Documentation TYPO3 par Ameos

server_privileges.php

00001 <?php
00002 /* $Id: server_privileges.php,v 2.51 2005/08/07 12:48:11 lem9 Exp $ */
00003 // vim: expandtab sw=4 ts=4 sts=4:
00004 
00008 $js_to_run = 'server_privileges.js';
00009 require('./server_common.inc.php');
00010 
00011 
00015 if (!empty($pred_dbname)) {
00016     $dbname = $pred_dbname;
00017     unset($pred_dbname);
00018 }
00019 if (!empty($pred_tablename)) {
00020     $tablename = $pred_tablename;
00021     unset($pred_tablename);
00022 }
00023 
00024 
00028 if (!$is_superuser) {
00029     require('./server_links.inc.php');
00030     echo '<h2>' . "\n"
00031        . '    ' . ($GLOBALS['cfg']['MainPageIconic'] ? '<img src="'. $GLOBALS['pmaThemeImage'] . 'b_usrlist.png" border="0" hspace="2" align="middle" />' : '')
00032        . '    ' . $strPrivileges . "\n"
00033        . '</h2>' . "\n"
00034        . $strNoPrivileges . "\n";
00035     require_once('./footer.inc.php');
00036 }
00037 
00038 
00049 function PMA_extractPrivInfo($row = '', $enableHTML = FALSE)
00050 {
00051     global $userlink;
00052 
00053     $grants = array(
00054         array('Select_priv', 'SELECT', $GLOBALS['strPrivDescSelect']),
00055         array('Insert_priv', 'INSERT', $GLOBALS['strPrivDescInsert']),
00056         array('Update_priv', 'UPDATE', $GLOBALS['strPrivDescUpdate']),
00057         array('Delete_priv', 'DELETE', $GLOBALS['strPrivDescDelete']),
00058         array('Create_priv', 'CREATE', $GLOBALS['strPrivDescCreateDb']),
00059         array('Drop_priv', 'DROP', $GLOBALS['strPrivDescDropDb']),
00060         array('Reload_priv', 'RELOAD', $GLOBALS['strPrivDescReload']),
00061         array('Shutdown_priv', 'SHUTDOWN', $GLOBALS['strPrivDescShutdown']),
00062         array('Process_priv', 'PROCESS', $GLOBALS['strPrivDescProcess' . ((!empty($row) && isset($row['Super_priv'])) || (empty($row) && isset($GLOBALS['Super_priv'])) ? '4' : '3')]),
00063         array('File_priv', 'FILE', $GLOBALS['strPrivDescFile']),
00064         array('References_priv', 'REFERENCES', $GLOBALS['strPrivDescReferences']),
00065         array('Index_priv', 'INDEX', $GLOBALS['strPrivDescIndex']),
00066         array('Alter_priv', 'ALTER', $GLOBALS['strPrivDescAlter']),
00067         array('Show_db_priv', 'SHOW DATABASES', $GLOBALS['strPrivDescShowDb']),
00068         array('Super_priv', 'SUPER', $GLOBALS['strPrivDescSuper']),
00069         array('Create_tmp_table_priv', 'CREATE TEMPORARY TABLES', $GLOBALS['strPrivDescCreateTmpTable']),
00070         array('Lock_tables_priv', 'LOCK TABLES', $GLOBALS['strPrivDescLockTables']),
00071         array('Execute_priv', 'EXECUTE', $GLOBALS['strPrivDescExecute']),
00072         array('Repl_slave_priv', 'REPLICATION SLAVE', $GLOBALS['strPrivDescReplSlave']),
00073         array('Repl_client_priv', 'REPLICATION CLIENT', $GLOBALS['strPrivDescReplClient'])
00074     );
00075     if (!empty($row) && isset($row['Table_priv'])) {
00076         $res = PMA_DBI_query('SHOW COLUMNS FROM `tables_priv` LIKE \'Table_priv\';', $userlink);
00077         $row1 = PMA_DBI_fetch_assoc($res);
00078         PMA_DBI_free_result($res);
00079         $av_grants = explode ('\',\'' , substr($row1['Type'], 5, strlen($row1['Type']) - 7));
00080         unset($row1);
00081         $users_grants = explode(',', $row['Table_priv']);
00082         foreach ($av_grants as $current_grant) {
00083             $row[$current_grant . '_priv'] = in_array($current_grant, $users_grants) ? 'Y' : 'N';
00084         }
00085         unset($current_grant);
00086         unset($av_grants);
00087         unset($users_grants);
00088     }
00089     $privs = array();
00090     $allPrivileges = TRUE;
00091     foreach ($grants as $current_grant) {
00092         if ((!empty($row) && isset($row[$current_grant[0]])) || (empty($row) && isset($GLOBALS[$current_grant[0]]))) {
00093             if ((!empty($row) && $row[$current_grant[0]] == 'Y') || (empty($row) && ($GLOBALS[$current_grant[0]] == 'Y' || (is_array($GLOBALS[$current_grant[0]]) && count($GLOBALS[$current_grant[0]]) == $GLOBALS['column_count'] && empty($GLOBALS[$current_grant[0] . '_none']))))) {
