ISPConfig3 devel
view | history | commit | commitdiff
tbrehm
2012-01-04 5c38f2cb6efe14ec205f6b312d057bbba3d98e02
commit | author | age
d83fcf 1 <?php
T 2
3 /*
436ed8 4 Copyright (c) 2007, Till Brehm, projektfarm Gmbh
d83fcf 5 All rights reserved.
T 6
7 Redistribution and use in source and binary forms, with or without modification,
8 are permitted provided that the following conditions are met:
9
10     * Redistributions of source code must retain the above copyright notice,
11       this list of conditions and the following disclaimer.
12     * Redistributions in binary form must reproduce the above copyright notice,
13       this list of conditions and the following disclaimer in the documentation
14       and/or other materials provided with the distribution.
15     * Neither the name of ISPConfig nor the names of its contributors
16       may be used to endorse or promote products derived from this software without
17       specific prior written permission.
18
19 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
20 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
21 WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
22 IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
23 INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
24 BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
25 DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
26 OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
27 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
28 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
29 */
30
a61345 31 class mysql_clientdb_plugin {
d83fcf 32     
a61345 33     var $plugin_name = 'mysql_clientdb_plugin';
T 34     var $class_name  = 'mysql_clientdb_plugin';
d83fcf 35     
392450 36     //* This function is called during ispconfig installation to determine
T 37     //  if a symlink shall be created for this plugin.
38     function onInstall() {
39         global $conf;
40         
41         if($conf['services']['db'] == true) {
42             return true;
43         } else {
44             return false;
45         }
46         
47     }
48     
d83fcf 49         
T 50     /*
51          This function is called when the plugin is loaded
52     */
53     
54     function onLoad() {
55         global $app;
56         
57         /*
58         Register for the events
59         */
60         
61         //* Mailboxes
62         $app->plugins->registerEvent('database_insert',$this->plugin_name,'db_insert');
63         $app->plugins->registerEvent('database_update',$this->plugin_name,'db_update');
64         $app->plugins->registerEvent('database_delete',$this->plugin_name,'db_delete');
65         
66         
67     }
68     
663caf 69   function process_host_list($action, $database_name, $database_user, $database_password, $host_list, $link, $database_rename_user = '') {
086696 70       global $app;
M 71       
72       $action = strtoupper($action);
73       
74       // set to all hosts if none given
663caf 75       if(trim($host_list) == '') $host_list = '%';
086696 76       
M 77       // process arrays and comma separated strings
58d1f1 78       if(!is_array($host_list)) $host_list = explode(',', $host_list);
086696 79       
M 80       $success = true;
81       
82       // loop through hostlist
83       foreach($host_list as $db_host) {
84           $db_host = trim($db_host);
85           
86           // check if entry is valid ip address
87           $valid = true;
663caf 88           if($db_host == '%') {
341d2b 89               $valid = true;
T 90           } elseif(preg_match("/^[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}(\.)[0-9]{1,3}$/", $db_host)) {
663caf 91               $groups = explode('.', $db_host);
086696 92               foreach($groups as $group){
M 93                 if($group<0 OR $group>255)
94                 $valid=false;
95               }
96           } else {
97               $valid = false;
98           }
99           
100           if($valid == false) continue;
101           
663caf 102           if($action == 'GRANT') {
