maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

fix wrong database-usage in DbManagerMySQL::grantCreateToCustomerDbs() when using more than 1 mysql-server; refs #1312

Browse Source 
Signed-off-by: Michael Kaufmann <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann
2025-03-10 17:46:50 +01:00
parent e9d3de0c25
commit 9253a94aad
3 changed files with 17 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
install/updates/froxlor/update_2.2.inc.php
View File

@@ -226,7 +226,7 @@ if (Froxlor::isDatabaseVersion('202411200')) {
$current_allowed_mysqlserver = !empty($customer['allowed_mysqlserver']) ? json_decode($customer['allowed_mysqlserver'], true) : []; $current_allowed_mysqlserver = !empty($customer['allowed_mysqlserver']) ? json_decode($customer['allowed_mysqlserver'], true) : [];
foreach ($current_allowed_mysqlserver as $dbserver) { foreach ($current_allowed_mysqlserver as $dbserver) {
// require privileged access for target db-server // require privileged access for target db-server
Database::needRoot(true, $dbserver, true); Database::needRoot(true, $dbserver, false);
// get DbManager // get DbManager
$dbm = new DbManager(FroxlorLogger::getInstanceOf()); $dbm = new DbManager(FroxlorLogger::getInstanceOf());
foreach (array_map('trim', explode(',', Settings::Get('system.mysql_access_host'))) as $mysql_access_host) { foreach (array_map('trim', explode(',', Settings::Get('system.mysql_access_host'))) as $mysql_access_host) {

8
lib/Froxlor/Database/Database.php
View File

@@ -377,6 +377,14 @@ class Database
self::$link = null; self::$link = null;
} }
/**
* get the currently used database-server (relevant for root-connection)
*/
public static function getServer()
{
return self::$dbserver;
}
/** /**
* enable the temporary access to sql-access data * enable the temporary access to sql-access data
* note: if you want root-sqldata you need to * note: if you want root-sqldata you need to

10
lib/Froxlor/Database/Manager/DbManagerMySQL.php
View File

@@ -327,11 +327,17 @@ class DbManagerMySQL
*/ */
private function grantCreateToCustomerDbs(string $username, string $access_host) private function grantCreateToCustomerDbs(string $username, string $access_host)
{ {
// remember what (possible remote) db-server we're on
$currentDbServer = Database::getServer();
// use "unprivileged" connection
Database::needRoot();
$cus_stmt = Database::prepare("SELECT customerid FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE loginname = :username"); $cus_stmt = Database::prepare("SELECT customerid FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE loginname = :username");
$cust = Database::pexecute_first($cus_stmt, ['username' => $username]); $cust = Database::pexecute_first($cus_stmt, ['username' => $username]);
if ($cust) { if ($cust) {
$sel_stmt = Database::prepare("SELECT databasename FROM `" . TABLE_PANEL_DATABASES . "` WHERE `customerid` = :cid"); $sel_stmt = Database::prepare("SELECT databasename FROM `" . TABLE_PANEL_DATABASES . "` WHERE `customerid` = :cid AND `dbserver` = :dbserver");
Database::pexecute($sel_stmt, ['cid' => $cust['customerid']]); Database::pexecute($sel_stmt, ['cid' => $cust['customerid'], 'dbserver' => $currentDbServer]);
// reset to root-connection for used dbserver
Database::needRoot(true, $currentDbServer, false);
while ($dbdata = $sel_stmt->fetch(\PDO::FETCH_ASSOC)) { while ($dbdata = $sel_stmt->fetch(\PDO::FETCH_ASSOC)) {
$stmt = Database::prepare(" $stmt = Database::prepare("
GRANT ALL ON `" . $dbdata['databasename'] . "`.* TO :username@:host GRANT ALL ON `" . $dbdata['databasename'] . "`.* TO :username@:host