00094                 if ($enableHTML) {
00095                     $privs[] = '<dfn title="' . $current_grant[2] . '">' . str_replace(' ', '&nbsp;', $current_grant[1]) . '</dfn>';
00096                 } else {
00097                     $privs[] = $current_grant[1];
00098                 }
00099             } else if (!empty($GLOBALS[$current_grant[0]]) && is_array($GLOBALS[$current_grant[0]]) && empty($GLOBALS[$current_grant[0] . '_none'])) {
00100                 if ($enableHTML) {
00101                     $priv_string = '<dfn title="' . $current_grant[2] . '">' . str_replace(' ', '&nbsp;', $current_grant[1]) . '</dfn>';
00102                 } else {
00103                     $priv_string = $current_grant[1];
00104                 }
00105                 $privs[] = $priv_string . ' (`' . join('`, `', $GLOBALS[$current_grant[0]]) . '`)';
00106             } else {
00107                 $allPrivileges = FALSE;
00108             }
00109         }
00110     }
00111     if (empty($privs)) {
00112         if ($enableHTML) {
00113             $privs[] = '<dfn title="' . $GLOBALS['strPrivDescUsage'] . '">USAGE</dfn>';
00114         } else {
00115             $privs[] = 'USAGE';
00116         }
00117     } else if ($allPrivileges && (!isset($GLOBALS['grant_count']) || count($privs) == $GLOBALS['grant_count'])) {
00118         if ($enableHTML) {
00119             $privs = array('<dfn title="' . $GLOBALS['strPrivDescAllPrivileges'] . '">ALL&nbsp;PRIVILEGES</dfn>');
00120         } else {
00121             $privs = array('ALL PRIVILEGES');
00122         }
00123     }
00124     return $privs;
00125 } // end of the 'PMA_extractPrivInfo()' function
00126 
00140 function PMA_displayPrivTable($db = '*', $table = '*', $submit = TRUE, $indent = 0)
00141 {
00142     global $cfg, $userlink, $url_query, $checkall;
00143 
00144     if ($db == '*') {
00145         $table = '*';
00146     }
00147     $spaces = '';
00148     for ($i = 0; $i < $indent; $i++) {
00149         $spaces .= '    ';
00150     }
00151     if (isset($GLOBALS['username'])) {
00152         $username = $GLOBALS['username'];
00153         $hostname = $GLOBALS['hostname'];
00154         if ($db == '*') {
00155             $sql_query = 'SELECT * FROM `user` WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($hostname, 'quoted') . ';';
00156         } else if ($table == '*') {
00157             $sql_query = 'SELECT * FROM `db` WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($hostname, 'quoted') . ' AND ' .  PMA_convert_using('Db') . ' = ' . PMA_convert_using($db, 'quoted') . ';';
00158         } else {
00159             $sql_query = 'SELECT `Table_priv` FROM `tables_priv` WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' .PMA_convert_using('Host') . ' = ' . PMA_convert_using($hostname, 'quoted')  . ' AND ' . PMA_convert_using('Db') . ' = ' . PMA_convert_using($db, 'quoted') . ' AND ' . PMA_convert_using('Table_name') . ' = ' . PMA_convert_using($table, 'quoted') . ';';
00160         }
00161         $res = PMA_DBI_query($sql_query);
00162         $row = PMA_DBI_fetch_assoc($res);
00163         PMA_DBI_free_result($res);
00164     }
00165     if (empty($row)) {
00166         if ($table == '*') {
00167             if ($db == '*') {
00168                 $sql_query = 'SHOW COLUMNS FROM `mysql`.`user`;';
00169             } else if ($table == '*') {
00170                 $sql_query = 'SHOW COLUMNS FROM `mysql`.`db`;';
00171             }
00172             $res = PMA_DBI_query($sql_query);
00173             while ($row1 = PMA_DBI_fetch_row($res)) {
00174                 if (substr($row1[0], 0, 4) == 'max_') {
00175                     $row[$row1[0]] = 0;
00176                 } else {
00177                     $row[$row1[0]] = 'N';
00178                 }
00179             }
00180             PMA_DBI_free_result($res);
00181         } else {
00182             $row = array('Table_priv' => '');