c7bd5a 103               if(!mysql_query("GRANT ALL ON ".mysql_real_escape_string($database_name,$link).".* TO '".mysql_real_escape_string($database_user,$link)."'@'$db_host' IDENTIFIED BY PASSWORD '".mysql_real_escape_string($database_password,$link)."';",$link)) $success = false;
663caf 104           } elseif($action == 'REVOKE') {
086696 105               //mysql_query("REVOKE ALL PRIVILEGES ON ".mysql_real_escape_string($database_name,$link).".* FROM '".mysql_real_escape_string($database_user,$link)."';",$link);
663caf 106           } elseif($action == 'DROP') {
086696 107               if(!mysql_query("DROP USER '".mysql_real_escape_string($database_user,$link)."'@'$db_host';",$link)) $success = false;
663caf 108           } elseif($action == 'RENAME') {
086696 109               if(!mysql_query("RENAME USER '".mysql_real_escape_string($database_user,$link)."'@'$db_host' TO '".mysql_real_escape_string($database_rename_user,$link)."'@'$db_host'",$link)) $success = false;
663caf 110           } elseif($action == 'PASSWORD') {
c7bd5a 111               if(!mysql_query("SET PASSWORD FOR '".mysql_real_escape_string($database_user,$link)."'@'$db_host' = '".mysql_real_escape_string($database_password,$link)."';",$link)) $success = false;
086696 112           }
M 113       }
114       
115       return $success;
116   }
d83fcf 117     
T 118     function db_insert($event_name,$data) {
119         global $app, $conf;
120         
663caf 121         if($data['new']['type'] == 'mysql') {
673365 122             if(!include(ISPC_LIB_PATH.'/mysql_clientdb.conf')) {
d83fcf 123                 $app->log('Unable to open'.ISPC_LIB_PATH.'/mysql_clientdb.conf',LOGLEVEL_ERROR);
7c99ef 124                 return;
d83fcf 125             }
e5b353 126             
663caf 127             if($data['new']['database_user'] == 'root') {
e5b353 128                 $app->log('User root not allowed for Client databases',LOGLEVEL_WARNING);
T 129                 return;
130             }
d83fcf 131         
T 132             //* Connect to the database
133             $link = mysql_connect($clientdb_host, $clientdb_user, $clientdb_password);
134             if (!$link) {
135                 $app->log('Unable to connect to the database'.mysql_error($link),LOGLEVEL_ERROR);
a61345 136                 return;
d83fcf 137             }
be9816 138
R 139             // Charset for the new table
663caf 140             if($data['new']['database_charset'] != '') {
J 141         $query_charset_table = ' DEFAULT CHARACTER SET '.$data['new']['database_charset'];
be9816 142             } else {
R 143         $query_charset_table = '';
144             }
145
d83fcf 146             //* Create the new database
663caf 147             if (mysql_query('CREATE DATABASE '.mysql_real_escape_string($data['new']['database_name']).$query_charset_table,$link)) {
J 148                 $app->log('Created MySQL database: '.$data['new']['database_name'],LOGLEVEL_DEBUG);
d83fcf 149             } else {
663caf 150                 $app->log('Unable to create the database: '.mysql_error($link),LOGLEVEL_WARNING);
d83fcf 151             }
T 152             
abad78 153             // Create the database user if database is active
663caf 154             if($data['new']['active'] == 'y') {
abad78 155                 
663caf 156                 if($data['new']['remote_access'] == 'y') {
J 157           $this->process_host_list('GRANT', $data['new']['database_name'], $data['new']['database_user'], $data['new']['database_password'], $data['new']['remote_ips'], $link);
abad78 158                 }
eece36 159                 
F 160                 $db_host = 'localhost';
c7bd5a 161                 mysql_query("GRANT ALL ON `".str_replace(array('_','%'),array('\\_','\\%'),mysql_real_escape_string($data['new']['database_name'],$link))."`.* TO '".mysql_real_escape_string($data['new']['database_user'],$link)."'@'$db_host' IDENTIFIED BY PASSWORD '".mysql_real_escape_string($data['new']['database_password'],$link)."';",$link);
eece36 162
abad78 163                 
d83fcf 164             }
T 165             
663caf 166             mysql_query('FLUSH PRIVILEGES;',$link);
d83fcf 167             mysql_close($link);
T 168         }
169     }
170     
171     function db_update($event_name,$data) {
