~automne-team/automne/trunk

$strPrivDescSuper = __('Allows connecting, even if maximum number of connections is reached; required for most administrative operations like setting global variables or killing threads of other users.');

$strPrivDescTrigger = __('Allows creating and dropping triggers');

$strPrivDescUpdate = __('Allows changing data.');

$strPrivDescUsage = __('No privileges.');

/**

* Checks if a dropdown box has been used for selecting a database / table

116

require './libraries/server_links.inc.php';

117

echo '<h2>' . "\n"

118

. PMA_getIcon('b_usrlist.png')

. $GLOBALS['strPrivileges'] . "\n"

119

. __('Privileges') . "\n"

120

. '</h2>' . "\n";

PMA_Message::error('strNoPrivileges')->display();

require_once './libraries/footer.inc.php';

121

PMA_Message::error(__('No Privileges'))->display();

122

require './libraries/footer.inc.php';

123

}

124

125

$random_n = mt_rand(0,1000000); // a random number that will be appended to the id of the user forms

126

127

/**

128

* Escapes wildcard in a database+table specification

129

* before using it in a GRANT statement.

117

166

// strtolower() is used because the User field

118

167

// might be BINARY, so LIKE would be case sensitive

119

168

if (!empty($initial)) {

120

$ret = " WHERE `User` LIKE '" . $initial . "%'"

121

. " OR `User` LIKE '" . strtolower($initial) . "%'";

169

$ret = " WHERE `User` LIKE '" . PMA_sqlAddslashes($initial) . "%'"

170

. " OR `User` LIKE '" . PMA_sqlAddslashes(strtolower($initial)) . "%'";

122

171

} else {

123

172

$ret = '';

124

173

}

131

180

* @param array $row the row

132

181

* @param boolean $enableHTML add <dfn> tag with tooltips

133

182

134

* @global ressource $user_link the database connection

183

* @global resource $user_link the database connection

135

184

136

185

* @return array

137

186

138

187

function PMA_extractPrivInfo($row = '', $enableHTML = FALSE)

139

188

{

140

189

$grants = array(

141

array('Select_priv', 'SELECT', $GLOBALS['strPrivDescSelect']),

142

array('Insert_priv', 'INSERT', $GLOBALS['strPrivDescInsert']),

143

array('Update_priv', 'UPDATE', $GLOBALS['strPrivDescUpdate']),

144

array('Delete_priv', 'DELETE', $GLOBALS['strPrivDescDelete']),

145

array('Create_priv', 'CREATE', $GLOBALS['strPrivDescCreateDb']),

146

array('Drop_priv', 'DROP', $GLOBALS['strPrivDescDropDb']),

147

array('Reload_priv', 'RELOAD', $GLOBALS['strPrivDescReload']),

148

array('Shutdown_priv', 'SHUTDOWN', $GLOBALS['strPrivDescShutdown']),

149

array('Process_priv', 'PROCESS', $GLOBALS['strPrivDescProcess']),

150

array('File_priv', 'FILE', $GLOBALS['strPrivDescFile']),

151

array('References_priv', 'REFERENCES', $GLOBALS['strPrivDescReferences']),

152

array('Index_priv', 'INDEX', $GLOBALS['strPrivDescIndex']),

153

array('Alter_priv', 'ALTER', $GLOBALS['strPrivDescAlter']),

154

array('Show_db_priv', 'SHOW DATABASES', $GLOBALS['strPrivDescShowDb']),

155

array('Super_priv', 'SUPER', $GLOBALS['strPrivDescSuper']),

156

array('Create_tmp_table_priv', 'CREATE TEMPORARY TABLES', $GLOBALS['strPrivDescCreateTmpTable']),

157

array('Lock_tables_priv', 'LOCK TABLES', $GLOBALS['strPrivDescLockTables']),

158

array('Repl_slave_priv', 'REPLICATION SLAVE', $GLOBALS['strPrivDescReplSlave']),

159

array('Repl_client_priv', 'REPLICATION CLIENT', $GLOBALS['strPrivDescReplClient']),

160

array('Create_view_priv', 'CREATE VIEW', $GLOBALS['strPrivDescCreateView']),

161

array('Event_priv', 'EVENT', $GLOBALS['strPrivDescEvent']),

162

array('Trigger_priv', 'TRIGGER', $GLOBALS['strPrivDescTrigger']),

163

// for table privs:

164

array('Create View_priv', 'CREATE VIEW', $GLOBALS['strPrivDescCreateView']),

165

array('Show_view_priv', 'SHOW VIEW', $GLOBALS['strPrivDescShowView']),

166

// for table privs:

167

array('Show view_priv', 'SHOW VIEW', $GLOBALS['strPrivDescShowView']),

168

array('Create_routine_priv', 'CREATE ROUTINE', $GLOBALS['strPrivDescCreateRoutine']),

169

array('Alter_routine_priv', 'ALTER ROUTINE', $GLOBALS['strPrivDescAlterRoutine']),

170

array('Create_user_priv', 'CREATE USER', $GLOBALS['strPrivDescCreateUser']),

171

array('Execute_priv', 'EXECUTE', $GLOBALS['strPrivDescExecute5']),

190

array('Select_priv', 'SELECT', __('Allows reading data.')),

191

array('Insert_priv', 'INSERT', __('Allows inserting and replacing data.')),

192

array('Update_priv', 'UPDATE', __('Allows changing data.')),

193

array('Delete_priv', 'DELETE', __('Allows deleting data.')),

194

array('Create_priv', 'CREATE', __('Allows creating new databases and tables.')),

195

array('Drop_priv', 'DROP', __('Allows dropping databases and tables.')),

196

array('Reload_priv', 'RELOAD', __('Allows reloading server settings and flushing the server\'s caches.')),

197

array('Shutdown_priv', 'SHUTDOWN', __('Allows shutting down the server.')),

198

array('Process_priv', 'PROCESS', __('Allows viewing processes of all users')),

199

array('File_priv', 'FILE', __('Allows importing data from and exporting data into files.')),

200

array('References_priv', 'REFERENCES', __('Has no effect in this MySQL version.')),

201

array('Index_priv', 'INDEX', __('Allows creating and dropping indexes.')),

202

array('Alter_priv', 'ALTER', __('Allows altering the structure of existing tables.')),

203

array('Show_db_priv', 'SHOW DATABASES', __('Gives access to the complete list of databases.')),

204

array('Super_priv', 'SUPER', __('Allows connecting, even if maximum number of connections is reached; required for most administrative operations like setting global variables or killing threads of other users.')),

205

array('Create_tmp_table_priv', 'CREATE TEMPORARY TABLES', __('Allows creating temporary tables.')),

206

array('Lock_tables_priv', 'LOCK TABLES', __('Allows locking tables for the current thread.')),

207

array('Repl_slave_priv', 'REPLICATION SLAVE', __('Needed for the replication slaves.')),

208

array('Repl_client_priv', 'REPLICATION CLIENT', __('Allows the user to ask where the slaves / masters are.')),

209

array('Create_view_priv', 'CREATE VIEW', __('Allows creating new views.')),

210

array('Event_priv', 'EVENT', __('Allows to set up events for the event scheduler')),

211

array('Trigger_priv', 'TRIGGER', __('Allows creating and dropping triggers')),

212

// for table privs:

213

array('Create View_priv', 'CREATE VIEW', __('Allows creating new views.')),

214

array('Show_view_priv', 'SHOW VIEW', __('Allows performing SHOW CREATE VIEW queries.')),

215

// for table privs:

216

array('Show view_priv', 'SHOW VIEW', __('Allows performing SHOW CREATE VIEW queries.')),

217

array('Create_routine_priv', 'CREATE ROUTINE', __('Allows creating stored routines.')),

218

array('Alter_routine_priv', 'ALTER ROUTINE', __('Allows altering and dropping stored routines.')),

219

array('Create_user_priv', 'CREATE USER', __('Allows creating, dropping and renaming user accounts.')),

220

array('Execute_priv', 'EXECUTE', __('Allows executing stored routines.')),

172

221

);

173

222

174

223

if (!empty($row) && isset($row['Table_priv'])) {

218

267

}

219

268

if (empty($privs)) {

220

269

if ($enableHTML) {

221

$privs[] = '<dfn title="' . $GLOBALS['strPrivDescUsage'] . '">USAGE</dfn>';

270

$privs[] = '<dfn title="' . __('No privileges.') . '">USAGE</dfn>';

222

271

} else {

223

272

$privs[] = 'USAGE';

224

273

}

225

274

} elseif ($allPrivileges && (!isset($GLOBALS['grant_count']) || count($privs) == $GLOBALS['grant_count'])) {

226

275

if ($enableHTML) {

227

$privs = array('<dfn title="' . $GLOBALS['strPrivDescAllPrivileges'] . '">ALL PRIVILEGES</dfn>');

276

$privs = array('<dfn title="' . __('Includes all privileges except GRANT.') . '">ALL PRIVILEGES</dfn>');

228

277

} else {

229

278

$privs = array('ALL PRIVILEGES');

230

279

}

255

304

}

256

305

257

306

echo ' </select>' . "\n"

258

. ' <i>' . $GLOBALS['strOr'] . '</i>' . "\n"

307

. ' <i>' . __('Or') . '</i>' . "\n"

259

308

. ' <label for="checkbox_' . $name_for_select

260

309

. '_none"><input type="checkbox"'

261

310

. (empty($GLOBALS['checkall']) ? '' : ' checked="checked"')

262

311

. ' name="' . $name_for_select . '_none" id="checkbox_'

263

. $name_for_select . '_none" title="' . $GLOBALS['strNone'] . '" />'

264

. $GLOBALS['strNone'] . '</label>' . "\n"

312

. $name_for_select . '_none" title="' . _pgettext('None privileges', 'None') . '" />'

313

. _pgettext('None privileges', 'None') . '</label>' . "\n"

265

314

. ' </div>' . "\n";

266

315

} // end function

267

316

279

328

280

329

function PMA_displayPrivTable($db = '*', $table = '*', $submit = TRUE)

281

330

{

331

global $random_n;

332

282

333

if ($db == '*') {

283

334

$table = '*';

284

335

}

389

440

echo '<input type="hidden" name="grant_count" value="' . count($row) . '" />' . "\n"

390

441

. '<input type="hidden" name="column_count" value="' . count($columns) . '" />' . "\n"

391

442

. '<fieldset id="fieldset_user_priv">' . "\n"

392

. ' <legend>' . $GLOBALS['strTblPrivileges']

393

. PMA_showHint($GLOBALS['strEnglishPrivileges'])

443

. ' <legend>' . __('Table-specific privileges')

444

. PMA_showHint(__(' Note: MySQL privilege names are expressed in English '))

394

445

. '</legend>' . "\n";

395

446

396

447

397

448

398

449

// privs that are attached to a specific column

399

450

PMA_display_column_privs($columns, $row, 'Select_priv',

400

'SELECT', 'select', $GLOBALS['strPrivDescSelect'], 'Select');

451

'SELECT', 'select', __('Allows reading data.'), 'Select');

401

452

402

453

PMA_display_column_privs($columns, $row, 'Insert_priv',

403

'INSERT', 'insert', $GLOBALS['strPrivDescInsert'], 'Insert');

454

'INSERT', 'insert', __('Allows inserting and replacing data.'), 'Insert');

404

455

405

456

PMA_display_column_privs($columns, $row, 'Update_priv',

406

'UPDATE', 'update', $GLOBALS['strPrivDescUpdate'], 'Update');

457

'UPDATE', 'update', __('Allows changing data.'), 'Update');

407

458

408

459

PMA_display_column_privs($columns, $row, 'References_priv',

409

'REFERENCES', 'references', $GLOBALS['strPrivDescReferences'], 'References');

460

'REFERENCES', 'references', __('Has no effect in this MySQL version.'), 'References');

410

461

411

462

// privs that are not attached to a specific column

412

463

459

510

460

511

// g l o b a l o r d b - s p e c i f i c

461

512

513

$privTable_names = array(0 => __('Data'), 1 => __('Structure'), 2 => __('Administration'));

514

462

515

// d a t a

463

516

$privTable[0] = array(

464

array('Select', 'SELECT', $GLOBALS['strPrivDescSelect']),

465

array('Insert', 'INSERT', $GLOBALS['strPrivDescInsert']),

466

array('Update', 'UPDATE', $GLOBALS['strPrivDescUpdate']),

467

array('Delete', 'DELETE', $GLOBALS['strPrivDescDelete'])

517

array('Select', 'SELECT', __('Allows reading data.')),

518

array('Insert', 'INSERT', __('Allows inserting and replacing data.')),

519

array('Update', 'UPDATE', __('Allows changing data.')),

520

array('Delete', 'DELETE', __('Allows deleting data.'))