00183         }
00184     }
00185     if (isset($row['Table_priv'])) {
00186         $res = PMA_DBI_query('SHOW COLUMNS FROM `tables_priv` LIKE \'Table_priv\';', $userlink);
00187         $row1 = PMA_DBI_fetch_assoc($res);
00188         PMA_DBI_free_result($res);
00189         $av_grants = explode ('\',\'' , substr($row1['Type'], strpos($row1['Type'], '(') + 2, strpos($row1['Type'], ')') - strpos($row1['Type'], '(') - 3));
00190         unset($res, $row1);
00191         $users_grants = explode(',', $row['Table_priv']);
00192         foreach ($av_grants as $current_grant) {
00193             $row[$current_grant . '_priv'] = in_array($current_grant, $users_grants) ? 'Y' : 'N';
00194         }
00195         unset($row['Table_priv'], $current_grant, $av_grants, $users_grants);
00196         $res = PMA_DBI_try_query('SHOW COLUMNS FROM `' . $db . '`.`' . $table . '`;');
00197         $columns = array();
00198         if ($res) {
00199             while ($row1 = PMA_DBI_fetch_row($res)) {
00200                 $columns[$row1[0]] = array(
00201                     'Select' => FALSE,
00202                     'Insert' => FALSE,
00203                     'Update' => FALSE,
00204                     'References' => FALSE
00205                 );
00206             }
00207             PMA_DBI_free_result($res);
00208         }
00209         unset($res, $row1);
00210     }
00211     if (!empty($columns)) {
00212         $res = PMA_DBI_QUERY('SELECT `Column_name`, `Column_priv` FROM `columns_priv` WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($hostname, 'quoted') . ' AND ' . PMA_convert_using('Db') . ' = ' . PMA_convert_using($db, 'quoted') . ' AND ' . PMA_convert_using('Table_name') . ' = ' . PMA_convert_using($table, 'quoted') . ';');
00213 
00214         while ($row1 = PMA_DBI_fetch_row($res)) {
00215             $row1[1] = explode(',', $row1[1]);
00216             foreach ($row1[1] as $current) {
00217                 $columns[$row1[0]][$current] = TRUE;
00218             }
00219         }
00220         PMA_DBI_free_result($res);
00221         unset($res);
00222         unset($row1);
00223         unset($current);
00224         echo $spaces . '<input type="hidden" name="grant_count" value="' . count($row) . '" />' . "\n"
00225            . $spaces . '<input type="hidden" name="column_count" value="' . count($columns) . '" />' . "\n"
00226            . $spaces . '<table border="0" cellpadding="2" cellspacing="1">' . "\n"
00227            . $spaces . '    <tr>' . "\n"
00228            . $spaces . '        <th colspan="6">&nbsp;' . $GLOBALS['strTblPrivileges'] . '&nbsp;</th>' . "\n"
00229            . $spaces . '    </tr>' . "\n"
00230            . $spaces . '    <tr>' . "\n"
00231            . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '" colspan="6"><small><i>' . $GLOBALS['strEnglishPrivileges'] . '</i></small></td>' . "\n"
00232            . $spaces . '    </tr>' . "\n"
00233            . $spaces . '    <tr>' . "\n"
00234            . $spaces . '        <td bgcolor="' . $cfg['BgcolorOne'] . '">&nbsp;<tt><dfn title="' . $GLOBALS['strPrivDescSelect'] . '">SELECT</dfn></tt>&nbsp;</td>' . "\n"
00235            . $spaces . '        <td bgcolor="' . $cfg['BgcolorOne'] . '">&nbsp;<tt><dfn title="' . $GLOBALS['strPrivDescInsert'] . '">INSERT</dfn></tt>&nbsp;</td>' . "\n"
00236            . $spaces . '        <td bgcolor="' . $cfg['BgcolorOne'] . '">&nbsp;<tt><dfn title="' . $GLOBALS['strPrivDescUpdate'] . '">UPDATE</dfn></tt>&nbsp;</td>' . "\n"
00237            . $spaces . '        <td bgcolor="' . $cfg['BgcolorOne'] . '">&nbsp;<tt><dfn title="' . $GLOBALS['strPrivDescReferences'] . '">REFERENCES</dfn></tt>&nbsp;</td>' . "\n";
00238         list($current_grant, $current_grant_value) = each($row);
00239         while (in_array(substr($current_grant, 0, (strlen($current_grant) - 5)), array('Select', 'Insert', 'Update', 'References'))) {
00240             list($current_grant, $current_grant_value) = each($row);
00241         }