172         global $app, $conf;
173         
663caf 174         if($data['new']['type'] == 'mysql') {
673365 175             if(!include(ISPC_LIB_PATH.'/mysql_clientdb.conf')) {
d83fcf 176                 $app->log('Unable to open'.ISPC_LIB_PATH.'/mysql_clientdb.conf',LOGLEVEL_ERROR);
a61345 177                 return;
d83fcf 178             }
abad78 179             
663caf 180             if($data['new']['database_user'] == 'root') {
e5b353 181                 $app->log('User root not allowed for Client databases',LOGLEVEL_WARNING);
T 182                 return;
183             }
184             
d83fcf 185             //* Connect to the database
T 186             $link = mysql_connect($clientdb_host, $clientdb_user, $clientdb_password);
187             if (!$link) {
663caf 188                 $app->log('Unable to connect to the database: '.mysql_error($link),LOGLEVEL_ERROR);
88d899 189                 return;
d83fcf 190             }
T 191             
abad78 192             // Create the database user if database was disabled before
663caf 193             if($data['new']['active'] == 'y' && $data['old']['active'] == 'n') {
abad78 194                 
663caf 195                 if($data['new']['remote_access'] == 'y') {
J 196           $this->process_host_list('GRANT', $data['new']['database_name'], $data['new']['database_user'], $data['new']['database_password'], $data['new']['remote_ips'], $link);
abad78 197                 }
eece36 198                 
F 199                 $db_host = 'localhost';
c7bd5a 200                 mysql_query("GRANT ALL ON `".str_replace(array('_','%'),array('\\_','\\%'),mysql_real_escape_string($data['new']['database_name'],$link))."`.* TO '".mysql_real_escape_string($data['new']['database_user'],$link)."'@'$db_host' IDENTIFIED BY PASSWORD '".mysql_real_escape_string($data['new']['database_password'],$link)."';",$link);
abad78 201                 
673365 202                 // mysql_query("GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* TO '".mysql_real_escape_string($data["new"]["database_user"],$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"],$link)."';",$link);
abad78 203                 //echo "GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"]).".* TO '".mysql_real_escape_string($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"])."';";
T 204             }
205             
206             // Remove database user, if inactive
663caf 207             if($data['new']['active'] == 'n' && $data['old']['active'] == 'y') {
abad78 208                 
663caf 209                 if($data['old']['remote_access'] == 'y') {
J 210           $this->process_host_list('DROP', '', $data['old']['database_user'], '', $data['old']['remote_ips'], $link);
abad78 211                 }
T 212                 
eece36 213                 $db_host = 'localhost';
663caf 214                 mysql_query("DROP USER '".mysql_real_escape_string($data['old']['database_user'],$link)."'@'$db_host';",$link);
eece36 215                 
F 216                 
217                 //mysql_query("REVOKE ALL PRIVILEGES ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* FROM '".mysql_real_escape_string($data["new"]["database_user"],$link)."';",$link);
abad78 218             }
T 219             
d83fcf 220             //* Rename User
663caf 221             if($data['new']['database_user'] != $data['old']['database_user']) {
eece36 222                 $db_host = 'localhost';
663caf 223                 mysql_query("RENAME USER '".mysql_real_escape_string($data['old']['database_user'],$link)."'@'$db_host' TO '".mysql_real_escape_string($data['new']['database_user'],$link)."'@'$db_host'",$link);
J 224                 if($data['old']['remote_access'] == 'y') {
1ca823 225                     $this->process_host_list('RENAME', '', $data['old']['database_user'], '', $data['new']['remote_ips'], $link, $data['new']['database_user']);
eece36 226                 }
663caf 227                 $app->log('Renaming MySQL user: '.$data['old']['database_user'].' to '.$data['new']['database_user'],LOGLEVEL_DEBUG);
d83fcf 228             }
T 229             
230             //* Remote access option has changed.
