tbrehm
2009-01-11 6733652286e1b74e447a75d0dac9d1637096b34d
Fixed several bugs in client db plugin.
2 files modified
45 ■■■■■ changed files
server/lib/classes/db_mysql.inc.php 2 ●●● patch | view | raw | blame | history
server/plugins-available/mysql_clientdb_plugin.inc.php 43 ●●●●● patch | view | raw | blame | history
server/lib/classes/db_mysql.inc.php
@@ -168,7 +168,7 @@
                return addslashes($formfield);
            }
            
            return mysql_real_escape_string($formfield);
            return mysql_real_escape_string($formfield, $this->linkId);
        }
        
        // Check der variablen
server/plugins-available/mysql_clientdb_plugin.inc.php
@@ -71,7 +71,7 @@
        global $app, $conf;
        
        if($data["new"]["type"] == 'mysql') {
            if(!include_once(ISPC_LIB_PATH.'/mysql_clientdb.conf')) {
            if(!include(ISPC_LIB_PATH.'/mysql_clientdb.conf')) {
                $app->log('Unable to open'.ISPC_LIB_PATH.'/mysql_clientdb.conf',LOGLEVEL_ERROR);
                return;
            }
@@ -102,12 +102,14 @@
                
                if($data["new"]["remote_access"] == 'y') {
                     $db_host = '%';
                    mysql_query("GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* TO '".mysql_real_escape_string($data["new"]["database_user"],$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"],$link)."';",$link);
                    $db_host = 'localhost';
                    mysql_query("GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* TO '".mysql_real_escape_string($data["new"]["database_user"],$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"],$link)."';",$link);
                } else {
                    $db_host = 'localhost';
                    mysql_query("GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* TO '".mysql_real_escape_string($data["new"]["database_user"],$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"],$link)."';",$link);
                }
                
                mysql_query("GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"]).".* TO '".mysql_real_escape_string($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"])."';",$link);
                //echo "GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"]).".* TO '".mysql_real_escape_string($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"])."';";
            }
            
            mysql_query("FLUSH PRIVILEGES;",$link);
@@ -119,7 +121,7 @@
        global $app, $conf;
        
        if($data["new"]["type"] == 'mysql') {
            if(!include_once(ISPC_LIB_PATH.'/mysql_clientdb.conf')) {
            if(!include(ISPC_LIB_PATH.'/mysql_clientdb.conf')) {
                $app->log('Unable to open'.ISPC_LIB_PATH.'/mysql_clientdb.conf',LOGLEVEL_ERROR);
                return;
            }
@@ -136,11 +138,15 @@
                
                if($data["new"]["remote_access"] == 'y') {
                     $db_host = '%';
                    mysql_query("GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* TO '".mysql_real_escape_string($data["new"]["database_user"],$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"],$link)."';",$link);
                    $db_host = 'localhost';
                    mysql_query("GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* TO '".mysql_real_escape_string($data["new"]["database_user"],$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"],$link)."';",$link);
                } else {
                    $db_host = 'localhost';
                    mysql_query("GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* TO '".mysql_real_escape_string($data["new"]["database_user"],$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"],$link)."';",$link);
                }
                
                mysql_query("GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"]).".* TO '".mysql_real_escape_string($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"])."';",$link);
                // mysql_query("GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* TO '".mysql_real_escape_string($data["new"]["database_user"],$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"],$link)."';",$link);
                //echo "GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"]).".* TO '".mysql_real_escape_string($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"])."';";
            }
            
@@ -153,23 +159,30 @@
                    $db_host = 'localhost';
                }
                
                mysql_query("REVOKE ALL PRIVILEGES ON ".mysql_real_escape_string($data["new"]["database_name"]).".* FROM '".mysql_real_escape_string($data["new"]["database_user"])."';",$link);
                mysql_query("REVOKE ALL PRIVILEGES ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* FROM '".mysql_real_escape_string($data["new"]["database_user"],$link)."';",$link);
            }
            
            //* Rename User
            if($data["new"]["database_user"] != $data["old"]["database_user"]) {
                mysql_query("RENAME USER '".mysql_real_escape_string($data["old"]["database_user"])."' TO '".mysql_real_escape_string($data["new"]["database_user"])."'",$link);
                mysql_query("RENAME USER '".mysql_real_escape_string($data["old"]["database_user"],$link)."' TO '".mysql_real_escape_string($data["new"]["database_user"],$link)."'",$link);
                $app->log('Renaming mysql user: '.$data["old"]["database_user"].' to '.$data["new"]["database_user"],LOGLEVEL_DEBUG);
            }
            
