fix correctMysqlUsers() function for new pdo-class, also created new wrapper for dbms-specific queries to possibly give the freedom to use anything else but MySQL (no promises so far)

Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>

lib/functions/database/function.correctMysqlUsers.php

@@ -27,24 +27,17 @@ function correctMysqlUsers($mysql_access_host_array) {
 	$sql_root = Database::getSqlData();
 	Database::needRoot(false);
 
-	foreach ($sql_root as $mysql_server => $mysql_server_details) {
+	$dbservers_stmt = Database::query("SELECT DISTINCT `dbserver` FROM `".TABLE_PANEL_DATABASES."`");
+	$mysql_servers = '';
 
-		Database::needRoot(true);
+	while ($dbserver = $dbservers_stmt->fetch(PDO::FETCH_ASSOC)) {
 
-		$users = array();
-		$users_result_stmt = Database::query("SELECT * FROM `mysql`.`user`");
+		Database::needRoot(true, $dbserver['dbserver']);
+		Database::needSqlData();
+		$sql_root = Database::getSqlData();
 
-		while ($users_row = $users_result_stmt->fetch(PDO::FETCH_ASSOC)) {
-			if (!isset($users[$users_row['User']])
-					|| !is_array($users[$users_row['User']])
-			) {
-				$users[$users_row['User']] = array(
-						'password' => $users_row['Password'],
-						'hosts' => array()
-				);
-			}
-			$users[$users_row['User']]['hosts'][] = $users_row['Host'];
-		}
+		$dbm = new DbManager($settings);
+		$users = $dbm->getManager()->getAllSqlUsers(false);
 
 		$databases = array(
 				$sql_root['db']
@@ -53,7 +46,7 @@ function correctMysqlUsers($mysql_access_host_array) {
 			SELECT * FROM `" . TABLE_PANEL_DATABASES . "`
 			WHERE `dbserver` = :mysqlserver
 		");
-		Database::pexecute($databases_result_stmt, array('mysqlserver' => $mysql_server));
+		Database::pexecute($databases_result_stmt, array('mysqlserver' => $dbserver['dbserver']));
 
 		while ($databases_row = $databases_result_stmt->fetch(PDO::FETCH_ASSOC)) {
 			$databases[] = $databases_row['databasename'];
@@ -74,34 +67,20 @@ function correctMysqlUsers($mysql_access_host_array) {
 					$mysql_access_host = trim($mysql_access_host);
 
 					if (!in_array($mysql_access_host, $users[$username]['hosts'])) {
-						$stmt = Database::prepare("GRANT ALL PRIVILEGES ON `" . $username . "`.*
-							TO :username@:host
-							IDENTIFIED BY 'password'"
-						);
-						Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host));
-						$stmt = Database::prepare("SET PASSWORD FOR :username@:host = :password");
-						Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host, "password" => $password));
+						$dbm->getManager()->grantPrivilegesTo($username, $password, $mysql_access_host);
 					}
 				}
 
 				foreach ($users[$username]['hosts'] as $mysql_access_host) {
 
 					if (!in_array($mysql_access_host, $mysql_access_host_array)) {
-
-						if (Database::getAttribute(PDO::ATTR_SERVER_VERSION) < '5.0.2') {
-							// Revoke privileges (only required for MySQL 4.1.2 - 5.0.1)
-							$stmt = Database::prepare("REVOKE ALL PRIVILEGES ON * . * FROM `". $username . "`@`".$mysql_access_host."`");
-							Database::pexecute($stmt);
-						}
-						// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
-						$stmt = Database::prepare("DROP USER :username@:host");
-						Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host));
+						$dbm->getManager()->deleteUser($username, $mysql_access_host);
 					}
 				}
 			}
 		}
 
-		Database::query('FLUSH PRIVILEGES');
+		$dbm->flushPrivileges();
 		Database::needRoot(false);
 	}
 }