server_privileges.php

一个用PHP编写的

                    $real_sql_query .= ' MAX_UPDATES_PER_HOUR ' . $max_updates;
                    $sql_query .= ' MAX_UPDATES_PER_HOUR ' . $max_updates;
                }
            }
            if (PMA_MYSQL_INT_VERSION >= 50003) {
                if (isset($max_user_connections)) {
                    $max_user_connections = max(0, (int)$max_user_connections);
                    $real_sql_query .= ' MAX_USER_CONNECTIONS ' . $max_user_connections;
                    $sql_query .= ' MAX_USER_CONNECTIONS ' . $max_user_connections;
                }
            }
        }
        if ( isset( $create_user_real ) ) {
            $create_user_real .= ';';
            $create_user_show .= ';';
        }
        $real_sql_query .= ';';
        $sql_query .= ';';
        if (empty($change_copy)) {
            if ( isset( $create_user_real ) ) {
                PMA_DBI_try_query($create_user_real) or PMA_mysqlDie(PMA_DBI_getError(), $create_user_show);
                $sql_query = $create_user_show . $sql_query;
            }
            PMA_DBI_try_query($real_sql_query) or PMA_mysqlDie(PMA_DBI_getError(), $sql_query);
            $message = $GLOBALS['strAddUserMessage'];
        } else {
            if ( isset( $create_user_real ) ) {
                $queries[]             = $create_user_real;
            }
            $queries[]             = $real_sql_query;
            // we put the query containing the hidden password in
            // $queries_for_display, at the same position occupied
            // by the real query in $queries
            $tmp_count = count($queries);
            if ( isset( $create_user_real ) ) {
                $queries_for_display[$tmp_count - 2] = $create_user_show;
            }
            $queries_for_display[$tmp_count - 1] = $sql_query;
        }
        unset($res, $real_sql_query);
    }
}


/**
 * Changes / copies a user, part III
 */
if (!empty($change_copy)) {
    $user_host_condition =
        ' WHERE ' . PMA_convert_using('User')
        .' = ' . PMA_convert_using(PMA_sqlAddslashes($old_username), 'quoted')
        .' AND ' . PMA_convert_using('Host')
        .' = ' . PMA_convert_using($old_hostname, 'quoted') . ';';
    $res = PMA_DBI_query('SELECT * FROM `mysql`.`db`' . $user_host_condition );
    while ($row = PMA_DBI_fetch_assoc($res)) {
        $queries[] =
            'GRANT ' . join(', ', PMA_extractPrivInfo($row))
            .' ON `' . $row['Db'] . '`.*'
            .' TO \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\''
            . ( $row['Grant_priv'] == 'Y' ? ' WITH GRANT OPTION;' : ';' );
    }
    PMA_DBI_free_result($res);
    $res = PMA_DBI_query(
        'SELECT `Db`, `Table_name`, `Table_priv`'
        .' FROM `mysql`.`tables_priv`' . $user_host_condition,
        $GLOBALS['userlink'], PMA_DBI_QUERY_STORE );
    while ($row = PMA_DBI_fetch_assoc($res)) {

        $res2 = PMA_DBI_QUERY(
            'SELECT `Column_name`, `Column_priv`'
            .' FROM `mysql`.`columns_priv`'
            .' WHERE ' . PMA_convert_using('User')
            .' = ' . PMA_convert_using(PMA_sqlAddslashes($old_username), 'quoted')
            .' AND ' . PMA_convert_using('`Host`')
            .' = ' . PMA_convert_using($old_hostname, 'quoted')
            .' AND ' . PMA_convert_using('`Db`')
            .' = ' . PMA_convert_using($row['Db'], 'quoted')
            .' AND ' . PMA_convert_using('`Table_name`')
            .' = ' . PMA_convert_using($row['Table_name'], 'quoted')
            .';',
            null, PMA_DBI_QUERY_STORE);

