Viewing file: check_user_privileges.lib.php (8.51 KB) -rw-r--r-- Select action/file-type: (+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php /* $Id: check_user_privileges.lib.php,v 1.12 2006/01/17 17:02:30 cybot_tm Exp $ */ // vim: expandtab sw=4 ts=4 sts=4:
// Get user's global privileges and some db-specific privileges // ($controllink and $userlink are links to MySQL defined in the "common.lib.php" library) // Note: if no controluser is defined, $controllink contains $userlink
/** * returns true (int > 0) if current user is superuser * otherwise 0 * * @return integer $is_superuser */ function PMA_isSuperuser() { return PMA_DBI_try_query( 'SELECT COUNT(*) FROM mysql.user', $GLOBALS['userlink'], PMA_DBI_QUERY_STORE ); }
$is_create_db_priv = false; $is_process_priv = true; $is_reload_priv = false; $db_to_create = ''; $dbs_where_create_table_allowed = array();
// We were trying to find if user if superuser with 'USE mysql' // but users with the global priv CREATE TEMPORARY TABLES or LOCK TABLES // can do a 'USE mysql' (even if they cannot see the tables) $is_superuser = PMA_isSuperuser();
function PMA_analyseShowGrant($rs_usr, &$is_create_db_priv, &$db_to_create, &$is_reload_priv, &$dbs_where_create_table_allowed) {
$re0 = '(^|(\\\\\\\\)+|[^\])'; // non-escaped wildcards $re1 = '(^|[^\])(\\\)+'; // escaped wildcards while ($row = PMA_DBI_fetch_row($rs_usr)) { $show_grants_dbname = substr($row[0], strpos($row[0], ' ON ') + 4, (strpos($row[0], '.', strpos($row[0], ' ON ')) - strpos($row[0], ' ON ') - 4)); $show_grants_dbname = ereg_replace('^`(.*)`', '\\1', $show_grants_dbname); $show_grants_str = substr($row[0], 6, (strpos($row[0], ' ON ') - 6)); if ($show_grants_str == 'RELOAD') { $is_reload_priv = true; } if (($show_grants_str == 'ALL') || ($show_grants_str == 'ALL PRIVILEGES') || ($show_grants_str == 'CREATE') || strpos($show_grants_str, 'CREATE')) { if ($show_grants_dbname == '*') { // a global CREATE privilege $is_create_db_priv = true; $is_reload_priv = true; $db_to_create = ''; $dbs_where_create_table_allowed[] = '*'; break; } else { // this array may contain wildcards $dbs_where_create_table_allowed[] = $show_grants_dbname;
// before MySQL 4.1.0, we cannot use backquotes around a dbname // for the USE command, so the USE will fail if the dbname contains // a "-" and we cannot detect if such a db already exists; // since 4.1.0, we need to use backquotes if the dbname contains a "-" // in a USE command
if (PMA_MYSQL_INT_VERSION > 40100) { $dbname_to_test = PMA_backquote($show_grants_dbname); } else { $dbname_to_test = $show_grants_dbname; }
if ( (ereg($re0 . '%|_', $show_grants_dbname) && !ereg('\\\\%|\\\\_', $show_grants_dbname)) // does this db exist? || (!PMA_DBI_try_query('USE ' . ereg_replace($re1 .'(%|_)', '\\1\\3', $dbname_to_test), null, PMA_DBI_QUERY_STORE) && substr(PMA_DBI_getError(), 1, 4) != 1044) ) { $db_to_create = ereg_replace($re0 . '%', '\\1...', ereg_replace($re0 . '_', '\\1?', $show_grants_dbname)); $db_to_create = ereg_replace($re1 . '(%|_)', '\\1\\3', $db_to_create); $is_create_db_priv = true;
// TODO: collect $db_to_create into an array, to display a drop-down // in the "Create new database" dialog // // we don't break, we want all possible databases //break; } // end if } // end elseif } // end if } // end while } // end function
// Detection for some CREATE privilege.