00242         echo $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="checkbox"' . (empty($checkall) ?  '' : ' checked="checked"') . ' name="' . $current_grant . '" id="checkbox_' . $current_grant . '" value="Y" ' . ($current_grant_value == 'Y' ? 'checked="checked" ' : '') . 'title="' . (isset($GLOBALS['strPrivDesc' . substr($current_grant, 0, (strlen($current_grant) - 5))]) ? $GLOBALS['strPrivDesc' . substr($current_grant, 0, (strlen($current_grant) - 5))] : $GLOBALS['strPrivDesc' . substr($current_grant, 0, (strlen($current_grant) - 5)) . 'Tbl']) . '"/></td>' . "\n"
00243            . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="checkbox_' . $current_grant . '"><tt><dfn title="' . (isset($GLOBALS['strPrivDesc' . substr($current_grant, 0, (strlen($current_grant) - 5))]) ? $GLOBALS['strPrivDesc' . substr($current_grant, 0, (strlen($current_grant) - 5))] : $GLOBALS['strPrivDesc' . substr($current_grant, 0, (strlen($current_grant) - 5)) . 'Tbl']) . '">' . strtoupper(substr($current_grant, 0, strlen($current_grant) - 5)) . '</dfn></tt></label></td>' . "\n"
00244            . $spaces . '    </tr>' . "\n"
00245            . $spaces . '    <tr>' . "\n";
00246         $rowspan = count($row) - 5;
00247         echo $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '" rowspan="' . $rowspan . '" valign="top">' . "\n"
00248            . $spaces . '            <select name="Select_priv[]" multiple="multiple">' . "\n";
00249         foreach ($columns as $current_column => $current_column_privileges) {
00250             echo $spaces . '                <option value="' . htmlspecialchars($current_column) . '"';
00251             if ($row['Select_priv'] == 'Y' || $current_column_privileges['Select']) {
00252                 echo ' selected="selected"';
00253             }
00254             echo '>' . htmlspecialchars($current_column) . '</option>' . "\n";
00255         }
00256         echo $spaces . '            </select><br />' . "\n"
00257            . $spaces . '            <i>' . $GLOBALS['strOr'] . '</i><br />' . "\n"
00258            . $spaces . '            <input type="checkbox"' . (empty($checkall) ?  '' : ' checked="checked"') . ' name="Select_priv_none" id="checkbox_Select_priv_none" title="' . $GLOBALS['strNone'] . '" /><label for="checkbox_Select_priv_none">' . $GLOBALS['strNone'] . '</label>' . "\n"
00259            . $spaces . '        </td>' . "\n"
00260            . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '" rowspan="' . $rowspan . '" valign="top">' . "\n"
00261            . $spaces . '            <select name="Insert_priv[]" multiple="multiple">' . "\n";
00262         foreach ($columns as $current_column => $current_column_privileges) {
00263             echo $spaces . '                <option value="' . htmlspecialchars($current_column) . '"';
00264             if ($row['Insert_priv'] == 'Y' || $current_column_privileges['Insert']) {
00265                 echo ' selected="selected"';
00266             }
00267             echo '>' . htmlspecialchars($current_column) . '</option>' . "\n";
00268         }
00269         echo $spaces . '            </select><br />' . "\n"
00270            . $spaces . '            <i>' . $GLOBALS['strOr'] . '</i><br />' . "\n"
00271            . $spaces . '            <input type="checkbox"' . (empty($checkall) ?  '' : ' checked="checked"') . ' name="Insert_priv_none" id="checkbox_Insert_priv_none" title="' . $GLOBALS['strNone'] . '" /><label for="checkbox_Insert_priv_none">' . $GLOBALS['strNone'] . '</label>' . "\n"
00272            . $spaces . '        </td>' . "\n"
00273            . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '" rowspan="' . $rowspan . '" valign="top">' . "\n"
00274            . $spaces . '            <select name="Update_priv[]" multiple="multiple">' . "\n";
00275         foreach ($columns as $current_column => $current_column_privileges) {
00276             echo $spaces . '                <option value="' . htmlspecialchars($current_column) . '"';
00277             if ($row['Update_priv'] == 'Y' || $current_column_privileges['Update']) {