468

521

);

469

522

if ($db == '*') {

470

$privTable[0][] = array('File', 'FILE', $GLOBALS['strPrivDescFile']);

523

$privTable[0][] = array('File', 'FILE', __('Allows importing data from and exporting data into files.'));

471

524

}

472

525

473

526

// s t r u c t u r e

474

527

$privTable[1] = array(

475

array('Create', 'CREATE', ($table == '*' ? $GLOBALS['strPrivDescCreateDb'] : $GLOBALS['strPrivDescCreateTbl'])),

476

array('Alter', 'ALTER', $GLOBALS['strPrivDescAlter']),

477

array('Index', 'INDEX', $GLOBALS['strPrivDescIndex']),

478

array('Drop', 'DROP', ($table == '*' ? $GLOBALS['strPrivDescDropDb'] : $GLOBALS['strPrivDescDropTbl'])),

479

array('Create_tmp_table', 'CREATE TEMPORARY TABLES', $GLOBALS['strPrivDescCreateTmpTable']),

480

array('Show_view', 'SHOW VIEW', $GLOBALS['strPrivDescShowView']),

481

array('Create_routine', 'CREATE ROUTINE', $GLOBALS['strPrivDescCreateRoutine']),

482

array('Alter_routine', 'ALTER ROUTINE', $GLOBALS['strPrivDescAlterRoutine']),

483

array('Execute', 'EXECUTE', $GLOBALS['strPrivDescExecute5']),

528

array('Create', 'CREATE', ($table == '*' ? __('Allows creating new databases and tables.') : __('Allows creating new tables.'))),

529

array('Alter', 'ALTER', __('Allows altering the structure of existing tables.')),

530

array('Index', 'INDEX', __('Allows creating and dropping indexes.')),

531

array('Drop', 'DROP', ($table == '*' ? __('Allows dropping databases and tables.') : __('Allows dropping tables.'))),

532

array('Create_tmp_table', 'CREATE TEMPORARY TABLES', __('Allows creating temporary tables.')),

533

array('Show_view', 'SHOW VIEW', __('Allows performing SHOW CREATE VIEW queries.')),

534

array('Create_routine', 'CREATE ROUTINE', __('Allows creating stored routines.')),

535

array('Alter_routine', 'ALTER ROUTINE', __('Allows altering and dropping stored routines.')),

536

array('Execute', 'EXECUTE', __('Allows executing stored routines.')),

484

537

);

485

538

// this one is for a db-specific priv: Create_view_priv

486

539

if (isset($row['Create_view_priv'])) {

487

$privTable[1][] = array('Create_view', 'CREATE VIEW', $GLOBALS['strPrivDescCreateView']);

540

$privTable[1][] = array('Create_view', 'CREATE VIEW', __('Allows creating new views.'));

488

541

}

489

542

// this one is for a table-specific priv: Create View_priv

490

543

if (isset($row['Create View_priv'])) {

491

$privTable[1][] = array('Create View', 'CREATE VIEW', $GLOBALS['strPrivDescCreateView']);

544

$privTable[1][] = array('Create View', 'CREATE VIEW', __('Allows creating new views.'));

492

545

}

493

546

if (isset($row['Event_priv'])) {

494

547

// MySQL 5.1.6

495

$privTable[1][] = array('Event', 'EVENT', $GLOBALS['strPrivDescEvent']);

496

$privTable[1][] = array('Trigger', 'TRIGGER', $GLOBALS['strPrivDescTrigger']);

548

$privTable[1][] = array('Event', 'EVENT', __('Allows to set up events for the event scheduler'));

549

$privTable[1][] = array('Trigger', 'TRIGGER', __('Allows creating and dropping triggers'));

497

550

}

498

551

499

552

// a d m i n i s t r a t i o n

500

553

$privTable[2] = array(

501

array('Grant', 'GRANT', $GLOBALS['strPrivDescGrant']),

554

array('Grant', 'GRANT', __('Allows adding users and privileges without reloading the privilege tables.')),

502

555

);

503

556

if ($db == '*') {

504

$privTable[2][] = array('Super', 'SUPER', $GLOBALS['strPrivDescSuper']);

505

$privTable[2][] = array('Process', 'PROCESS', $GLOBALS['strPrivDescProcess']);

506

$privTable[2][] = array('Reload', 'RELOAD', $GLOBALS['strPrivDescReload']);

507

$privTable[2][] = array('Shutdown', 'SHUTDOWN', $GLOBALS['strPrivDescShutdown']);

508

$privTable[2][] = array('Show_db', 'SHOW DATABASES', $GLOBALS['strPrivDescShowDb']);

557

$privTable[2][] = array('Super', 'SUPER', __('Allows connecting, even if maximum number of connections is reached; required for most administrative operations like setting global variables or killing threads of other users.'));

558

$privTable[2][] = array('Process', 'PROCESS', __('Allows viewing processes of all users'));

559

$privTable[2][] = array('Reload', 'RELOAD', __('Allows reloading server settings and flushing the server\'s caches.'));

560

$privTable[2][] = array('Shutdown', 'SHUTDOWN', __('Allows shutting down the server.'));

561

$privTable[2][] = array('Show_db', 'SHOW DATABASES', __('Gives access to the complete list of databases.'));

509

562

}

510

$privTable[2][] = array('Lock_tables', 'LOCK TABLES', $GLOBALS['strPrivDescLockTables']);

511

$privTable[2][] = array('References', 'REFERENCES', $GLOBALS['strPrivDescReferences']);

563

$privTable[2][] = array('Lock_tables', 'LOCK TABLES', __('Allows locking tables for the current thread.'));

564

$privTable[2][] = array('References', 'REFERENCES', __('Has no effect in this MySQL version.'));

512

565

if ($db == '*') {

513

$privTable[2][] = array('Repl_client', 'REPLICATION CLIENT', $GLOBALS['strPrivDescReplClient']);

514

$privTable[2][] = array('Repl_slave', 'REPLICATION SLAVE', $GLOBALS['strPrivDescReplSlave']);

515

$privTable[2][] = array('Create_user', 'CREATE USER', $GLOBALS['strPrivDescCreateUser']);

566

$privTable[2][] = array('Repl_client', 'REPLICATION CLIENT', __('Allows the user to ask where the slaves / masters are.'));

567

$privTable[2][] = array('Repl_slave', 'REPLICATION SLAVE', __('Needed for the replication slaves.'));

568

$privTable[2][] = array('Create_user', 'CREATE USER', __('Allows creating, dropping and renaming user accounts.'));

516

569

}

517

570

echo '<input type="hidden" name="grant_count" value="'

518

571

. (count($privTable[0]) + count($privTable[1]) + count($privTable[2]) - (isset($row['Grant_priv']) ? 1 : 0))

521

574

. ' <legend>' . "\n"

522

575

. ' '

523

576

. ($db == '*'

524

? $GLOBALS['strGlobalPrivileges']

577

? __('Global privileges')

525

578

: ($table == '*'

526

? $GLOBALS['strDbPrivileges']

527

: $GLOBALS['strTblPrivileges'])) . "\n"

579

? __('Database-specific privileges')

580

: __('Table-specific privileges'))) . "\n"

528

581

. ' (<a href="server_privileges.php?'

529

. $GLOBALS['url_query'] . '&checkall=1" onclick="setCheckboxes(\'usersForm\', true); return false;">'

530

. $GLOBALS['strCheckAll'] . '</a> /' . "\n"

582

. $GLOBALS['url_query'] . '&checkall=1" onclick="setCheckboxes(\'addUsersForm_' . $random_n . '\', true); return false;">'

583

. __('Check All') . '</a> /' . "\n"

531

584

. ' <a href="server_privileges.php?'

532

. $GLOBALS['url_query'] . '" onclick="setCheckboxes(\'usersForm\', false); return false;">'

533

. $GLOBALS['strUncheckAll'] . '</a>)' . "\n"

585

. $GLOBALS['url_query'] . '" onclick="setCheckboxes(\'addUsersForm_' . $random_n . '\', false); return false;">'

586

. __('Uncheck All') . '</a>)' . "\n"

534

587

. ' </legend>' . "\n"

535

. ' <p><small><i>' . $GLOBALS['strEnglishPrivileges'] . '</i></small></p>' . "\n"

536

. ' <fieldset>' . "\n"

537

. ' <legend>' . $GLOBALS['strData'] . '</legend>' . "\n";

538

foreach ($privTable[0] as $priv)

539

{

540

echo ' <div class="item">' . "\n"

541

. ' <input type="checkbox"'

542

. (empty($GLOBALS['checkall']) ? '' : ' checked="checked"')

543

. ' name="' . $priv[0] . '_priv" id="checkbox_' . $priv[0]

544

. '_priv" value="Y" '

545

. ($row[$priv[0] . '_priv'] == 'Y' ? 'checked="checked" ' : '')

546

. 'title="' . $priv[2] . '"/>' . "\n"

547

. ' <label for="checkbox_' . $priv[0]

548

. '_priv"><tt><dfn title="' . $priv[2] . '">' . $priv[1]

549

. '</dfn></tt></label>' . "\n"

550

. ' </div>' . "\n";

551

}

552

echo ' </fieldset>' . "\n"

553

. ' <fieldset>' . "\n"

554

. ' <legend>' . $GLOBALS['strStructure'] . '</legend>' . "\n";

555

foreach ($privTable[1] as $priv)

556

{

557

echo ' <div class="item">' . "\n"

558

. ' <input type="checkbox"'

559

. (empty($GLOBALS['checkall']) ? '' : ' checked="checked"')

560

. ' name="' . $priv[0] . '_priv" id="checkbox_' . $priv[0]

561

. '_priv" value="Y" '

562

. ($row[$priv[0] . '_priv'] == 'Y' ? 'checked="checked" ' : '')

563

. 'title="' . $priv[2] . '"/>' . "\n"