// Since MySQL 4.1.2, we can easily detect current user's grants // using $userlink (no control user needed) // and we don't have to try any other method for detection
if (PMA_MYSQL_INT_VERSION >= 40102) { $rs_usr = PMA_DBI_try_query('SHOW GRANTS', $userlink, PMA_DBI_QUERY_STORE); if ($rs_usr) { PMA_analyseShowGrant($rs_usr, $is_create_db_priv, $db_to_create, $is_reload_priv, $dbs_where_create_table_allowed); PMA_DBI_free_result($rs_usr); unset($rs_usr); } } else {
// Before MySQL 4.1.2, we first try to find a priv in mysql.user. Hopefuly // the controluser is correctly defined; but here, $controllink could contain // $userlink so maybe the SELECT will fail
if (!$is_create_db_priv) { $res = PMA_DBI_query('SELECT USER();', null, PMA_DBI_QUERY_STORE); list($mysql_cur_user_and_host) = PMA_DBI_fetch_row($res); $mysql_cur_user = substr($mysql_cur_user_and_host, 0, strrpos($mysql_cur_user_and_host, '@'));
$local_query = 'SELECT Create_priv, Reload_priv FROM mysql.user WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($mysql_cur_user), 'quoted') . ' OR ' . PMA_convert_using('User') . ' = ' . PMA_convert_using('', 'quoted') . ';'; $rs_usr = PMA_DBI_try_query($local_query, $controllink, PMA_DBI_QUERY_STORE); // Debug: or PMA_mysqlDie('', $local_query, false); if ($rs_usr) { while ($result_usr = PMA_DBI_fetch_assoc($rs_usr)) { if (!$is_create_db_priv) { $is_create_db_priv = ($result_usr['Create_priv'] == 'Y'); } if (!$is_reload_priv) { $is_reload_priv = ($result_usr['Reload_priv'] == 'Y'); } } // end while PMA_DBI_free_result($rs_usr); unset($rs_usr, $result_usr); if ($is_create_db_priv) { $dbs_where_create_table_allowed[] = '*'; } } // end if } // end if
// If the user has Create priv on a inexistant db, show him in the dialog // the first inexistant db name that we find, in most cases it's probably // the one he just dropped :) if (!$is_create_db_priv) { $local_query = 'SELECT DISTINCT Db FROM mysql.db WHERE ' . PMA_convert_using('Create_priv') . ' = ' . PMA_convert_using('Y', 'quoted') . ' AND (' . PMA_convert_using('User') . ' = ' .PMA_convert_using(PMA_sqlAddslashes($mysql_cur_user), 'quoted') . ' OR ' . PMA_convert_using('User') . ' = ' . PMA_convert_using('', 'quoted') . ');';
$rs_usr = PMA_DBI_try_query($local_query, $controllink, PMA_DBI_QUERY_STORE); if ($rs_usr) { $re0 = '(^|(\\\\\\\\)+|[^\])'; // non-escaped wildcards $re1 = '(^|[^\])(\\\)+'; // escaped wildcards while ($row = PMA_DBI_fetch_assoc($rs_usr)) { $dbs_where_create_table_allowed[] = $row['Db']; if (ereg($re0 . '(%|_)', $row['Db']) || (!PMA_DBI_try_query('USE ' . ereg_replace($re1 . '(%|_)', '\\1\\3', $row['Db'])) && substr(PMA_DBI_getError(), 1, 4) != 1044)) { $db_to_create = ereg_replace($re0 . '%', '\\1...', ereg_replace($re0 . '_', '\\1?', $row['Db'])); $db_to_create = ereg_replace($re1 . '(%|_)', '\\1\\3', $db_to_create); $is_create_db_priv = true; break; } // end if } // end while PMA_DBI_free_result($rs_usr); unset($rs_usr, $row, $re0, $re1); } else { // Finally, let's try to get the user's privileges by using SHOW // GRANTS... // Maybe we'll find a little CREATE priv there :) $rs_usr = PMA_DBI_try_query('SHOW GRANTS FOR ' . $mysql_cur_user_and_host . ';', $controllink, PMA_DBI_QUERY_STORE); if (!$rs_usr) { // OK, now we'd have to guess the user's hostname, but we // only try out the 'username'@'%' case. $rs_usr = PMA_DBI_try_query('SHOW GRANTS FOR ' . PMA_convert_using(PMA_sqlAddslashes($mysql_cur_user), 'quoted') . ';', $controllink, PMA_DBI_QUERY_STORE); } unset($local_query); if ($rs_usr) { PMA_analyseShowGrant($rs_usr, $is_create_db_priv, $db_to_create, $is_reload_priv, $dbs_where_create_table_allowed); PMA_DBI_free_result($rs_usr); unset($rs_usr); } // end if } // end elseif } // end if } // end else (MySQL < 4.1.2)
// If disabled, don't show it if (!$cfg['SuggestDBName']) { $db_to_create = ''; } ?>
|