00278                 echo ' selected="selected"';
00279             }
00280             echo '>' . htmlspecialchars($current_column) . '</option>' . "\n";
00281         }
00282         echo $spaces . '            </select><br />' . "\n"
00283            . $spaces . '            <i>' . $GLOBALS['strOr'] . '</i><br />' . "\n"
00284            . $spaces . '            <input type="checkbox"' . (empty($checkall) ?  '' : ' checked="checked"') . ' name="Update_priv_none" id="checkbox_Update_priv_none" title="' . $GLOBALS['strNone'] . '" /><label for="checkbox_Update_priv_none">' . $GLOBALS['strNone'] . '</label>' . "\n"
00285            . $spaces . '        </td>' . "\n"
00286            . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '" rowspan="' . $rowspan . '" valign="top">' . "\n"
00287            . $spaces . '            <select name="References_priv[]" multiple="multiple">' . "\n";
00288         foreach ($columns as $current_column => $current_column_privileges) {
00289             echo $spaces . '                <option value="' . htmlspecialchars($current_column) . '"';
00290             if ($row['References_priv'] == 'Y' || $current_column_privileges['References']) {
00291                 echo ' selected="selected"';
00292             }
00293             echo '>' . htmlspecialchars($current_column) . '</option>' . "\n";
00294         }
00295         echo $spaces . '            </select><br />' . "\n"
00296            . $spaces . '            <i>' . $GLOBALS['strOr'] . '</i><br />' . "\n"
00297            . $spaces . '            <input type="checkbox"' . (empty($checkall) ?  '' : ' checked="checked"') . ' name="References_priv_none" id="checkbox_References_priv_none" title="' . $GLOBALS['strNone'] . '" /><label for="checkbox_References_priv_none">' . $GLOBALS['strNone'] . '</label>' . "\n"
00298            . $spaces . '        </td>' . "\n";
00299         unset($rowspan);
00300         list($current_grant, $current_grant_value) = each($row);
00301         while (in_array(substr($current_grant, 0, (strlen($current_grant) - 5)), array('Select', 'Insert', 'Update', 'References'))) {
00302             list($current_grant, $current_grant_value) = each($row);
00303         }
00304         echo $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="checkbox"' . (empty($checkall) ?  '' : ' checked="checked"') . ' name="' . $current_grant . '" id="checkbox_' . $current_grant . '" value="Y" ' . ($current_grant_value == 'Y' ? 'checked="checked" ' : '') . 'title="' . (isset($GLOBALS['strPrivDesc' . substr($current_grant, 0, (strlen($current_grant) - 5))]) ? $GLOBALS['strPrivDesc' . substr($current_grant, 0, (strlen($current_grant) - 5))] : $GLOBALS['strPrivDesc' . substr($current_grant, 0, (strlen($current_grant) - 5)) . 'Tbl']) . '"/></td>' . "\n"
00305            . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="checkbox_' . $current_grant . '"><tt><dfn title="' . (isset($GLOBALS['strPrivDesc' . substr($current_grant, 0, (strlen($current_grant) - 5))]) ? $GLOBALS['strPrivDesc' . substr($current_grant, 0, (strlen($current_grant) - 5))] : $GLOBALS['strPrivDesc' . substr($current_grant, 0, (strlen($current_grant) - 5)) . 'Tbl']) . '">' . strtoupper(substr($current_grant, 0, strlen($current_grant) - 5)) . '</dfn></tt></label></td>' . "\n"
00306            . $spaces . '    </tr>' . "\n";
00307         while (list($current_grant, $current_grant_value) = each($row)) {
00308             if (in_array(substr($current_grant, 0, (strlen($current_grant) - 5)), array('Select', 'Insert', 'Update', 'References'))) {
00309                 continue;
00310             }
00311             echo $spaces . '    <tr>' . "\n"
00312                . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="checkbox"' . (empty($checkall) ?  '' : ' checked="checked"') . ' name="' . $current_grant . '" id="checkbox_' . $current_grant . '" value="Y" ' . ($current_grant_value == 'Y' ? 'checked="checked" ' : '') . 'title="' . (isset($GLOBALS['strPrivDesc' . substr($current_grant, 0, (strlen($current_grant) - 5))]) ? $GLOBALS['strPrivDesc' . substr($current_grant, 0, (strlen($current_grant) - 5))] : $GLOBALS['strPrivDesc' . substr($current_grant, 0, (strlen($current_grant) - 5)) . 'Tbl']) . '"/></td>' . "\n"