564

. ' <label for="checkbox_' . $priv[0]

565

. '_priv"><tt><dfn title="' . $priv[2] . '">' . $priv[1]

566

. '</dfn></tt></label>' . "\n"

567

. ' </div>' . "\n";

568

}

569

echo ' </fieldset>' . "\n"

570

. ' <fieldset>' . "\n"

571

. ' <legend>' . $GLOBALS['strAdministration'] . '</legend>' . "\n";

572

foreach ($privTable[2] as $priv)

573

{

574

echo ' <div class="item">' . "\n"

575

. ' <input type="checkbox"'

576

. (empty($GLOBALS['checkall']) ? '' : ' checked="checked"')

577

. ' name="' . $priv[0] . '_priv" id="checkbox_' . $priv[0]

578

. '_priv" value="Y" '

579

. ($row[$priv[0] . '_priv'] == 'Y' ? 'checked="checked" ' : '')

580

. 'title="' . $priv[2] . '"/>' . "\n"

581

. ' <label for="checkbox_' . $priv[0]

582

. '_priv"><tt><dfn title="' . $priv[2] . '">' . $priv[1]

583

. '</dfn></tt></label>' . "\n"

584

. ' </div>' . "\n";

585

}

586

587

echo ' </fieldset>' . "\n";

588

. ' <p><small><i>' . __(' Note: MySQL privilege names are expressed in English ') . '</i></small></p>' . "\n";

589

590

// Output the Global privilege tables with checkboxes

591

foreach($privTable as $i => $table) {

592

echo ' <fieldset>' . "\n"

593

. ' <legend>' . __($privTable_names[$i]) . '</legend>' . "\n";

594

foreach ($table as $priv)

595

{

596

echo ' <div class="item">' . "\n"

597

. ' <input type="checkbox"'

598

. ' name="' . $priv[0] . '_priv" id="checkbox_' . $priv[0] . '_priv"'

599

. ' value="Y" title="' . $priv[2] . '"'

600

. ((!empty($GLOBALS['checkall']) || $row[$priv[0] . '_priv'] == 'Y') ? ' checked="checked"' : '')

601

. '/>' . "\n"

602

. ' <label for="checkbox_' . $priv[0] . '_priv"><tt><dfn title="' . $priv[2] . '">'

603

. $priv[1] . '</dfn></tt></label>' . "\n"

604

. ' </div>' . "\n";

605

}

606

echo ' </fieldset>' . "\n";

607

}

608

588

609

// The "Resource limits" box is not displayed for db-specific privs

589

610

if ($db == '*') {

590

611

echo ' <fieldset>' . "\n"

591

. ' <legend>' . $GLOBALS['strResourceLimits'] . '</legend>' . "\n"

592

. ' <p><small><i>' . $GLOBALS['strZeroRemovesTheLimit'] . '</i></small></p>' . "\n"

612

. ' <legend>' . __('Resource limits') . '</legend>' . "\n"

613

. ' <p><small><i>' . __('Note: Setting these options to 0 (zero) removes the limit.') . '</i></small></p>' . "\n"

593

614

. ' <div class="item">' . "\n"

594

615

. ' <label for="text_max_questions"><tt><dfn title="'

595

. $GLOBALS['strPrivDescMaxQuestions'] . '">MAX QUERIES PER HOUR</dfn></tt></label>' . "\n"

616

. __('Limits the number of queries the user may send to the server per hour.') . '">MAX QUERIES PER HOUR</dfn></tt></label>' . "\n"

596

617

. ' <input type="text" name="max_questions" id="text_max_questions" value="'

597

. $row['max_questions'] . '" size="11" maxlength="11" title="' . $GLOBALS['strPrivDescMaxQuestions'] . '" />' . "\n"

618

. $row['max_questions'] . '" size="11" maxlength="11" title="' . __('Limits the number of queries the user may send to the server per hour.') . '" />' . "\n"

598

619

. ' </div>' . "\n"

599

620

. ' <div class="item">' . "\n"

600

621

. ' <label for="text_max_updates"><tt><dfn title="'

601

. $GLOBALS['strPrivDescMaxUpdates'] . '">MAX UPDATES PER HOUR</dfn></tt></label>' . "\n"

622

. __('Limits the number of commands that change any table or database the user may execute per hour.') . '">MAX UPDATES PER HOUR</dfn></tt></label>' . "\n"

602

623

. ' <input type="text" name="max_updates" id="text_max_updates" value="'

603

. $row['max_updates'] . '" size="11" maxlength="11" title="' . $GLOBALS['strPrivDescMaxUpdates'] . '" />' . "\n"

624

. $row['max_updates'] . '" size="11" maxlength="11" title="' . __('Limits the number of commands that change any table or database the user may execute per hour.') . '" />' . "\n"

604

625

. ' </div>' . "\n"

605

626

. ' <div class="item">' . "\n"

606

627

. ' <label for="text_max_connections"><tt><dfn title="'

607

. $GLOBALS['strPrivDescMaxConnections'] . '">MAX CONNECTIONS PER HOUR</dfn></tt></label>' . "\n"

628

. __('Limits the number of new connections the user may open per hour.') . '">MAX CONNECTIONS PER HOUR</dfn></tt></label>' . "\n"

608

629

. ' <input type="text" name="max_connections" id="text_max_connections" value="'

609

. $row['max_connections'] . '" size="11" maxlength="11" title="' . $GLOBALS['strPrivDescMaxConnections'] . '" />' . "\n"

630

. $row['max_connections'] . '" size="11" maxlength="11" title="' . __('Limits the number of new connections the user may open per hour.') . '" />' . "\n"

610

631

. ' </div>' . "\n"

611

632

. ' <div class="item">' . "\n"

612

633

. ' <label for="text_max_user_connections"><tt><dfn title="'

613

. $GLOBALS['strPrivDescMaxUserConnections'] . '">MAX USER_CONNECTIONS</dfn></tt></label>' . "\n"

634

. __('Limits the number of simultaneous connections the user may have.') . '">MAX USER_CONNECTIONS</dfn></tt></label>' . "\n"

614

635

. ' <input type="text" name="max_user_connections" id="text_max_user_connections" value="'

615

. $row['max_user_connections'] . '" size="11" maxlength="11" title="' . $GLOBALS['strPrivDescMaxUserConnections'] . '" />' . "\n"

636

. $row['max_user_connections'] . '" size="11" maxlength="11" title="' . __('Limits the number of simultaneous connections the user may have.') . '" />' . "\n"

616

637

. ' </div>' . "\n"

617

638

. ' </fieldset>' . "\n";

618

639

}

622

643

echo '</fieldset>' . "\n";

623

644

if ($submit) {

624

645

echo '<fieldset id="fieldset_user_privtable_footer" class="tblFooters">' . "\n"

625

. ' <input type="submit" name="update_privs" value="' . $GLOBALS['strGo'] . '" />' . "\n"

646

. ' <input type="submit" name="update_privs" value="' . __('Go') . '" />' . "\n"

626

647

. '</fieldset>' . "\n";

627

648

}

628

649

} // end of the 'PMA_displayPrivTable()' function

666

687

$GLOBALS['pred_username'] = 'any';

667

688

}

668

689

echo '<fieldset id="fieldset_add_user_login">' . "\n"

669

. '<legend>' . $GLOBALS['strLoginInformation'] . '</legend>' . "\n"

690

. '<legend>' . __('Login Information') . '</legend>' . "\n"

670

691

. '<div class="item">' . "\n"

671

692

. '<label for="select_pred_username">' . "\n"

672

. ' ' . $GLOBALS['strUserName'] . ':' . "\n"

693

. ' ' . __('User name') . ':' . "\n"

673

694

. '</label>' . "\n"

674

695

. '<span class="options">' . "\n"

675

. ' <select name="pred_username" id="select_pred_username" title="' . $GLOBALS['strUserName'] . '"' . "\n"

696

. ' <select name="pred_username" id="select_pred_username" title="' . __('User name') . '"' . "\n"

676

697

. ' onchange="if (this.value == \'any\') { username.value = \'\'; } else if (this.value == \'userdefined\') { username.focus(); username.select(); }">' . "\n"

677

. ' <option value="any"' . ((isset($GLOBALS['pred_username']) && $GLOBALS['pred_username'] == 'any') ? ' selected="selected"' : '') . '>' . $GLOBALS['strAnyUser'] . '</option>' . "\n"

678

. ' <option value="userdefined"' . ((!isset($GLOBALS['pred_username']) || $GLOBALS['pred_username'] == 'userdefined') ? ' selected="selected"' : '') . '>' . $GLOBALS['strUseTextField'] . ':</option>' . "\n"

698

. ' <option value="any"' . ((isset($GLOBALS['pred_username']) && $GLOBALS['pred_username'] == 'any') ? ' selected="selected"' : '') . '>' . __('Any user') . '</option>' . "\n"

699

. ' <option value="userdefined"' . ((!isset($GLOBALS['pred_username']) || $GLOBALS['pred_username'] == 'userdefined') ? ' selected="selected"' : '') . '>' . __('Use text field') . ':</option>' . "\n"

679

700

. ' </select>' . "\n"

680

701

. '</span>' . "\n"

681

702

. '<input type="text" name="username" maxlength="'

682

. $username_length . '" title="' . $GLOBALS['strUserName'] . '"'

703

. $username_length . '" title="' . __('User name') . '"'

683

704

. (empty($GLOBALS['username'])

684

705

? ''

685

706

: ' value="' . htmlspecialchars(isset($GLOBALS['new_username'])

689

710

. '</div>' . "\n"

690

711

. '<div class="item">' . "\n"

691

712

. '<label for="select_pred_hostname">' . "\n"

692

. ' ' . $GLOBALS['strHost'] . ':' . "\n"

713

. ' ' . __('Host') . ':' . "\n"

693

714

. '</label>' . "\n"

694

715

. '<span class="options">' . "\n"

695

. ' <select name="pred_hostname" id="select_pred_hostname" title="' . $GLOBALS['strHost'] . '"' . "\n";

716

. ' <select name="pred_hostname" id="select_pred_hostname" title="' . __('Host') . '"' . "\n";

696

717

$_current_user = PMA_DBI_fetch_value('SELECT USER();');

697

718

if (! empty($_current_user)) {

698

719

$thishost = str_replace("'", '', substr($_current_user, (strrpos($_current_user, '@') + 1)));

722

743

}

723

744

echo ' <option value="any"'

724

745

. ((isset($GLOBALS['pred_hostname']) && $GLOBALS['pred_hostname'] == 'any')

725

? ' selected="selected"' : '') . '>' . $GLOBALS['strAnyHost']

746

? ' selected="selected"' : '') . '>' . __('Any host')

726

747

. '</option>' . "\n"

727

748

. ' <option value="localhost"'

728

749

. ((isset($GLOBALS['pred_hostname']) && $GLOBALS['pred_hostname'] == 'localhost')

729

? ' selected="selected"' : '') . '>' . $GLOBALS['strLocalhost']

750

? ' selected="selected"' : '') . '>' . __('Local')

730

751

. '</option>' . "\n";

731

752

if (!empty($thishost)) {

732

753

echo ' <option value="thishost"'

733

754

. ((isset($GLOBALS['pred_hostname']) && $GLOBALS['pred_hostname'] == 'thishost')

734

? ' selected="selected"' : '') . '>' . $GLOBALS['strThisHost']

755

? ' selected="selected"' : '') . '>' . __('This Host')

735

756

. '</option>' . "\n";

736

757

}

737

758

unset($thishost);

738

759

echo ' <option value="hosttable"'

739

760

. ((isset($GLOBALS['pred_hostname']) && $GLOBALS['pred_hostname'] == 'hosttable')

740

? ' selected="selected"' : '') . '>' . $GLOBALS['strUseHostTable']

761

? ' selected="selected"' : '') . '>' . __('Use Host Table')

741

762

. '</option>' . "\n"

742

763

. ' <option value="userdefined"'

743

764

. ((isset($GLOBALS['pred_hostname']) && $GLOBALS['pred_hostname'] == 'userdefined')

744

765

? ' selected="selected"' : '')

745

. '>' . $GLOBALS['strUseTextField'] . ':</option>' . "\n"

766

. '>' . __('Use text field') . ':</option>' . "\n"

746

767

. ' </select>' . "\n"

747

768

. '</span>' . "\n"

748

769

. '<input type="text" name="hostname" maxlength="'

749

770

. $hostname_length . '" value="'

750

771

. htmlspecialchars(isset($GLOBALS['hostname']) ? $GLOBALS['hostname'] : '')

751

. '" title="' . $GLOBALS['strHost']

772

. '" title="' . __('Host')

752

773

. '" onchange="pred_hostname.value = \'userdefined\';" />' . "\n"

753

. PMA_showHint($GLOBALS['strHostTableExplanation'])

774

. PMA_showHint(__('When Host table is used, this field is ignored and values stored in Host table are used instead.'))