        $tmp_privs1 = PMA_extractPrivInfo($row);
        $tmp_privs2 = array(
            'Select' => array(),
            'Insert' => array(),
            'Update' => array(),
            'References' => array()
        );

        while ($row2 = PMA_DBI_fetch_assoc($res2)) {
            $tmp_array = explode(',', $row2['Column_priv']);
            if (in_array('Select', $tmp_array)) {
                $tmp_privs2['Select'][] = $row2['Column_name'];
            }
            if (in_array('Insert', $tmp_array)) {
                $tmp_privs2['Insert'][] = $row2['Column_name'];
            }
            if (in_array('Update', $tmp_array)) {
                $tmp_privs2['Update'][] = $row2['Column_name'];
            }
            if (in_array('References', $tmp_array)) {
                $tmp_privs2['References'][] = $row2['Column_name'];
            }
            unset($tmp_array);
        }
        if (count($tmp_privs2['Select']) > 0 && !in_array('SELECT', $tmp_privs1)) {
            $tmp_privs1[] = 'SELECT (`' . join('`, `', $tmp_privs2['Select']) . '`)';
        }
        if (count($tmp_privs2['Insert']) > 0 && !in_array('INSERT', $tmp_privs1)) {
            $tmp_privs1[] = 'INSERT (`' . join('`, `', $tmp_privs2['Insert']) . '`)';
        }
        if (count($tmp_privs2['Update']) > 0 && !in_array('UPDATE', $tmp_privs1)) {
            $tmp_privs1[] = 'UPDATE (`' . join('`, `', $tmp_privs2['Update']) . '`)';
        }
        if (count($tmp_privs2['References']) > 0 && !in_array('REFERENCES', $tmp_privs1)) {
            $tmp_privs1[] = 'REFERENCES (`' . join('`, `', $tmp_privs2['References']) . '`)';
        }
        unset($tmp_privs2);
        $queries[] =
            'GRANT ' . join(', ', $tmp_privs1)
            . ' ON `' . $row['Db'] . '`.`' . $row['Table_name']
            . '` TO \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\''
            . (in_array('Grant', explode(',', $row['Table_priv'])) ? ' WITH GRANT OPTION;' : ';');
    }
}


/**
 * Updates privileges
 */
if (!empty($update_privs)) {
    // escaping a wildcard character in a GRANT is only accepted at the global
    // or database level, not at table level; this is why I remove
    // the escaping character
    // Note: in the phpMyAdmin list of Database-specific privileges,
    //  we will have for example
    //  test\_db  SELECT (this one is for privileges on a db level)
    //  test_db   USAGE  (this one is for table-specific privileges)
    //
    // It looks curious but reflects the way MySQL works

    if (! isset($dbname) || ! strlen($dbname)) {
        $db_and_table = '*.*';
    } else {
        if ( isset( $tablename ) && strlen($tablename) ) {
            $db_and_table = PMA_backquote( PMA_unescape_mysql_wildcards( $dbname ) ) . '.';
            $db_and_table .= PMA_backquote( $tablename );
        } else {
            $db_and_table = PMA_backquote( $dbname ) . '.';
            $db_and_table .= '*';
        }
    }

    $sql_query0 =
        'REVOKE ALL PRIVILEGES ON ' . $db_and_table
        . ' FROM \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\';';
    if (!isset($Grant_priv) || $Grant_priv != 'Y') {
        $sql_query1 =
            'REVOKE GRANT OPTION ON ' . $db_and_table
            . ' FROM \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\';';
    }
    $sql_query2 =
        'GRANT ' . join(', ', PMA_extractPrivInfo())
        . ' ON ' . $db_and_table
        . ' TO \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\'';