00313                . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="checkbox_' . $current_grant . '"><tt><dfn title="' . (isset($GLOBALS['strPrivDesc' . substr($current_grant, 0, (strlen($current_grant) - 5))]) ? $GLOBALS['strPrivDesc' . substr($current_grant, 0, (strlen($current_grant) - 5))] : $GLOBALS['strPrivDesc' . substr($current_grant, 0, (strlen($current_grant) - 5)) . 'Tbl']) . '">' . strtoupper(substr($current_grant, 0, strlen($current_grant) - 5)) . '</dfn></tt></label></td>' . "\n"
00314                . $spaces . '    </tr>' . "\n";
00315         }
00316     } else {
00317         $privTable[0] = array(
00318             array('Select', 'SELECT', $GLOBALS['strPrivDescSelect']),
00319             array('Insert', 'INSERT', $GLOBALS['strPrivDescInsert']),
00320             array('Update', 'UPDATE', $GLOBALS['strPrivDescUpdate']),
00321             array('Delete', 'DELETE', $GLOBALS['strPrivDescDelete'])
00322         );
00323         if ($db == '*') {
00324             $privTable[0][] = array('File', 'FILE', $GLOBALS['strPrivDescFile']);
00325         }
00326         $privTable[1] = array(
00327             array('Create', 'CREATE', ($table == '*' ? $GLOBALS['strPrivDescCreateDb'] : $GLOBALS['strPrivDescCreateTbl'])),
00328             array('Alter', 'ALTER', $GLOBALS['strPrivDescAlter']),
00329             array('Index', 'INDEX', $GLOBALS['strPrivDescIndex']),
00330             array('Drop', 'DROP', ($table == '*' ? $GLOBALS['strPrivDescDropDb'] : $GLOBALS['strPrivDescDropTbl']))
00331         );
00332         if (isset($row['Create_tmp_table_priv'])) {
00333             $privTable[1][] = array('Create_tmp_table', 'CREATE&nbsp;TEMPORARY&nbsp;TABLES', $GLOBALS['strPrivDescCreateTmpTable']);
00334         }
00335         $privTable[2] = array();
00336         if (isset($row['Grant_priv'])) {
00337             $privTable[2][] = array('Grant', 'GRANT', $GLOBALS['strPrivDescGrant']);
00338         }
00339         if ($db == '*') {
00340             if (isset($row['Super_priv'])) {
00341                 $privTable[2][] = array('Super', 'SUPER', $GLOBALS['strPrivDescSuper']);
00342                 $privTable[2][] = array('Process', 'PROCESS', $GLOBALS['strPrivDescProcess4']);
00343             } else {
00344                 $privTable[2][] = array('Process', 'PROCESS', $GLOBALS['strPrivDescProcess3']);
00345             }
00346             $privTable[2][] = array('Reload', 'RELOAD', $GLOBALS['strPrivDescReload']);
00347             $privTable[2][] = array('Shutdown', 'SHUTDOWN', $GLOBALS['strPrivDescShutdown']);
00348             if (isset($row['Show_db_priv'])) {
00349                 $privTable[2][] = array('Show_db', 'SHOW&nbsp;DATABASES', $GLOBALS['strPrivDescShowDb']);
00350             }
00351         }
00352         if (isset($row['Lock_tables_priv'])) {
00353             $privTable[2][] = array('Lock_tables', 'LOCK&nbsp;TABLES', $GLOBALS['strPrivDescLockTables']);
00354         }
00355         $privTable[2][] = array('References', 'REFERENCES', $GLOBALS['strPrivDescReferences']);
00356         if ($db == '*') {
00357             if (isset($row['Execute_priv'])) {
00358                 $privTable[2][] = array('Execute', 'EXECUTE', $GLOBALS['strPrivDescExecute']);
00359             }
00360             if (isset($row['Repl_client_priv'])) {
00361                 $privTable[2][] = array('Repl_client', 'REPLICATION&nbsp;CLIENT', $GLOBALS['strPrivDescReplClient']);
00362             }
00363             if (isset($row['Repl_slave_priv'])) {
00364                 $privTable[2][] = array('Repl_slave', 'REPLICATION&nbsp;SLAVE', $GLOBALS['strPrivDescReplSlave']);
00365             }
00366         }