754

775

. '</div>' . "\n"

755

776

. '<div class="item">' . "\n"

756

777

. '<label for="select_pred_password">' . "\n"

757

. ' ' . $GLOBALS['strPassword'] . ':' . "\n"

778

. ' ' . __('Password') . ':' . "\n"

758

779

. '</label>' . "\n"

759

780

. '<span class="options">' . "\n"

760

781

. ' <select name="pred_password" id="select_pred_password" title="'

761

. $GLOBALS['strPassword'] . '"' . "\n"

782

. __('Password') . '"' . "\n"

762

783

. ' onchange="if (this.value == \'none\') { pma_pw.value = \'\'; pma_pw2.value = \'\'; } else if (this.value == \'userdefined\') { pma_pw.focus(); pma_pw.select(); }">' . "\n"

763

. ($mode == 'change' ? ' <option value="keep" selected="selected">' . $GLOBALS['strKeepPass'] . '</option>' . "\n" : '')

784

. ($mode == 'change' ? ' <option value="keep" selected="selected">' . __('Do not change the password') . '</option>' . "\n" : '')

764

785

. ' <option value="none"';

765

786

if (isset($GLOBALS['username']) && $mode != 'change') {

766

787

echo ' selected="selected"';

767

788

}

768

echo '>' . $GLOBALS['strNoPassword'] . '</option>' . "\n"

769

. ' <option value="userdefined"' . (isset($GLOBALS['username']) ? '' : ' selected="selected"') . '>' . $GLOBALS['strUseTextField'] . ':</option>' . "\n"

789

echo '>' . __('No Password') . '</option>' . "\n"

790

. ' <option value="userdefined"' . (isset($GLOBALS['username']) ? '' : ' selected="selected"') . '>' . __('Use text field') . ':</option>' . "\n"

770

791

. ' </select>' . "\n"

771

792

. '</span>' . "\n"

772

. '<input type="password" id="text_pma_pw" name="pma_pw" title="' . $GLOBALS['strPassword'] . '" onchange="pred_password.value = \'userdefined\';" />' . "\n"

793

. '<input type="password" id="text_pma_pw" name="pma_pw" title="' . __('Password') . '" onchange="pred_password.value = \'userdefined\';" />' . "\n"

773

794

. '</div>' . "\n"

774

. '<div class="item">' . "\n"

795

. '<div class="item" id="div_element_before_generate_password">' . "\n"

775

796

. '<label for="text_pma_pw2">' . "\n"

776

. ' ' . $GLOBALS['strReType'] . ':' . "\n"

797

. ' ' . __('Re-type') . ':' . "\n"

777

798

. '</label>' . "\n"

778

799

. '<span class="options"> </span>' . "\n"

779

. '<input type="password" name="pma_pw2" id="text_pma_pw2" title="' . $GLOBALS['strReType'] . '" onchange="pred_password.value = \'userdefined\';" />' . "\n"

780

. '</div>' . "\n"

781

. '<div class="item">' . "\n"

782

. '<label for="button_generate_password">' . "\n"

783

. ' ' . $GLOBALS['strGeneratePassword'] . ':' . "\n"

784

. '</label>' . "\n"

785

. '<span class="options">' . "\n"

786

. ' <input type="button" id="button_generate_password" value="' . $GLOBALS['strGenerate'] . '" onclick="suggestPassword(this.form)" />' . "\n"

787

. '</span>' . "\n"

788

. '<input type="text" name="generated_pw" id="generated_pw" />' . "\n"

789

. '</div>' . "\n"

800

. '<input type="password" name="pma_pw2" id="text_pma_pw2" title="' . __('Re-type') . '" onchange="pred_password.value = \'userdefined\';" />' . "\n"

801

. '</div>' . "\n"

802

// Generate password added here via jQuery

790

803

. '</fieldset>' . "\n";

791

804

} // end of the 'PMA_displayUserAndHostFields()' function

792

805

793

794

806

/**

795

807

* Changes / copies a user, part I

796

808

802

814

.' = \'' . PMA_sqlAddslashes($old_hostname) . '\';';

803

815

$row = PMA_DBI_fetch_single_row('SELECT * FROM `mysql`.`user` ' . $user_host_condition);

804

816

if (! $row) {

805

PMA_Message::notice('strNoUsersFound')->display();

817

PMA_Message::notice(__('No user found.'))->display();

806

818

unset($_REQUEST['change_copy']);

807

819

} else {

808

820

extract($row, EXTR_OVERWRITE);

846

858

. " WHERE `User` = '" . PMA_sqlAddslashes($username) . "'"

847

859

. " AND `Host` = '" . PMA_sqlAddslashes($hostname) . "';";

848

860

if (PMA_DBI_fetch_value($sql) == 1) {

849

$message = PMA_Message::error('strUserAlreadyExists');

861

$message = PMA_Message::error(__('The user %s already exists!'));

850

862

$message->addParam('[i]\'' . $username . '\'@\'' . $hostname . '\'[/i]');

851

863

$_REQUEST['adduser'] = true;

864

$_add_user_error = true;

852

865

} else {

853

866

854

867

$create_user_real = 'CREATE USER \'' . PMA_sqlAddslashes($username) . '\'@\'' . PMA_sqlAddslashes($hostname) . '\'';

929

942

$_REQUEST['createdb'] = false;

930

943

$message = PMA_Message::rawError(PMA_DBI_getError());

931

944

} else {

932

$message = PMA_Message::success('strAddUserMessage');

945

$message = PMA_Message::success(__('You have added a new user.'));

933

946

}

934

947

935

948

switch (PMA_ifSetOr($_REQUEST['createdb'], '0')) {

942

955

$message = PMA_Message::rawError(PMA_DBI_getError());

943

956

break;

944

957

}

945

// this is needed in case tracking is on:

946

$GLOBALS['db'] = $username;

947

$GLOBALS['reload'] = TRUE;

948

PMA_reloadNavigation();

958

959

960

/**

961

* If we are not in an Ajax request, we can't reload navigation now

962

963

if($GLOBALS['is_ajax_request'] != true) {

964

// this is needed in case tracking is on:

965

$GLOBALS['db'] = $username;

966

$GLOBALS['reload'] = TRUE;

967

PMA_reloadNavigation();

968

}

949

969

950

970

$q = 'GRANT ALL PRIVILEGES ON '

951

971

. PMA_backquote(PMA_sqlAddslashes($username)) . '.* TO \''

1139

1159

$sql_query2 .= ';';

1140

1160

}

1141

1161

if (! PMA_DBI_try_query($sql_query0)) {

1142

// this query may fail, but this does not matter :o)

1162

// This might fail when the executing user does not have ALL PRIVILEGES himself.

1163

// See https://sourceforge.net/tracker/index.php?func=detail&aid=3285929&group_id=23067&atid=377408

1143

1164

$sql_query0 = '';

1144

1165

}

1145

1166

if (isset($sql_query1) && !PMA_DBI_try_query($sql_query1)) {

1152

1173

$sql_query2 = '';

1153

1174

}

1154

1175

$sql_query = $sql_query0 . ' ' . $sql_query1 . ' ' . $sql_query2;

1155

$message = PMA_Message::success('strUpdatePrivMessage');

1176

$message = PMA_Message::success(__('You have updated the privileges for %s.'));

1156

1177

$message->addParam('\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'');

1157

1178

}

1158

1179

1176

1197

$sql_query1 = '';

1177

1198

}

1178

1199

$sql_query = $sql_query0 . ' ' . $sql_query1;

1179

$message = PMA_Message::success('strRevokeMessage');

1200

$message = PMA_Message::success(__('You have revoked the privileges for %s'));

1180

1201

$message->addParam('\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'');

1181

1202

if (! isset($tablename)) {

1182

1203

unset($dbname);

1195

1216

1196

1217

if ($nopass == 0 && isset($pma_pw) && isset($pma_pw2)) {

1197

1218

if ($pma_pw != $pma_pw2) {

1198

$message = PMA_Message::error('strPasswordNotSame');

1219

$message = PMA_Message::error(__('The passwords aren\'t the same!'));

1199

1220

} elseif (empty($pma_pw) || empty($pma_pw2)) {

1200

$message = PMA_Message::error('strPasswordEmpty');

1221

$message = PMA_Message::error(__('The password is empty!'));

1201

1222

}

1202

1223

} // end if

1203

1224

1212

1233

$local_query = 'SET PASSWORD FOR \'' . PMA_sqlAddslashes($username) . '\'@\'' . PMA_sqlAddslashes($hostname) . '\' = ' . (($pma_pw == '') ? '\'\'' : $hashing_function . '(\'' . PMA_sqlAddslashes($pma_pw) . '\')');

1213

1234

PMA_DBI_try_query($local_query)

1214

1235

or PMA_mysqlDie(PMA_DBI_getError(), $sql_query, FALSE, $err_url);

1215

$message = PMA_Message::success('strPasswordChanged');

1236

$message = PMA_Message::success(__('The password for %s was changed successfully.'));

1216

1237

$message->addParam('\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'');

1217

1238

}

1218

1239

}

1232

1253

}

1233

1254

foreach ($selected_usr as $each_user) {

1234

1255

list($this_user, $this_host) = explode('&#27;', $each_user);

1235

$queries[] = '# ' . sprintf($GLOBALS['strDeleting'], '\'' . $this_user . '\'@\'' . $this_host . '\'') . ' ...';

1256

$queries[] = '# ' . sprintf(__('Deleting %s'), '\'' . $this_user . '\'@\'' . $this_host . '\'') . ' ...';

1236

1257

$queries[] = 'DROP USER \'' . PMA_sqlAddslashes($this_user) . '\'@\'' . PMA_sqlAddslashes($this_host) . '\';';

