| | |
|---|
| | | //* Check permissions for module |
|---|
| | | $app->auth->check_module_permissions('sites'); |
|---|
| | | |
|---|
| | | /* get the id of the database (must be int!) */ |
|---|
| | | /* |
|---|
| | | * get the id of the database (must be int!) |
|---|
| | | */ |
|---|
| | | if (!isset($_GET['id'])){ |
|---|
| | | die ("No DB selected!"); |
|---|
| | | } |
|---|
| | |
|---|
| | | /* |
|---|
| | | * Get the data to connect to the database |
|---|
| | | */ |
|---|
| | | $dbData = $app->db->queryOneRecord( |
|---|
| | | "SELECT sys_userid, sys_groupid, sys_perm_user, sys_perm_group, server_id, database_name, database_user, database_password FROM web_database WHERE database_id = " . |
|---|
| | | $databaseId); |
|---|
| | | |
|---|
| | | /* |
|---|
| | | * We also need the data of the server |
|---|
| | | */ |
|---|
| | | $dbData = $app->db->queryOneRecord("SELECT server_id FROM web_database WHERE database_id = " . $databaseId); |
|---|
| | | $serverId = intval($dbData['server_id']); |
|---|
| | | if ($serverId == 0){ |
|---|
| | | die ("No DB-Server found!"); |
|---|
| | | } |
|---|
| | | |
|---|
| | | $serverData = $app->db->queryOneRecord( |
|---|
| | | "SELECT server_name FROM server WHERE server_id = " . |
|---|
| | | $serverId); |
|---|
| | | |
|---|
| | | $app->uses('getconf'); |
|---|
| | | $global_config = $app->getconf->get_global_config('sites'); |
|---|
| | | $web_config = $app->getconf->get_server_config($serverId,'web'); |
|---|
| | | |
|---|
| | | /* |
|---|
| | | * Check if the user has the right to open phpmyadmin with this database |
|---|
| | | * (we will check only users, not admins) |
|---|
| | | * We only redirect to the login-form, so there is no need, to check any rights |
|---|
| | | */ |
|---|
| | | if($_SESSION["s"]["user"]["typ"] == 'user') { |
|---|
| | | /* Get the group of the client */ |
|---|
| | | $client_group_id = intval($_SESSION["s"]["user"]["default_group"]); |
|---|
| | | /* compare both */ |
|---|
| | | if ($dbData['sys_groupid'] != $client_group_id){ |
|---|
| | | die ("You don't have the right to access this db!"); |
|---|
| | | |
|---|
| | | if($global_config['phpmyadmin_url'] != '') { |
|---|
| | | $phpmyadmin_url = $global_config['phpmyadmin_url']; |
|---|
| | | $phpmyadmin_url = str_replace('[SERVERNAME]',$serverData['server_name'],$phpmyadmin_url); |
|---|
| | | header('Location:'.$phpmyadmin_url); |
|---|
| | | } else { |
|---|
| | | isset($_SERVER['HTTPS'])? $http = 'https' : $http = 'http'; |
|---|
| | | if($web_config['server_type'] == 'nginx') { |
|---|
| | | header('location:' . $http . '://' . $serverData['server_name'] . ':8081/phpmyadmin'); |
|---|
| | | } else { |
|---|
| | | header('location:' . $http . '://' . $serverData['server_name'] . '/phpmyadmin'); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | /* |
|---|
| | | * Now generate the login-Form |
|---|
| | | */ |
|---|
| | | isset($_SERVER['HTTPS'])? $http = 'https' : $http = 'http'; |
|---|
| | | echo ' |
|---|
| | | starting phpMyAdmin...<br> |
|---|
| | | <form method="post" action="' . $http . '://' . $serverData['server_name'] . '/phpmyadmin/index.php" name="login_form" target="_top" style="visibility:hidden"> |
|---|
| | | <input type="text" name="pma_username" id="input_username" value="' . $dbData['database_user'] . '" /> |
|---|
| | | <input type="password" name="pma_password" id="input_password" value="' . $dbData['database_password'] . '" size="24" class="textfield" /> |
|---|
| | | </form> |
|---|
| | | <script type="text/javascript" language="javascript"> |
|---|
| | | <!-- |
|---|
| | | document.forms["login_form"].submit(); |
|---|
| | | //--> |
|---|
| | | </script>'; |
|---|
| | | exit; |
|---|
| | | ?> |
|---|