00367         echo $spaces . '<input type="hidden" name="grant_count" value="' . (count($privTable[0]) + count($privTable[1]) + count($privTable[2]) - (isset($row['Grant_priv']) ? 1 : 0)) . '" />' . "\n"
00368            . $spaces . '<table border="0" cellpadding="2" cellspacing="1">' . "\n"
00369            . $spaces . '    <tr>' . "\n"
00370            . $spaces . '        <th colspan="6">&nbsp;' . ($db == '*' ? $GLOBALS['strGlobalPrivileges'] : ($table == '*' ? $GLOBALS['strDbPrivileges'] : $GLOBALS['strTblPrivileges'])) . '&nbsp;</th>' . "\n"
00371            . $spaces . '    </tr>' . "\n"
00372            . $spaces . '    <tr>' . "\n"
00373            . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '" align="center" colspan="6"><small><i>' . $GLOBALS['strEnglishPrivileges'] . '</i></small><br />' . "\n"
00374            . $spaces . '        <a href="./server_privileges.php?' . $url_query .  '&amp;checkall=1" onclick="setCheckboxes(\'usersForm\', \'\', true); return false;">' . $GLOBALS['strCheckAll'] . '</a>' . "\n"
00375            . $spaces . '        &nbsp;&nbsp;&nbsp' . "\n"
00376            . $spaces . '        <a href="./server_privileges.php?' . $url_query .  '" onclick="setCheckboxes(\'usersForm\', \'\', false); return false;">' . $GLOBALS['strUncheckAll'] . '</a></td>' . "\n"
00377            . $spaces . '    </tr>' . "\n"
00378            . $spaces . '    <tr>' . "\n"
00379            . $spaces . '        <td bgcolor="' . $cfg['BgcolorOne'] . '" colspan="2">&nbsp;<b><i>' . $GLOBALS['strData'] . '</i></b>&nbsp;</td>' . "\n"
00380            . $spaces . '        <td bgcolor="' . $cfg['BgcolorOne'] . '" colspan="2">&nbsp;<b><i>' . $GLOBALS['strStructure'] . '</i></b>&nbsp;</td>' . "\n"
00381            . $spaces . '        <td bgcolor="' . $cfg['BgcolorOne'] . '" colspan="2">&nbsp;<b><i>' . $GLOBALS['strAdministration'] . '</i></b>&nbsp;</td>' . "\n"
00382            . $spaces . '    </tr>' . "\n";
00383         $limitTable = FALSE;
00384         for ($i = 0; isset($privTable[0][$i]) || isset($privTable[1][$i]) || isset($privTable[2][$i]); $i++) {
00385             echo $spaces . '    <tr>' . "\n";
00386             for ($j = 0; $j < 3; $j++) {
00387                 if (isset($privTable[$j][$i])) {
00388                     echo $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="checkbox"' . (empty($checkall) ?  '' : ' checked="checked"') . ' name="' . $privTable[$j][$i][0] . '_priv" id="checkbox_' . $privTable[$j][$i][0] . '_priv" value="Y" ' . ($row[$privTable[$j][$i][0] . '_priv'] == 'Y' ? 'checked="checked" ' : '') . 'title="' . $privTable[$j][$i][2] . '"/></td>' . "\n"
00389                        . $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="checkbox_' . $privTable[$j][$i][0] . '_priv"><tt><dfn title="' . $privTable[$j][$i][2] . '">' . $privTable[$j][$i][1] . '</dfn></tt></label></td>' . "\n";
00390                 } else if ($db == '*' && !isset($privTable[0][$i]) && !isset($privTable[1][$i])
00391                     && isset($row['max_questions']) && isset($row['max_updates']) && isset($row['max_connections'])
00392                     && !$limitTable) {
00393                     echo $spaces . '        <td colspan="4" rowspan="' . (count($privTable[2]) - $i) . '">' . "\n"
00394                        . $spaces . '            <table border="0" cellpadding="0" cellspacing="0">' . "\n"
00395                        . $spaces . '                <tr>' . "\n"
00396                        . $spaces . '                    <th colspan="2">&nbsp;' . $GLOBALS['strResourceLimits'] . '&nbsp;</th>' . "\n"
00397                        . $spaces . '                </tr>' . "\n"
00398                        . $spaces . '                <tr>' . "\n"
00399                        . $spaces . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '" colspan="2"><small><i>' . $GLOBALS['strZeroRemovesTheLimit'] . '</i></small></td>' . "\n"
00400                        . $spaces . '                </tr>' . "\n"
00401                        . $spaces . '                <tr>' . "\n"