1237

1258

1238

1259

if (isset($_REQUEST['drop_users_db'])) {

1239

1260

$queries[] = 'DROP DATABASE IF EXISTS ' . PMA_backquote($this_user) . ';';

1240

1261

$GLOBALS['reload'] = TRUE;

1241

PMA_reloadNavigation();

1262

1263

if($GLOBALS['is_ajax_request'] != true) {

1264

PMA_reloadNavigation();

1265

}

1242

1266

}

1243

1267

}

1244

1268

if (empty($_REQUEST['change_copy'])) {

1245

1269

if (empty($queries)) {

1246

$message = PMA_Message::error('strDeleteNoUsersSelected');

1270

$message = PMA_Message::error(__('No users selected for deleting!'));

1247

1271

} else {

1248

1272

if ($_REQUEST['mode'] == 3) {

1249

$queries[] = '# ' . $GLOBALS['strReloadingThePrivileges'] . ' ...';

1273

$queries[] = '# ' . __('Reloading the privileges') . ' ...';

1250

1274

$queries[] = 'FLUSH PRIVILEGES;';

1251

1275

}

1252

1276

$drop_user_error = '';

1264

1288

if (! empty($drop_user_error)) {

1265

1289

$message = PMA_Message::rawError($drop_user_error);

1266

1290

} else {

1267

$message = PMA_Message::success('strUsersDeleted');

1291

$message = PMA_Message::success(__('The selected users have been deleted successfully.'));

1268

1292

}

1269

1293

}

1270

1294

unset($queries);

1299

1323

if (isset($_REQUEST['flush_privileges'])) {

1300

1324

$sql_query = 'FLUSH PRIVILEGES;';

1301

1325

PMA_DBI_query($sql_query);

1302

$message = PMA_Message::success('strPrivilegesReloaded');

1303

}

1304

1326

$message = PMA_Message::success(__('The privileges were reloaded successfully.'));

1327

}

1328

1329

/**

1330

* defines some standard links

1331

1332

$link_edit = '<a class="edit_user_anchor ' . $conditional_class . '" href="server_privileges.php?' . $GLOBALS['url_query']

1333

. '&username=%s'

1334

. '&hostname=%s'

1335

. '&dbname=%s'

1336

. '&tablename=%s">'

1337

. PMA_getIcon('b_usredit.png', __('Edit Privileges'))

1338

. '</a>';

1339

1340

$link_revoke = '<a href="server_privileges.php?' . $GLOBALS['url_query']

1341

. '&username=%s'

1342

. '&hostname=%s'

1343

. '&dbname=%s'

1344

. '&tablename=%s'

1345

. '&revokeall=1">'

1346

. PMA_getIcon('b_usrdrop.png', __('Revoke'))

1347

. '</a>';

1348

1349

$link_export = '<a class="export_user_anchor ' . $conditional_class . '" href="server_privileges.php?' . $GLOBALS['url_query']

1350

. '&username=%s'

1351

. '&hostname=%s'

1352

. '&initial=%s'

1353

. '&export=1">'

1354

. PMA_getIcon('b_tblexport.png', __('Export'))

1355

. '</a>';

1356

1357

/**

1358

* If we are in an Ajax request for Create User/Edit User/Revoke User/Flush Privileges,

1359

* show $message and exit.

1360

1361

if( $GLOBALS['is_ajax_request'] && !isset($_REQUEST['export']) && (!isset($_REQUEST['adduser']) || $_add_user_error) && !isset($_REQUEST['initial']) && !isset($_REQUEST['showall']) && !isset($_REQUEST['edit_user_dialog'])) {

1362

1363

if(isset($sql_query)) {

1364

$extra_data['sql_query'] = PMA_showMessage(NULL, $sql_query);

1365

}

1366

1367

if(isset($_REQUEST['adduser_submit']) || isset($_REQUEST['change_copy'])) {

1368

/**

1369

* generate html on the fly for the new user that was just created.

1370

1371

$new_user_string = '<tr>'."\n"

1372

.'<td> <input type="checkbox" name="selected_usr[]" id="checkbox_sel_users_" value="' . htmlspecialchars($username) . '&#27;' . htmlspecialchars($hostname) . '" /> </td>'."\n"

1373

.'<td><label for="checkbox_sel_users_">' . (empty($username) ? '<span style="color: #FF0000">' . __('Any') . '</span>' : htmlspecialchars($username) ) . '</label></td>' . "\n"

1374

.'<td>' . htmlspecialchars($hostname) . '</td>' . "\n";

1375

$new_user_string .= '<td>';

1376

1377

if(!empty($password) || isset($pma_pw)) {

1378

$new_user_string .= __('Yes');

1379

}

1380

else {

1381

$new_user_string .= '<span style="color: #FF0000">' . __('No') . '</span>';

1382

};

1383

1384

$new_user_string .= '</td>'."\n";

1385

$new_user_string .= '<td><tt>' . join(', ', PMA_extractPrivInfo('', true)) . '</tt></td>'; //Fill in privileges here

1386

$new_user_string .= '<td>';

1387

1388

if((isset($Grant_priv) && $Grant_priv == 'Y')) {

1389

$new_user_string .= __('Yes');

1390

}

1391

else {

1392

$new_user_string .= __('No');

1393

}

1394

1395

$new_user_string .='</td>';

1396

1397

$new_user_string .= '<td>'.sprintf($link_edit, urlencode($username), urlencode($hostname), '', '' ).'</td>'."\n";

1398

$new_user_string .= '<td>'.sprintf($link_export, urlencode($username), urlencode($hostname), (isset($initial) ? $initial : '')).'</td>'."\n";

1399

1400

$new_user_string .= '</tr>';

1401

1402

$extra_data['new_user_string'] = $new_user_string;

1403

1404

/**

1405

* Generate the string for this alphabet's initial, to update the user

1406

* pagination

1407

1408

$new_user_initial = strtoupper(substr($username, 0, 1));

1409

$new_user_initial_string = '<a href="server_privileges.php?' . $GLOBALS['url_query'] . '&initial=' . $new_user_initial

1410

.'">' . $new_user_initial . '</a>';

1411

$extra_data['new_user_initial'] = $new_user_initial;

1412

$extra_data['new_user_initial_string'] = $new_user_initial_string;

1413

}

1414

1415

if(isset($update_privs)) {

1416

$extra_data['db_specific_privs'] = false;

1417

if (isset($dbname_is_wildcard)) {

1418

$extra_data['db_specific_privs'] = !$dbname_is_wildcard;

1419

}

1420

$new_privileges = join(', ', PMA_extractPrivInfo('', true));

1421

1422

$extra_data['new_privileges'] = $new_privileges;

1423

}

1424

1425

if ($message instanceof PMA_Message) {

1426

PMA_ajaxResponse($message, $message->isSuccess(), $extra_data);

1427

}

1428

}

1305

1429

1306

1430

/**

1307

1431

* Displays the links

1320

1444

1321

1445

1322

1446

/**

1323

* defines some standard links

1324

1325

$link_edit = '<a href="server_privileges.php?' . $GLOBALS['url_query']

1326

. '&username=%s'

1327

. '&hostname=%s'

1328

. '&dbname=%s'

1329

. '&tablename=%s">'

1330

. PMA_getIcon('b_usredit.png', $GLOBALS['strEditPrivileges'])

1331

. '</a>';

1332

1333

$link_revoke = '<a href="server_privileges.php?' . $GLOBALS['url_query']

1334

. '&username=%s'

1335

. '&hostname=%s'

1336

. '&dbname=%s'

1337

. '&tablename=%s'

1338

. '&revokeall=1">'

1339

. PMA_getIcon('b_usrdrop.png', $GLOBALS['strRevoke'])

1340

. '</a>';

1341

1342

/**

1343

1447

* Displays the page

1344

1448

1449

1450

// export user definition

1451

if (isset($_REQUEST['export'])) {

1452

echo '<h2>' . __('User') . ' \'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'</h2>';

1453

echo '<textarea cols="' . $GLOBALS['cfg']['TextareaCols'] . '" rows="' . $GLOBALS['cfg']['TextareaRows'] . '">';

1454

$grants = PMA_DBI_fetch_result("SHOW GRANTS FOR '" . PMA_sqlAddslashes($username) . "'@'" . PMA_sqlAddslashes($hostname) . "'");

1455

foreach($grants as $one_grant) {

1456

echo $one_grant . ";\n\n";

1457

}

1458

echo '</textarea>';

1459

unset($username, $hostname, $grants, $one_grant);

1460

if( $GLOBALS['is_ajax_request']) {

1461

exit;

1462

}

1463

}

1464

1345

1465

if (empty($_REQUEST['adduser']) && (! isset($checkprivs) || ! strlen($checkprivs))) {

1346

1466

if (! isset($username)) {

1347

1467

// No username is given --> display the overview

1348

1468

echo '<h2>' . "\n"

1349

1469

. PMA_getIcon('b_usrlist.png')

1350

. $GLOBALS['strUserOverview'] . "\n"

1470

. __('User overview') . "\n"

1351

1471

. '</h2>' . "\n";

1352

1472

1353

1473

$sql_query =

1370

1490

$res = PMA_DBI_try_query($sql_query, null, PMA_DBI_QUERY_STORE);

1371

1491

1372

1492

if (!$res) {

1373

PMA_Message::error('strNoPrivileges')->display();

1493

PMA_Message::error(__('No Privileges'))->display();

1374

1494

PMA_DBI_free_result($res);

1375

1495

unset($res);

1376

1496

} else {

1377

// rabus: This message is hardcoded because I will replace it by

1497

// This message is hardcoded because I will replace it by

1378

1498

// a automatic repair feature soon.

1379

1499

$raw = 'Your privilege table structure seems to be older than'

1380

1500

. ' this MySQL version!<br />'

1429

1549

1430

1550

/**

1431

1551

* Displays the initials

1552

* In an Ajax request, we don't need to show this

1432

1553

1433

1554

1434

// initialize to FALSE the letters A-Z

1435

for ($letter_counter = 1; $letter_counter < 27; $letter_counter++) {

1436

if (! isset($array_initials[chr($letter_counter + 64)])) {

1437

$array_initials[chr($letter_counter + 64)] = FALSE;

1438

}

1439

}

1440

1441

$initials = PMA_DBI_try_query('SELECT DISTINCT UPPER(LEFT(`User`,1)) FROM `user` ORDER BY `User` ASC', null, PMA_DBI_QUERY_STORE);

1442

while (list($tmp_initial) = PMA_DBI_fetch_row($initials)) {

1443

$array_initials[$tmp_initial] = TRUE;

1444

}

1445

1446

// Display the initials, which can be any characters, not

1447

// just letters. For letters A-Z, we add the non-used letters

1448

// as greyed out.

