migrated correctMysqlUsers() function to new PDO database class, refs #1287
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
@@ -239,7 +239,8 @@ class Database {
|
||||
self::$_sqldata = array(
|
||||
'user' => $user,
|
||||
'passwd' => $password,
|
||||
'host' => $host
|
||||
'host' => $host,
|
||||
'db' => $sql["db"]
|
||||
);
|
||||
}
|
||||
|
||||
|
||||
@@ -17,75 +17,91 @@
|
||||
*
|
||||
*/
|
||||
|
||||
function correctMysqlUsers($mysql_access_host_array)
|
||||
{
|
||||
global $db, $settings, $sql, $sql_root, $theme;
|
||||
function correctMysqlUsers($mysql_access_host_array) {
|
||||
|
||||
foreach($sql_root as $mysql_server => $mysql_server_details)
|
||||
{
|
||||
$db_root = new db($mysql_server_details['host'], $mysql_server_details['user'], $mysql_server_details['password'], '');
|
||||
unset($mysql_server_details['password']);
|
||||
global $settings;
|
||||
|
||||
// get sql-root access data
|
||||
Database::needRoot(true);
|
||||
Database::needSqlData(true);
|
||||
$sql_root = Database::getSqlData();
|
||||
Database::needRoot(false);
|
||||
|
||||
foreach ($sql_root as $mysql_server => $mysql_server_details) {
|
||||
|
||||
Database::needRoot(true);
|
||||
|
||||
$users = array();
|
||||
$users_result = $db_root->query('SELECT * FROM `mysql`.`user`');
|
||||
$users_result_stmt = Database::query("SELECT * FROM `mysql`.`user`");
|
||||
|
||||
while($users_row = $db_root->fetch_array($users_result))
|
||||
{
|
||||
if(!isset($users[$users_row['User']])
|
||||
|| !is_array($users[$users_row['User']]))
|
||||
{
|
||||
while ($users_row = $users_result_stmt->fetch(PDO::FETCH_ASSOC)) {
|
||||
if (!isset($users[$users_row['User']])
|
||||
|| !is_array($users[$users_row['User']])
|
||||
) {
|
||||
$users[$users_row['User']] = array(
|
||||
'password' => $users_row['Password'],
|
||||
'hosts' => array()
|
||||
'password' => $users_row['Password'],
|
||||
'hosts' => array()
|
||||
);
|
||||
}
|
||||
|
||||
$users[$users_row['User']]['hosts'][] = $users_row['Host'];
|
||||
}
|
||||
|
||||
$databases = array(
|
||||
$sql['db']
|
||||
$sql_root['db']
|
||||
);
|
||||
$databases_result = $db->query('SELECT * FROM `' . TABLE_PANEL_DATABASES . '` WHERE `dbserver` = \'' . $mysql_server . '\'');
|
||||
$databases_result_stmt = Database::prepare("
|
||||
SELECT * FROM `" . TABLE_PANEL_DATABASES . "`
|
||||
WHERE `dbserver` = :mysqlserver
|
||||
");
|
||||
Database::pexecute($databases_result_stmt, array('mysqlserver' => $mysql_server));
|
||||
|
||||
while($databases_row = $db->fetch_array($databases_result))
|
||||
{
|
||||
while ($databases_row = $databases_result_stmt->fetch(PDO::FETCH_ASSOC)) {
|
||||
$databases[] = $databases_row['databasename'];
|
||||
}
|
||||
|
||||
foreach($databases as $username)
|
||||
{
|
||||
if(isset($users[$username])
|
||||
&& is_array($users[$username])
|
||||
&& isset($users[$username]['hosts'])
|
||||
&& is_array($users[$username]['hosts']))
|
||||
{
|
||||
foreach ($databases as $username) {
|
||||
|
||||
if (isset($users[$username])
|
||||
&& is_array($users[$username])
|
||||
&& isset($users[$username]['hosts'])
|
||||
&& is_array($users[$username]['hosts'])
|
||||
) {
|
||||
|
||||
$password = $users[$username]['password'];
|
||||
foreach($mysql_access_host_array as $mysql_access_host)
|
||||
{
|
||||
|
||||
foreach ($mysql_access_host_array as $mysql_access_host) {
|
||||
|
||||
$mysql_access_host = trim($mysql_access_host);
|
||||
|
||||
if(!in_array($mysql_access_host, $users[$username]['hosts']))
|
||||
{
|
||||
$db_root->query('GRANT ALL PRIVILEGES ON `' . str_replace('_', '\_', $db_root->escape($username)) . '`.* TO `' . $db_root->escape($username) . '`@`' . $db_root->escape($mysql_access_host) . '` IDENTIFIED BY \'password\'');
|
||||
$db_root->query('SET PASSWORD FOR `' . $db_root->escape($username) . '`@`' . $db_root->escape($mysql_access_host) . '` = \'' . $db_root->escape($password) . '\'');
|
||||
if (!in_array($mysql_access_host, $users[$username]['hosts'])) {
|
||||
$stmt = Database::prepare("GRANT ALL PRIVILEGES ON `" . $username . "`.*
|
||||
TO :username@:host
|
||||
IDENTIFIED BY 'password'"
|
||||
);
|
||||
Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host));
|
||||
$stmt = Database::prepare("SET PASSWORD FOR :username@:host = :password");
|
||||
Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host, "password" => $password));
|
||||
}
|
||||
}
|
||||
|
||||
foreach($users[$username]['hosts'] as $mysql_access_host)
|
||||
{
|
||||
if(!in_array($mysql_access_host, $mysql_access_host_array))
|
||||
{
|
||||
$db_root->query('REVOKE ALL PRIVILEGES ON * . * FROM `' . $db_root->escape($username) . '`@`' . $db_root->escape($mysql_access_host) . '`');
|
||||
$db_root->query('REVOKE ALL PRIVILEGES ON `' . str_replace('_', '\_', $db_root->escape($username)) . '` . * FROM `' . $db_root->escape($username) . '`@`' . $db_root->escape($mysql_access_host) . '`');
|
||||
$db_root->query('DELETE FROM `mysql`.`user` WHERE `User` = "' . $db_root->escape($username) . '" AND `Host` = "' . $db_root->escape($mysql_access_host) . '"');
|
||||
foreach ($users[$username]['hosts'] as $mysql_access_host) {
|
||||
|
||||
if (!in_array($mysql_access_host, $mysql_access_host_array)) {
|
||||
|
||||
if (Database::getAttribute(PDO::ATTR_SERVER_VERSION) < '5.0.2') {
|
||||
// Revoke privileges (only required for MySQL 4.1.2 - 5.0.1)
|
||||
$stmt = Database::prepare("REVOKE ALL PRIVILEGES ON * . * FROM `". $username . "`@`".$mysql_access_host."`");
|
||||
Database::pexecute($stmt);
|
||||
}
|
||||
// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
|
||||
$stmt = Database::prepare("DROP USER :username@:host");
|
||||
Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host));
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$db_root->query('FLUSH PRIVILEGES');
|
||||
$db_root->close();
|
||||
unset($db_root);
|
||||
Database::query('FLUSH PRIVILEGES');
|
||||
Database::needRoot(false);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user