        // FIXME: similar code appears twice in this script
    if ( ( isset($Grant_priv) && $Grant_priv == 'Y')
      || ( ( ! isset($dbname) || ! strlen($dbname) ) && PMA_MYSQL_INT_VERSION >= 40002
        && ( isset($max_questions) || isset($max_connections)
          || isset($max_updates) || isset($max_user_connections))))
    {
        $sql_query2 .= 'WITH';
        if (isset($Grant_priv) && $Grant_priv == 'Y') {
            $sql_query2 .= ' GRANT OPTION';
        }
        if (PMA_MYSQL_INT_VERSION >= 40002) {
            if (isset($max_questions)) {
                $max_questions = max(0, (int)$max_questions);
                $sql_query2 .= ' MAX_QUERIES_PER_HOUR ' . $max_questions;
            }
            if (isset($max_connections)) {
                $max_connections = max(0, (int)$max_connections);
                $sql_query2 .= ' MAX_CONNECTIONS_PER_HOUR ' . $max_connections;
            }
            if (isset($max_updates)) {
                $max_updates = max(0, (int)$max_updates);
                $sql_query2 .= ' MAX_UPDATES_PER_HOUR ' . $max_updates;
            }
        }
        if (PMA_MYSQL_INT_VERSION >= 50003) {
            if (isset($max_user_connections)) {
                $max_user_connections = max(0, (int)$max_user_connections);
                $sql_query2 .= ' MAX_USER_CONNECTIONS ' . $max_user_connections;
            }
        }
    }
    $sql_query2 .= ';';
    if (!PMA_DBI_try_query($sql_query0)) { // this query may fail, but this does not matter :o)
        unset($sql_query0);
    }
    if (isset($sql_query1) && !PMA_DBI_try_query($sql_query1)) { // this one may fail, too...
        unset($sql_query1);
    }
    PMA_DBI_query($sql_query2);
    $sql_query = (isset($sql_query0) ? $sql_query0 . ' ' : '')
               . (isset($sql_query1) ? $sql_query1 . ' ' : '')
               . $sql_query2;
    $message = sprintf($GLOBALS['strUpdatePrivMessage'], '\'' . $username . '\'@\'' . $hostname . '\'');
}


/**
 * Revokes Privileges
 */
if (!empty($revokeall)) {

    if ( ! isset($dbname) || ! strlen($dbname) ) {
        $db_and_table = '*.*';
    } else {
        if ( ! isset( $tablename ) || ! strlen($tablename) ) {
            $db_and_table = PMA_backquote( $dbname ) . '.';
            $db_and_table .= '*';
        } else {
            $db_and_table = PMA_backquote( PMA_unescape_mysql_wildcards( $dbname ) ) . '.';
            $db_and_table .= PMA_backquote( $tablename );
        }
    }

    $sql_query0 =
        'REVOKE ALL PRIVILEGES ON ' . $db_and_table
        . ' FROM \'' . $username . '\'@\'' . $hostname . '\';';
    $sql_query1 =
        'REVOKE GRANT OPTION ON ' . $db_and_table
        . ' FROM \'' . $username . '\'@\'' . $hostname . '\';';
    PMA_DBI_query($sql_query0);
    if (!PMA_DBI_try_query($sql_query1)) { // this one may fail, too...
        unset($sql_query1);
    }
    $sql_query = $sql_query0 . (isset($sql_query1) ? ' ' . $sql_query1 : '');
    $message = sprintf($GLOBALS['strRevokeMessage'], '\'' . $username . '\'@\'' . $hostname . '\'');
    if ( ! isset($tablename) || ! strlen($tablename) ) {
        unset($dbname);
    } else {
        unset($tablename);
    }
}


/**
 * Updates the password
 */
if (!empty($change_pw)) {
    if ($nopass == 1) {
        $sql_query = 'SET PASSWORD FOR \'' . $username . '\'@\'' . $hostname . '\' = \'\';';
        PMA_DBI_query($sql_query);
        $message = sprintf($GLOBALS['strPasswordChanged'], '\'' . $username . '\'@\'' . $hostname . '\'');
    } elseif (empty($pma_pw) || empty($pma_pw2)) {
        $message = $GLOBALS['strPasswordEmpty'];
    } elseif ($pma_pw != $pma_pw2) {
        $message = $GLOBALS['strPasswordNotSame'];
    } else {
        $hidden_pw = '';
        for ($i = 0; $i < strlen($pma_pw); $i++) {
            $hidden_pw .= '*';
        }
        $local_query = 'SET PASSWORD FOR \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\' = PASSWORD(\'' . PMA_sqlAddslashes($pma_pw) . '\')';
        $sql_query = 'SET PASSWORD FOR \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\' = PASSWORD(\'' . $hidden_pw . '\')';