.inc.php3'); /** * Displays the links */ require('./server_links.inc.php3'); /** * Checks if the user is allowed to do what he tries to... */ if (!$is_superuser) { echo '

' . "\n" . ' ' . $strPrivileges . "\n" . '

' . "\n" . $strNoPrivileges . "\n"; include('./footer.inc.php3'); exit; } if (!isset($username) && !isset($hostname)) { // No username is given --> display the overview echo '

' . "\n" . ' ' . $strUserOverview . "\n" . '

' . "\n"; $oldPrivTables = FALSE; if (PMA_MYSQL_INT_VERSION >= 40002) { $res = PMA_mysql_query('SELECT `User`, `Host`, IF(`Password` = "", "N", "Y") AS "Password", `Select_priv`, `Insert_priv`, `Update_priv`, `Delete_priv`, `Create_priv`, `Drop_priv`, `Reload_priv`, `Shutdown_priv`, `Process_priv`, `File_priv`, `Grant_priv`, `References_priv`, `Index_priv`, `Alter_priv`, `Show_db_priv`, `Super_priv`, `Create_tmp_table_priv`, `Lock_tables_priv`, `Execute_priv`, `Repl_slave_priv`, `Repl_client_priv` FROM `user`;', $userlink); if (!$res) { // the query failed! This may have two reasons: // - the user has not enough privileges // - the privilege tables use a structure of an earlier version. $oldPrivTables = TRUE; } } if (empty($res) || (PMA_MYSQL_INT_VERSION >= 32211 && PMA_MYSQL_INT_VERSION < 40002)) { $res = PMA_mysql_query('SELECT `User`, `Host`, IF(`Password` = "", "N", "Y") AS "Password", `Select_priv`, `Insert_priv`, `Update_priv`, `Delete_priv`, `Index_priv`, `Alter_priv`, `Create_priv`, `Drop_priv`, `Grant_priv`, `References_priv`, `Reload_priv`, `Shutdown_priv`, `Process_priv`, `File_priv` FROM `user`;', $userlink); if (!$res) { // the query failed! This may have two reasons: // - the user has not enough privileges // - the privilege tables use a structure of an earlier version. $oldPrivTables = TRUE; } } if (empty($res) || PMA_MYSQL_INT_VERSION < 32211) { $res = PMA_mysql_query('SELECT * FROM `user`;', $userlink); } if (!$res) { echo '' . $strNoPrivileges . '' . "\n"; @mysql_free_result($res); unset($res); } else { if ($oldPrivTables) { // rabus: This message is hardcoded because I will replace it by // a automatic repair feature soon. echo '
' . "\n" . ' Warning: Your privilege table structure seem to be older than this MySQL version!
' . "\n" . ' Please run the script mysql_fix_privilege_tables that should be included in your MySQL server distribution to solve this problem!' . "\n" . '

' . "\n"; } echo '
' . "\n" . ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . ' ' . "\n"; echo ' ' . "\n"; $useBgcolorOne = TRUE; for ($i = 0; $row = PMA_mysql_fetch_array($res, MYSQL_ASSOC); $i++) { echo ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . ' ' . "\n"; $privs = PMA_extractPrivInfo($row, TRUE); echo ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . ' ' . "\n"; $useBgcolorOne = !$useBgcolorOne; } @mysql_free_result($res); unset($res); unset ($row); echo ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . ' ' . "\n" . '
 ' . $strUser . '  ' . $strHost . '  ' . $strPassword . '  ' . $strGlobalPrivileges . '  ' . $strGrantOption . '  ' . $strAction . ' 
' . htmlspecialchars($row['Host']) . '' . ($row['Password'] == 'Y' ? $strYes : '' . $strNo . '') . '' . "\n" . ' ' . join(',' . "\n" . ' ', $privs) . "\n" . ' ' . ($row['Grant_priv'] == 'Y' ? $strYes : $strNo) . '' . $strEdit . '
' . "\n" . '  ' . $strEnglishPrivileges . ' ' . "\n" . '
' . "\n" . ' ' . $strWithChecked . '' . "\n" . ' ' . $strCheckAll . '' . "\n" . '  / ' . "\n" . ' ' . $strUncheckAll . '' . "\n" . '
' . "\n" . ' ' . "\n" . '
' . "\n" . '
' . "\n" . ' ' . sprintf($strFlushPrivilegesNote, '', ''); } } else if (isset($username)) { if (!isset($hostname)) { $hostname = '%'; } echo '

' . "\n" . ' ' . $strUser . ' \'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'' . "\n" . '

' . "\n" . '' . "\n"; } else if (isset($hostname)) { // TODO: Host privilege editor } /** * Displays the footer */ require('./footer.inc.php3'); ?>