1449

1450

uksort($array_initials, "strnatcasecmp");

1451

1452

echo '<table cellspacing="5"><tr>';

1453

foreach ($array_initials as $tmp_initial => $initial_was_found) {

1454

if ($initial_was_found) {

1455

echo '<td><a href="server_privileges.php?' . $GLOBALS['url_query'] . '&initial=' . urlencode($tmp_initial) . '">' . $tmp_initial . '</a></td>' . "\n";

1456

} else {

1457

echo '<td>' . $tmp_initial . '</td>';

1458

}

1459

}

1460

echo '<td><a href="server_privileges.php?' . $GLOBALS['url_query'] . '&showall=1">[' . $GLOBALS['strShowAll'] . ']</a></td>' . "\n";

1461

echo '</tr></table>';

1555

if( $GLOBALS['is_ajax_request'] != true ) {

1556

1557

// initialize to FALSE the letters A-Z

1558

for ($letter_counter = 1; $letter_counter < 27; $letter_counter++) {

1559

if (! isset($array_initials[chr($letter_counter + 64)])) {

1560

$array_initials[chr($letter_counter + 64)] = FALSE;

1561

}

1562

}

1563

1564

$initials = PMA_DBI_try_query('SELECT DISTINCT UPPER(LEFT(`User`,1)) FROM `user` ORDER BY `User` ASC', null, PMA_DBI_QUERY_STORE);

1565

while (list($tmp_initial) = PMA_DBI_fetch_row($initials)) {

1566

$array_initials[$tmp_initial] = TRUE;

1567

}

1568

1569

// Display the initials, which can be any characters, not

1570

// just letters. For letters A-Z, we add the non-used letters

1571

// as greyed out.

1572

1573

uksort($array_initials, "strnatcasecmp");

1574

1575

echo '<table id="initials_table" class="' . $conditional_class . '" <cellspacing="5"><tr>';

1576

foreach ($array_initials as $tmp_initial => $initial_was_found) {

1577

if ($initial_was_found) {

1578

echo '<td><a href="server_privileges.php?' . $GLOBALS['url_query'] . '&initial=' . urlencode($tmp_initial) . '">' . $tmp_initial . '</a></td>' . "\n";

1579

} else {

1580

echo '<td>' . $tmp_initial . '</td>';

1581

}

1582

}

1583

echo '<td><a href="server_privileges.php?' . $GLOBALS['url_query'] . '&showall=1" class="nowrap">[' . __('Show all') . ']</a></td>' . "\n";

1584

echo '</tr></table>';

1585

}

1462

1586

1463

1587

/**

1464

1588

* Display the user overview

1479

1603

. ' <table id="tableuserrights" class="data">' . "\n"

1480

1604

. ' <thead>' . "\n"

1481

1605

. ' <tr><th></th>' . "\n"

1482

. ' <th>' . $GLOBALS['strUser'] . '</th>' . "\n"

1483

. ' <th>' . $GLOBALS['strHost'] . '</th>' . "\n"

1484

. ' <th>' . $GLOBALS['strPassword'] . '</th>' . "\n"

1485

. ' <th>' . $GLOBALS['strGlobalPrivileges'] . ' '

1486

. PMA_showHint($GLOBALS['strEnglishPrivileges']) . '</th>' . "\n"

1487

. ' <th>' . $GLOBALS['strGrantOption'] . '</th>' . "\n"

1488

. ' <th>' . $GLOBALS['strAction'] . '</th>' . "\n";

1606

. ' <th>' . __('User') . '</th>' . "\n"

1607

. ' <th>' . __('Host') . '</th>' . "\n"

1608

. ' <th>' . __('Password') . '</th>' . "\n"

1609

. ' <th>' . __('Global privileges') . ' '

1610

. PMA_showHint(__(' Note: MySQL privilege names are expressed in English ')) . '</th>' . "\n"

1611

. ' <th>' . __('Grant') . '</th>' . "\n"

1612

. ' <th colspan="2">' . __('Action') . '</th>' . "\n";

1489

1613

echo ' </tr>' . "\n";

1490

1614

echo ' </thead>' . "\n";

1491

1615

echo ' <tbody>' . "\n";

1503

1627

. '"'

1504

1628

. (empty($GLOBALS['checkall']) ? '' : ' checked="checked"')

1505

1629

. ' /></td>' . "\n"

1506

. ' <td><label for="checkbox_sel_users_' . $index_checkbox . '">' . (empty($host['User']) ? '<span style="color: #FF0000">' . $GLOBALS['strAny'] . '</span>' : htmlspecialchars($host['User'])) . '</label></td>' . "\n"

1630

. ' <td><label for="checkbox_sel_users_' . $index_checkbox . '">' . (empty($host['User']) ? '<span style="color: #FF0000">' . __('Any') . '</span>' : htmlspecialchars($host['User'])) . '</label></td>' . "\n"

1507

1631

. ' <td>' . htmlspecialchars($host['Host']) . '</td>' . "\n";

1508

1632

echo ' <td>';

1509

1633

switch ($host['Password']) {

1510

1634

case 'Y':

1511

echo $GLOBALS['strYes'];

1635

echo __('Yes');

1512

1636

break;

1513

1637

case 'N':

1514

echo '<span style="color: #FF0000">' . $GLOBALS['strNo'] . '</span>';

1638

echo '<span style="color: #FF0000">' . __('No') . '</span>';

1515

1639

break;

1516

1640

// this happens if this is a definition not coming from mysql.user

1517

1641

default:

1522

1646

. ' <td><tt>' . "\n"

1523

1647

. ' ' . implode(',' . "\n" . ' ', $host['privs']) . "\n"

1524

1648

. ' </tt></td>' . "\n"

1525

. ' <td>' . ($host['Grant_priv'] == 'Y' ? $GLOBALS['strYes'] : $GLOBALS['strNo']) . '</td>' . "\n"

1649

. ' <td>' . ($host['Grant_priv'] == 'Y' ? __('Yes') : __('No')) . '</td>' . "\n"

1526

1650

. ' <td align="center">';

1527

printf($link_edit, urlencode($host['User']),

1528

urlencode($host['Host']), '', '');

1529

echo '</td>' . "\n"

1530

. ' </tr>' . "\n";

1651

printf($link_edit, urlencode($host['User']), urlencode($host['Host']), '', '');

1652

echo '</td>';

1653

echo '<td align="center">';

1654

printf($link_export, urlencode($host['User']), urlencode($host['Host']), (isset($initial) ? $initial : ''));

1655

echo '</td>';

1656

echo '</tr>';

1531

1657

$odd_row = ! $odd_row;

1532

1658

}

1533

1659

}

1537

1663

.'<img class="selectallarrow"'

1538

1664

.' src="' . $pmaThemeImage . 'arrow_' . $text_dir . '.png"'

1539

1665

.' width="38" height="22"'

1540

.' alt="' . $GLOBALS['strWithChecked'] . '" />' . "\n"

1666

.' alt="' . __('With selected:') . '" />' . "\n"

1541

1667

.'<a href="server_privileges.php?' . $GLOBALS['url_query'] . '&checkall=1"'

1542

1668

.' onclick="if (markAllRows(\'usersForm\')) return false;">'

1543

. $GLOBALS['strCheckAll'] . '</a>' . "\n"

1669

. __('Check All') . '</a>' . "\n"

1544

1670

.'/' . "\n"

1545

1671

.'<a href="server_privileges.php?' . $GLOBALS['url_query'] . '"'

1546

1672

.' onclick="if (unMarkAllRows(\'usersForm\')) return false;">'

1547

. $GLOBALS['strUncheckAll'] . '</a>' . "\n";

1673

. __('Uncheck All') . '</a>' . "\n";

1548

1674

1549

1675

// add/delete user fieldset

1550

1676

echo ' <fieldset id="fieldset_add_user">' . "\n"

1551

. ' <a href="server_privileges.php?' . $GLOBALS['url_query'] . '&adduser=1">' . "\n"

1677

. ' <a href="server_privileges.php?' . $GLOBALS['url_query'] . '&adduser=1" class="' . $conditional_class . '">' . "\n"

1552

1678

. PMA_getIcon('b_usradd.png')

1553

. ' ' . $GLOBALS['strAddUser'] . '</a>' . "\n"

1679

. ' ' . __('Add a new User') . '</a>' . "\n"

1554

1680

. ' </fieldset>' . "\n"

1555

1681

. ' <fieldset id="fieldset_delete_user">'

1556

1682

. ' <legend>' . "\n"

1557

1683

. PMA_getIcon('b_usrdrop.png')

1558

. ' ' . $GLOBALS['strRemoveSelectedUsers'] . '' . "\n"

1684

. ' ' . __('Remove selected users') . '' . "\n"

1559

1685

. ' </legend>' . "\n"

1560

1686

. ' <input type="hidden" name="mode" value="2" />' . "\n"

1561

. '(' . $GLOBALS['strRevokeAndDelete'] . ')<br />' . "\n"

1562

. ' <input type="checkbox" title="' . $GLOBALS['strDropUsersDb'] . '" name="drop_users_db" id="checkbox_drop_users_db" />' . "\n"

1563

. ' <label for="checkbox_drop_users_db" title="' . $GLOBALS['strDropUsersDb'] . '">' . "\n"

1564

. ' ' . $GLOBALS['strDropUsersDb'] . "\n"

1687

. '(' . __('Revoke all active privileges from the users and delete them afterwards.') . ')<br />' . "\n"

1688

. ' <input type="checkbox" title="' . __('Drop the databases that have the same names as the users.') . '" name="drop_users_db" id="checkbox_drop_users_db" />' . "\n"

1689

. ' <label for="checkbox_drop_users_db" title="' . __('Drop the databases that have the same names as the users.') . '">' . "\n"

1690

. ' ' . __('Drop the databases that have the same names as the users.') . "\n"

1565

1691

. ' </label>' . "\n"

1566

1692

. ' </fieldset>' . "\n"

1567

1693

. ' <fieldset id="fieldset_delete_user_footer" class="tblFooters">' . "\n"

1568

. ' <input type="submit" name="delete" value="' . $GLOBALS['strGo'] . '" id="buttonGo" />' . "\n"

1694

. ' <input type="submit" name="delete" value="' . __('Go') . '" id="buttonGo" class="' . $conditional_class . '"/>' . "\n"

1569

1695

. ' </fieldset>' . "\n"

1570

1696

. '</form>' . "\n";

1571

1697

} else {

1572

1698

1573

1699

unset ($row);

1574

1700

echo ' <fieldset id="fieldset_add_user">' . "\n"

1575

. ' <a href="server_privileges.php?' . $GLOBALS['url_query'] . '&adduser=1">' . "\n"

1701

. ' <a href="server_privileges.php?' . $GLOBALS['url_query'] . '&adduser=1" class="' . $conditional_class . '">' . "\n"

1576

1702

. PMA_getIcon('b_usradd.png')

1577

. ' ' . $GLOBALS['strAddUser'] . '</a>' . "\n"

1703

. ' ' . __('Add a new User') . '</a>' . "\n"

1578

1704

. ' </fieldset>' . "\n";

1579

1705

} // end if (display overview)

1580

$flushnote = new PMA_Message('strFlushPrivilegesNote', PMA_Message::NOTICE);

1581

$flushnote->addParam('<a href="server_privileges.php?' . $GLOBALS['url_query'] . '&flush_privileges=1">', false);

1706

1707

if( $GLOBALS['is_ajax_request'] ) {

1708

exit;

1709

}

1710

1711

$flushnote = new PMA_Message(__('Note: phpMyAdmin gets the users\' privileges directly from MySQL\'s privilege tables. The content of these tables may differ from the privileges the server uses, if they have been changed manually. In this case, you should %sreload the privileges%s before you continue.'), PMA_Message::NOTICE);

1712

$flushnote->addParam('<a href="server_privileges.php?' . $GLOBALS['url_query'] . '&flush_privileges=1" id="reload_privileges_anchor" class="' . $conditional_class . '">', false);

1582

1713

$flushnote->addParam('</a>', false);

1583

1714

$flushnote->display();

1584

1715

}

1588

1719

1589

1720

// A user was selected -> display the user's properties

1590

1721

1722

// In an Ajax request, prevent cached values from showing

1723

if($GLOBALS['is_ajax_request'] == true) {

1724

header('Cache-Control: no-cache');

1725

}

1726

1591

1727

echo '<h2>' . "\n"

1592

1728

. PMA_getIcon('b_usredit.png')

1593

. $GLOBALS['strEditPrivileges'] . ': '

1594

. $GLOBALS['strUser'] ;

1729

. __('Edit Privileges') . ': '

1730

. __('User') ;

1595

1731

1596

1732

if (isset($dbname)) {

1597

1733

echo ' <i><a href="server_privileges.php?'