663caf 231             if($data['new']['remote_access'] != $data['old']['remote_access']) {
673365 232                 
T 233                 //* revoke old priveliges
eece36 234                 //mysql_query("REVOKE ALL PRIVILEGES ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* FROM '".mysql_real_escape_string($data["new"]["database_user"],$link)."';",$link);
673365 235                 
T 236                 //* set new priveliges
663caf 237                 if($data['new']['remote_access'] == 'y') {         
J 238                     $this->process_host_list('GRANT', $data['new']['database_name'], $data['new']['database_user'], $data['new']['database_password'], $data['new']['remote_ips'], $link);
d83fcf 239                 } else {
663caf 240                     $this->process_host_list('DROP', '', $data['old']['database_user'], '', $data['old']['remote_ips'], $link);
d83fcf 241                 }
663caf 242                 $app->log('Changing MySQL remote access privileges for database: '.$data['new']['database_name'],LOGLEVEL_DEBUG);
J 243             } elseif($data['new']['remote_access'] == 'y' && $data['new']['remote_ips'] != $data['old']['remote_ips']) {
086696 244           //* Change remote access list
663caf 245           $this->process_host_list('DROP', '', $data['old']['database_user'], '', $data['old']['remote_ips'], $link);
J 246           $this->process_host_list('GRANT', $data['new']['database_name'], $data['new']['database_user'], $data['new']['database_password'], $data['new']['remote_ips'], $link);
086696 247       }
M 248       
d83fcf 249             //* Change password
663caf 250             if($data['new']['database_password'] != $data['old']['database_password']) {
eece36 251                 $db_host = 'localhost';
c7bd5a 252                 mysql_query("SET PASSWORD FOR '".mysql_real_escape_string($data['new']['database_user'],$link)."'@'$db_host' = '".mysql_real_escape_string($data['new']['database_password'],$link)."';",$link);
eece36 253
663caf 254                 if($data['new']['remote_access'] == 'y') {
J 255           $this->process_host_list('PASSWORD', '', $data['new']['database_user'], $data['new']['database_password'], $data['new']['remote_ips'], $link);
eece36 256                 }
663caf 257                 $app->log('Changing MySQL user password for: '.$data['new']['database_user'],LOGLEVEL_DEBUG);
d83fcf 258             }
T 259             
663caf 260             mysql_query('FLUSH PRIVILEGES;',$link);
d83fcf 261             mysql_close($link);
T 262         }
263         
264     }
265     
266     function db_delete($event_name,$data) {
267         global $app, $conf;
268         
663caf 269         if($data['old']['type'] == 'mysql') {
673365 270             if(!include(ISPC_LIB_PATH.'/mysql_clientdb.conf')) {
d83fcf 271                 $app->log('Unable to open'.ISPC_LIB_PATH.'/mysql_clientdb.conf',LOGLEVEL_ERROR);
a61345 272                 return;
d83fcf 273             }
T 274         
275             //* Connect to the database
276             $link = mysql_connect($clientdb_host, $clientdb_user, $clientdb_password);
277             if (!$link) {
663caf 278                 $app->log('Unable to connect to the database: '.mysql_error($link),LOGLEVEL_ERROR);
88d899 279                 return;
d83fcf 280             }
T 281             
a61345 282             //* Get the db host setting for the access priveliges
663caf 283             if($data['old']['remote_access'] == 'y') {
J 284                  if($this->process_host_list('DROP', '', $data['old']['database_user'], '', $data['old']['remote_ips'], $link)) {
285             $app->log('Dropping MySQL user: '.$data['old']['database_user'],LOGLEVEL_DEBUG);
eece36 286                 } else {
663caf 287                     $app->log('Error while dropping MySQL user: '.$data['old']['database_user'].' '.mysql_error($link),LOGLEVEL_WARNING);
eece36 288                 }
a61345 289             }
eece36 290             $db_host = 'localhost';
663caf 291             if(mysql_query("DROP USER '".mysql_real_escape_string($data['old']['database_user'],$link)."'@'$db_host';",$link)) {
J 292                 $app->log('Dropping MySQL user: '.$data['old']['database_user'],LOGLEVEL_DEBUG);
614365 293             } else {
663caf 294                 $app->log('Error while dropping MySQL user: '.$data['old']['database_user'].' '.mysql_error($link),LOGLEVEL_WARNING);
614365 295             }
d83fcf 296             
663caf 297             if(mysql_query('DROP DATABASE '.mysql_real_escape_string($data['old']['database_name'],$link),$link)) {
J 298                 $app->log('Dropping MySQL database: '.$data['old']['database_name'],LOGLEVEL_DEBUG);
614365 299             } else {
663caf 300                 $app->log('Error while dropping MySQL database: '.$data['old']['database_name'].' '.mysql_error($link),LOGLEVEL_WARNING);
614365 301             }
d83fcf 302             
663caf 303             mysql_query('FLUSH PRIVILEGES;',$link);
d83fcf 304             mysql_close($link);
T 305         }
306         
307         
308     }
309     
310     
311     
312
313 } // end class
314
663caf 315 ?>