            //* Remote access option has changed.
            if($data["new"]["remote_access"] != $data["old"]["remote_access"]) {
                //* revoke old priveliges
                mysql_query("REVOKE ALL PRIVILEGES ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* FROM '".mysql_real_escape_string($data["new"]["database_user"],$link)."';",$link);
                //* set new priveliges
                if($data["new"]["remote_access"] == 'y') {
                    mysql_query("UPDATE mysql.user SET Host = '%' WHERE User = '".mysql_real_escape_string($data["new"]["database_user"])."' and Host = 'localhost';",$link);
                    mysql_query("UPDATE mysql.db SET Host = '%' WHERE User = '".mysql_real_escape_string($data["new"]["database_user"])."' and Host = 'localhost';",$link);
                     $db_host = '%';
                    mysql_query("GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* TO '".mysql_real_escape_string($data["new"]["database_user"],$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"],$link)."';",$link);
                    $db_host = 'localhost';
                    mysql_query("GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* TO '".mysql_real_escape_string($data["new"]["database_user"],$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"],$link)."';",$link);
                } else {
                    mysql_query("UPDATE mysql.user SET Host = 'localhost' WHERE User = '".mysql_real_escape_string($data["new"]["database_user"])."' and Host = '%';",$link);
                    mysql_query("UPDATE mysql.db SET Host = 'localhost' WHERE User = '".mysql_real_escape_string($data["new"]["database_user"])."' and Host = '%';",$link);
                    $db_host = 'localhost';
                    mysql_query("GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* TO '".mysql_real_escape_string($data["new"]["database_user"],$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"],$link)."';",$link);
                }
                $app->log('Changing mysql remote access priveliges for database: '.$data["new"]["database_name"],LOGLEVEL_DEBUG);
            }
@@ -190,7 +203,7 @@
            
            //* Change password
            if($data["new"]["database_password"] != $data["old"]["database_password"]) {
                mysql_query("SET PASSWORD FOR '".mysql_real_escape_string($data["new"]["database_user"])."'@'$db_host' = PASSWORD('".mysql_real_escape_string($data["new"]["database_password"])."');",$link);
                mysql_query("SET PASSWORD FOR '".mysql_real_escape_string($data["new"]["database_user"],$link)."'@'$db_host' = PASSWORD('".mysql_real_escape_string($data["new"]["database_password"],$link)."');",$link);
                $app->log('Changing mysql user password for: '.$data["new"]["database_user"],LOGLEVEL_DEBUG);
            }
            
@@ -204,7 +217,7 @@
        global $app, $conf;
        
        if($data["old"]["type"] == 'mysql') {
            if(!include_once(ISPC_LIB_PATH.'/mysql_clientdb.conf')) {
            if(!include(ISPC_LIB_PATH.'/mysql_clientdb.conf')) {
                $app->log('Unable to open'.ISPC_LIB_PATH.'/mysql_clientdb.conf',LOGLEVEL_ERROR);
                return;
            }
@@ -223,13 +236,13 @@
                $db_host = 'localhost';
            }
            
            if(mysql_query("DROP USER '".mysql_real_escape_string($data["old"]["database_user"])."'@'$db_host';",$link)) {
            if(mysql_query("DROP USER '".mysql_real_escape_string($data["old"]["database_user"],$link)."'@'$db_host';",$link)) {
                $app->log('Dropping mysql user: '.$data["old"]["database_user"],LOGLEVEL_DEBUG);
            } else {
                $app->log('Error while dropping mysql user: '.$data["old"]["database_user"].' '.mysql_error($link),LOGLEVEL_ERROR);
            }
            
            if(mysql_query('DROP DATABASE '.mysql_real_escape_string($data["old"]["database_name"]),$link)) {
            if(mysql_query('DROP DATABASE '.mysql_real_escape_string($data["old"]["database_name"],$link),$link)) {
                $app->log('Dropping mysql database: '.$data["old"]["database_name"],LOGLEVEL_DEBUG);
            } else {
                $app->log('Error while dropping mysql database: '.$data["old"]["database_name"].' '.mysql_error($link),LOGLEVEL_ERROR);