1601

1737

. '\'</a></i>' . "\n";

1602

1738

$url_dbname = urlencode(str_replace(array('\_', '\%'), array('_', '%'), $dbname));

1603

1739

1604

echo ' - ' . ($dbname_is_wildcard ? $GLOBALS['strDatabases'] : $GLOBALS['strDatabase'] );

1740

echo ' - ' . ($dbname_is_wildcard ? __('Databases') : __('Database') );

1605

1741

if (isset($tablename)) {

1606

1742

echo ' <i><a href="server_privileges.php?' . $GLOBALS['url_query']

1607

1743

. '&username=' . htmlspecialchars(urlencode($username)) . '&hostname=' . htmlspecialchars(urlencode($hostname))

1608

1744

. '&dbname=' . htmlspecialchars($url_dbname) . '&tablename=">' . htmlspecialchars($dbname) . '</a></i>';

1609

echo ' - ' . $GLOBALS['strTable'] . ' <i>' . htmlspecialchars($tablename) . '</i>';

1745

echo ' - ' . __('Table') . ' <i>' . htmlspecialchars($tablename) . '</i>';

1610

1746

} else {

1611

1747

echo ' <i>' . htmlspecialchars($dbname) . '</i>';

1612

1748

}

1625

1761

$user_does_not_exists = (bool) ! PMA_DBI_fetch_value($sql);

1626

1762

unset($sql);

1627

1763

if ($user_does_not_exists) {

1628

PMA_Message::warning('strUserNotFound')->display();

1764

PMA_Message::error(__('The selected user was not found in the privilege table.'))->display();

1629

1765

PMA_displayLoginInformationFields();

1630

//require_once './libraries/footer.inc.php';

1766

//require './libraries/footer.inc.php';

1631

1767

}

1632

1768

1633

echo '<form name="usersForm" id="usersForm" action="server_privileges.php" method="post">' . "\n";

1769

echo '<form name="usersForm" id="addUsersForm_' . $random_n . '" action="server_privileges.php" method="post">' . "\n";

1634

1770

$_params = array(

1635

1771

'username' => $username,

1636

1772

'hostname' => $hostname,

1659

1795

. '<input type="hidden" name="username" value="' . htmlspecialchars($username) . '" />' . "\n"

1660

1796

. '<input type="hidden" name="hostname" value="' . htmlspecialchars($hostname) . '" />' . "\n"

1661

1797

. '<fieldset>' . "\n"

1662

. '<legend>' . (! isset($dbname) ? $GLOBALS['strDbPrivileges'] : $GLOBALS['strTblPrivileges']) . '</legend>' . "\n"

1798

. '<legend>' . (! isset($dbname) ? __('Database-specific privileges') : __('Table-specific privileges')) . '</legend>' . "\n"

1663

1799

. '<table class="data">' . "\n"

1664

1800

. '<thead>' . "\n"

1665

. '<tr><th>' . (! isset($dbname) ? $GLOBALS['strDatabase'] : $GLOBALS['strTable']) . '</th>' . "\n"

1666

. ' <th>' . $GLOBALS['strPrivileges'] . '</th>' . "\n"

1667

. ' <th>' . $GLOBALS['strGrantOption'] . '</th>' . "\n"

1668

. ' <th>' . (! isset($dbname) ? $GLOBALS['strTblPrivileges'] : $GLOBALS['strColumnPrivileges']) . '</th>' . "\n"

1669

. ' <th colspan="2">' . $GLOBALS['strAction'] . '</th>' . "\n"

1801

. '<tr><th>' . (! isset($dbname) ? __('Database') : __('Table')) . '</th>' . "\n"

1802

. ' <th>' . __('Privileges') . '</th>' . "\n"

1803

. ' <th>' . __('Grant') . '</th>' . "\n"

1804

. ' <th>' . (! isset($dbname) ? __('Table-specific privileges') : __('Column-specific privileges')) . '</th>' . "\n"

1805

. ' <th colspan="2">' . __('Action') . '</th>' . "\n"

1670

1806

. '</tr>' . "\n"

1671

1807

. '</thead>' . "\n"

1672

1808

. '<tbody>' . "\n";

1763

1899

if (in_array($table_search_in, $tables)) {

1764

1900

$db_rights_sqls[] = '

1765

1901

SELECT DISTINCT `Table_name`

1766

FROM `mysql`.' . PMA_backquote($table_search_in)

1902

FROM `mysql`.' . PMA_backquote($table_search_in)

1767

1903

. $user_host_condition;

1768

1904

}

1769

1905

}

1816

1952

// display rows

1817

1953

if (count($db_rights) < 1) {

1818

1954

echo '<tr class="odd">' . "\n"

1819

. ' <td colspan="6"><center><i>' . $GLOBALS['strNone'] . '</i></center></td>' . "\n"

1955

. ' <td colspan="6"><center><i>' . __('None') . '</i></center></td>' . "\n"

1820

1956

. '</tr>' . "\n";

1821

1957

} else {

1822

1958

$odd_row = true;

1830

1966

. ' <td><tt>' . "\n"

1831

1967

. ' ' . join(',' . "\n" . ' ', PMA_extractPrivInfo($row, TRUE)) . "\n"

1832

1968

. ' </tt></td>' . "\n"

1833

. ' <td>' . ((((! isset($dbname)) && $row['Grant_priv'] == 'Y') || (isset($dbname) && in_array('Grant', explode(',', $row['Table_priv'])))) ? $GLOBALS['strYes'] : $GLOBALS['strNo']) . '</td>' . "\n"

1969

. ' <td>' . ((((! isset($dbname)) && $row['Grant_priv'] == 'Y') || (isset($dbname) && in_array('Grant', explode(',', $row['Table_priv'])))) ? __('Yes') : __('No')) . '</td>' . "\n"

1834

1970

. ' <td>';

1835

1971

if (! empty($row['Table_privs']) || ! empty ($row['Column_priv'])) {

1836

echo $GLOBALS['strYes'];

1972

echo __('Yes');

1837

1973

} else {

1838

echo $GLOBALS['strNo'];

1974

echo __('No');

1839

1975

}

1840

1976

echo '</td>' . "\n"

1841

1977

. ' <td>';

1866

2002

1867

2003

$pred_db_array =PMA_DBI_fetch_result('SHOW DATABASES;');

1868

2004

1869

echo ' <label for="text_dbname">' . $GLOBALS['strAddPrivilegesOnDb'] . ':</label>' . "\n";

2005

echo ' <label for="text_dbname">' . __('Add privileges on the following database') . ':</label>' . "\n";

1870

2006

if (!empty($pred_db_array)) {

1871

2007

echo ' <select name="pred_dbname" onchange="this.form.submit();">' . "\n"

1872

. ' <option value="" selected="selected">' . $GLOBALS['strUseTextField'] . ':</option>' . "\n";

2008

. ' <option value="" selected="selected">' . __('Use text field') . ':</option>' . "\n";

1873

2009

foreach ($pred_db_array as $current_db) {

1874

2010

$current_db = PMA_escape_mysql_wildcards($current_db);

1875

2011

// cannot use array_diff() once, outside of the loop,

1876

2012

// because the list of databases has special characters

1877

// already escaped in $found_rows,

2013

// already escaped in $found_rows,

1878

2014

// contrary to the output of SHOW DATABASES

1879

2015

if (empty($found_rows) || ! in_array($current_db, $found_rows)) {

1880

2016

echo ' <option value="' . htmlspecialchars($current_db) . '">'

1884

2020

echo ' </select>' . "\n";

1885

2021

}

1886

2022

echo ' <input type="text" id="text_dbname" name="dbname" />' . "\n"

1887

. PMA_showHint($GLOBALS['strEscapeWildcards']);

2023

. PMA_showHint(__('Wildcards % and _ should be escaped with a \ to use them literally'));

1888

2024

} else {

1889

2025

echo ' <input type="hidden" name="dbname" value="' . htmlspecialchars($dbname) . '"/>' . "\n"

1890

. ' <label for="text_tablename">' . $GLOBALS['strAddPrivilegesOnTbl'] . ':</label>' . "\n";

2026

. ' <label for="text_tablename">' . __('Add privileges on the following table') . ':</label>' . "\n";

1891

2027

if ($res = @PMA_DBI_try_query('SHOW TABLES FROM ' . PMA_backquote(PMA_unescape_mysql_wildcards($dbname)) . ';', null, PMA_DBI_QUERY_STORE)) {

1892

2028

$pred_tbl_array = array();

1893

2029

while ($row = PMA_DBI_fetch_row($res)) {

1899

2035

unset($res, $row);

1900

2036

if (!empty($pred_tbl_array)) {

1901

2037

echo ' <select name="pred_tablename" onchange="this.form.submit();">' . "\n"

1902

. ' <option value="" selected="selected">' . $GLOBALS['strUseTextField'] . ':</option>' . "\n";

2038

. ' <option value="" selected="selected">' . __('Use text field') . ':</option>' . "\n";

1903

2039

foreach ($pred_tbl_array as $current_table) {

1904

2040

echo ' <option value="' . htmlspecialchars($current_table) . '">' . htmlspecialchars($current_table) . '</option>' . "\n";

1905

2041

}

1912

2048

}

1913

2049

echo '</fieldset>' . "\n";

1914

2050

echo '<fieldset class="tblFooters">' . "\n"

1915

. ' <input type="submit" value="' . $GLOBALS['strGo'] . '" />'

2051

. ' <input type="submit" value="' . __('Go') . '" />'

1916

2052

. '</fieldset>' . "\n"

1917

2053

. '</form>' . "\n";

1918

2054

1920

2056

1921

2057

// Provide a line with links to the relevant database and table

1922

2058

if (isset($dbname) && empty($dbname_is_wildcard)) {

1923

echo '[ ' . $GLOBALS['strDatabase']

2059

echo '[ ' . __('Database')

1924

2060

. ' <a href="' . $GLOBALS['cfg']['DefaultTabDatabase'] . '?'

1925

2061

. $GLOBALS['url_query'] . '&db=' . $url_dbname . '&reload=1">'

1926

2062

. htmlspecialchars($dbname) . ': ' . PMA_getTitleForTarget($GLOBALS['cfg']['DefaultTabDatabase']) . "</a> ]\n";

1927

2063

1928

2064

if (isset($tablename)) {

1929

echo ' [ ' . $GLOBALS['strTable'] . ' <a href="'

2065

echo ' [ ' . __('Table') . ' <a href="'

1930

2066

. $GLOBALS['cfg']['DefaultTabTable'] . '?' . $GLOBALS['url_query']

1931

2067

. '&db=' . $url_dbname . '&table=' . htmlspecialchars(urlencode($tablename))

1932

2068

. '&reload=1">' . htmlspecialchars($tablename) . ': '

1944

2080

. '<input type="hidden" name="old_username" value="' . htmlspecialchars($username) . '" />' . "\n"

1945

2081

. '<input type="hidden" name="old_hostname" value="' . htmlspecialchars($hostname) . '" />' . "\n"

1946

2082

. '<fieldset id="fieldset_change_copy_user">' . "\n"

1947

. ' <legend>' . $GLOBALS['strChangeCopyUser'] . '</legend>' . "\n";

2083

. ' <legend>' . __('Change Login Information / Copy User') . '</legend>' . "\n";

1948

2084

PMA_displayLoginInformationFields('change');

1949

2085

echo ' <fieldset>' . "\n"

1950

. ' <legend>' . $GLOBALS['strChangeCopyMode'] . '</legend>' . "\n";

2086

. ' <legend>' . __('Create a new user with the same privileges and ...') . '</legend>' . "\n";

1951

2087

$choices = array(

1952

'4' => $GLOBALS['strChangeCopyModeCopy'],

1953

'1' => $GLOBALS['strChangeCopyModeJustDelete'],

1954

'2' => $GLOBALS['strChangeCopyModeRevoke'],

1955

'3' => $GLOBALS['strChangeCopyModeDeleteAndReload']);

2088

'4' => __('... keep the old one.'),

2089

'1' => __(' ... delete the old one from the user tables.'),

2090

'2' => __(' ... revoke all active privileges from the old one and delete it afterwards.'),

2091

'3' => __(' ... delete the old one from the user tables and reload the privileges afterwards.'));

1956

2092

PMA_display_html_radio('mode', $choices, '4', true);

1957

2093

unset($choices);

1958

2094

1959

2095

echo ' </fieldset>' . "\n"

1960

2096

. '</fieldset>' . "\n"

1961

2097

. '<fieldset id="fieldset_change_copy_user_footer" class="tblFooters">' . "\n"

1962

. ' <input type="submit" name="change_copy" value="' . $GLOBALS['strGo'] . '" />' . "\n"

2098

. ' <input type="submit" name="change_copy" value="' . __('Go') . '" />' . "\n"

1963

2099

. '</fieldset>' . "\n"

1964

2100

. '</form>' . "\n";

1965

2101

}

1966

2102

}

1967

2103

} elseif (isset($_REQUEST['adduser'])) {

2104

1968

2105

// Add a new user

1969

2106

$GLOBALS['url_query'] .= '&adduser=1';

1970

2107

echo '<h2>' . "\n"

1971

. PMA_getIcon('b_usradd.png') . $GLOBALS['strAddUser'] . "\n"

2108

. PMA_getIcon('b_usradd.png') . __('Add a new User') . "\n"

1972

2109

. '</h2>' . "\n"

1973

. '<form name="usersForm" id="usersForm" action="server_privileges.php" method="post" onsubmit="return checkAddUser(this);">' . "\n"

2110

. '<form name="usersForm" id="addUsersForm_' . $random_n . '" action="server_privileges.php" method="post">' . "\n"

1974

2111

. PMA_generate_common_hidden_inputs('', '');

1975

2112

PMA_displayLoginInformationFields('new');

1976

2113

echo '<fieldset id="fieldset_add_user_database">' . "\n"

1977

. '<legend>' . $GLOBALS['strCreateUserDatabase'] . '</legend>' . "\n";

2114

. '<legend>' . __('Database for user') . '</legend>' . "\n";

1978

2115

1979

2116

$default_choice = 0;

1980

2117

$choices = array(

1981

'0' => $GLOBALS['strCreateUserDatabaseNone'],

1982

'1' => $GLOBALS['strCreateUserDatabaseName'],

1983

'2' => $GLOBALS['strCreateUserDatabaseWildcard']);

2118

'0' => _pgettext('Create none database for user', 'None'),

2119

'1' => __('Create database with same name and grant all privileges'),

2120

'2' => __('Grant all privileges on wildcard name (username\\_%)'));

1984

2121

1985

2122

if ( !empty($dbname) ) {

1986

$choices['3'] = sprintf($GLOBALS['strCreateUserDatabasePrivileges'], htmlspecialchars($dbname));

2123

$choices['3'] = sprintf( __('Grant all privileges on database "%s"'), htmlspecialchars($dbname));

1987

2124

$default_choice = 3;

1988

2125

echo '<input type="hidden" name="dbname" value="' . htmlspecialchars($dbname) . '" />' . "\n";

1989

2126

}

1998

2135

echo '</fieldset>' . "\n";

1999

2136

PMA_displayPrivTable('*', '*', FALSE);

2000

2137

echo ' <fieldset id="fieldset_add_user_footer" class="tblFooters">' . "\n"

2001

. ' <input type="submit" name="adduser_submit" value="' . $GLOBALS['strGo'] . '" />' . "\n"

2138

. ' <input type="submit" name="adduser_submit" value="' . __('Go') . '" />' . "\n"

2002

2139

. ' </fieldset>' . "\n"

2003

2140

. '</form>' . "\n";

2004

2141

} else {

2005

2142

// check the privileges for a particular database.

2006

echo '<table id="tablespecificuserrights" class="data">' . "\n"

2143

echo '<form id="usersForm"><table id="dbspecificuserrights" class="data">' . "\n"

2007

2144

. '<caption class="tblHeaders">' . "\n"

2008

2145

. PMA_getIcon('b_usrcheck.png')

2009

. ' ' . sprintf($GLOBALS['strUsersHavingAccessToDb'], '<a href="' . $GLOBALS['cfg']['DefaultTabDatabase'] . '?' . PMA_generate_common_url($checkprivs) . '">' . htmlspecialchars($checkprivs) . '</a>') . "\n"

2146

. ' ' . sprintf(__('Users having access to "%s"'), '<a href="' . $GLOBALS['cfg']['DefaultTabDatabase'] . '?' . PMA_generate_common_url($checkprivs) . '">' . htmlspecialchars($checkprivs) . '</a>') . "\n"

2010

2147

. '</caption>' . "\n"

2011

2148

. '<thead>' . "\n"

2012

. ' <tr><th>' . $GLOBALS['strUser'] . '</th>' . "\n"

2013

. ' <th>' . $GLOBALS['strHost'] . '</th>' . "\n"

2014

. ' <th>' . $GLOBALS['strType'] . '</th>' . "\n"

2015

. ' <th>' . $GLOBALS['strPrivileges'] . '</th>' . "\n"

2016

. ' <th>' . $GLOBALS['strGrantOption'] . '</th>' . "\n"

2017

. ' <th>' . $GLOBALS['strAction'] . '</th>' . "\n"

2149

. ' <tr><th>' . __('User') . '</th>' . "\n"

2150

. ' <th>' . __('Host') . '</th>' . "\n"

2151

. ' <th>' . __('Type') . '</th>' . "\n"

2152

. ' <th>' . __('Privileges') . '</th>' . "\n"

2153

. ' <th>' . __('Grant') . '</th>' . "\n"

2154

. ' <th>' . __('Action') . '</th>' . "\n"

2018

2155

. ' </tr>' . "\n"

2019

2156

. '</thead>' . "\n"

2020

2157

. '<tbody>' . "\n";

2098

2235

$current_privileges[] = $row;

2099

2236

$row = PMA_DBI_fetch_assoc($res);

2100

2237

}

2101

echo ' <tr class="' . ($odd_row ? 'odd' : 'even') . '">' . "\n"

2238

echo ' <tr class="noclick ' . ($odd_row ? 'odd' : 'even') . '">' . "\n"

2102

2239

. ' <td';

2103

2240

if (count($current_privileges) > 1) {

2104

2241

echo ' rowspan="' . count($current_privileges) . '"';

2105

2242

}

2106

echo '>' . (empty($current_user) ? '<span style="color: #FF0000">' . $GLOBALS['strAny'] . '</span>' : htmlspecialchars($current_user)) . "\n"

2243

echo '>' . (empty($current_user) ? '<span style="color: #FF0000">' . __('Any') . '</span>' : htmlspecialchars($current_user)) . "\n"

2107

2244

. ' </td>' . "\n"

2108

2245

. ' <td';

2109

2246

if (count($current_privileges) > 1) {

2114

2251

echo ' <td>' . "\n"

2115

2252

. ' ';

2116

2253

if (!isset($current['Db']) || $current['Db'] == '*') {

2117

echo $GLOBALS['strGlobal'];

2254

echo __('global');

2118

2255

} elseif ($current['Db'] == PMA_escape_mysql_wildcards($checkprivs)) {

2119

echo $GLOBALS['strDbSpecific'];

2256

echo __('database-specific');

2120

2257

} else {

2121

echo $GLOBALS['strWildcard'], ': <tt>' . htmlspecialchars($current['Db']) . '</tt>';

2258

echo __('wildcard'), ': <tt>' . htmlspecialchars($current['Db']) . '</tt>';

2122

2259

}

2123

2260

echo "\n"

2124

2261

. ' </td>' . "\n"

2128

2265

. ' </tt>' . "\n"

2129

2266

. ' </td>' . "\n"

2130

2267

. ' <td>' . "\n"

2131

. ' ' . ($current['Grant_priv'] == 'Y' ? $GLOBALS['strYes'] : $GLOBALS['strNo']) . "\n"

2268

. ' ' . ($current['Grant_priv'] == 'Y' ? __('Yes') : __('No')) . "\n"

2132

2269

. ' </td>' . "\n"

2133

2270

. ' <td>' . "\n";

2134

2271

printf($link_edit, urlencode($current_user),

2146

2283

} else {

2147

2284

echo ' <tr class="odd">' . "\n"

2148

2285

. ' <td colspan="6">' . "\n"

2149

. ' ' . $GLOBALS['strNoUsersFound'] . "\n"

2286

. ' ' . __('No user found.') . "\n"

2150

2287

. ' </td>' . "\n"

2151

2288

. ' </tr>' . "\n";

2152

2289

}

2153

2290

echo '</tbody>' . "\n"

2154

. '</table>' . "\n";

2291

. '</table></form>' . "\n";

2155

2292

2156

2293

// Offer to create a new user for the current database

2157

2294

echo '<fieldset id="fieldset_add_user">' . "\n"

2158

2295

. ' <a href="server_privileges.php?' . $GLOBALS['url_query'] . '&adduser=1&dbname=' . htmlspecialchars($checkprivs) .'">' . "\n"

2159

2296

. PMA_getIcon('b_usradd.png')

2160

. ' ' . $GLOBALS['strAddUser'] . '</a>' . "\n"

2297

. ' ' . __('Add a new User') . '</a>' . "\n"

2161

2298

. '</fieldset>' . "\n";

2162

2299

2163

2300

} // end if (empty($_REQUEST['adduser']) && empty($checkprivs)) ... elseif ... else ...

2167

2304

* Displays the footer

2168

2305

2169

2306

echo "\n\n";

2170

require_once './libraries/footer.inc.php';

2307

require './libraries/footer.inc.php';

2171

2308

2172

2309

Older »