00402                        . $spaces . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="text_max_questions"><tt><dfn title="' . $GLOBALS['strPrivDescMaxQuestions'] . '">MAX&nbsp;QUERIES&nbsp;PER&nbsp;HOUR</dfn></tt></label></td>' . "\n"
00403                        . $spaces . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="text" class="textfield" name="max_questions" id="text_max_questions" value="' . $row['max_questions'] . '" size="11" maxlength="11" title="' . $GLOBALS['strPrivDescMaxQuestions'] . '" /></td>' . "\n"
00404                        . $spaces . '                </tr>' . "\n"
00405                        . $spaces . '                <tr>' . "\n"
00406                        . $spaces . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="text_max_updates"><tt><dfn title="' . $GLOBALS['strPrivDescMaxUpdates'] . '">MAX&nbsp;UPDATES&nbsp;PER&nbsp;HOUR</dfn></tt></label></td>' . "\n"
00407                        . $spaces . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="text" class="textfield" name="max_updates" id="text_max_updates" value="' . $row['max_updates'] . '" size="11" maxlength="11" title="' . $GLOBALS['strPrivDescMaxUpdates'] . '" /></td>' . "\n"
00408                        . $spaces . '                </tr>' . "\n"
00409                        . $spaces . '                <tr>' . "\n"
00410                        . $spaces . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="text_max_connections"><tt><dfn title="' . $GLOBALS['strPrivDescMaxConnections'] . '">MAX&nbsp;CONNECTIONS&nbsp;PER&nbsp;HOUR</dfn></tt></label></td>' . "\n"
00411                        . $spaces . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="text" class="textfield" name="max_connections" id="text_max_connections" value="' . $row['max_connections'] . '" size="11" maxlength="11" title="' . $GLOBALS['strPrivDescMaxConnections'] . '" /></td>' . "\n"
00412                        . $spaces . '                </tr>' . "\n"
00413                        . $spaces . '            </table>' . "\n"
00414                        . $spaces . '        </td>' . "\n";
00415                     $limitTable = TRUE;
00416                 } else if (!$limitTable) {
00417                     echo $spaces . '        <td bgcolor="' . $cfg['BgcolorTwo'] . '" colspan="2">&nbsp;</td>' . "\n";
00418                 }
00419             }
00420         }
00421         echo $spaces . '    </tr>' . "\n";
00422     }
00423     if ($submit) {
00424         echo $spaces . '    <tr>' . "\n"
00425            . $spaces . '        <td colspan="6" align="right">' . "\n"
00426            . $spaces . '            <input type="submit" name="update_privs" value="' . $GLOBALS['strGo'] . '" />' . "\n"
00427            . $spaces . '        </td>' . "\n"
00428            . $spaces . '    </tr>' . "\n";
00429     }
00430     echo $spaces . '</table>' . "\n";
00431 } // end of the 'PMA_displayPrivTable()' function
00432 
00433 
00447 function PMA_displayLoginInformationFields($mode = 'new', $indent = 0)
00448 {
00449     global $cfg, $userlink;
00450     $spaces = '';
00451     for ($i = 0; $i < $indent; $i++) {
00452         $spaces .= '    ';
00453     }
00454     echo $spaces . '<tr>' . "\n"
00455        . $spaces . '    <td bgcolor="' . $cfg['BgcolorTwo'] . '">' . "\n"
00456        . $spaces . '        <label for="select_pred_username">' . "\n"
00457        . $spaces . '            ' . $GLOBALS['strUserName'] . ':' . "\n"
00458        . $spaces . '        </label>' . "\n"
00459        . $spaces . '    </td>' . "\n"
00460        . $spaces . '    <td bgcolor="' . $cfg['BgcolorTwo'] . '">' . "\n"
00461        . $spaces . '        <select name="pred_username" id="select_pred_username" title="' . $GLOBALS['strUserName'] . '"' . "\n"
00462        . $spaces . '            onchange="if (this.value == \'any\') { username.value = \'\'; } else if (this.value == \'userdefined\') { username.focus(); username.select(); }">' . "\n"
00463        . $spaces . '            <option value="any"' . ((isset($GLOBALS['pred_username']) && $GLOBALS['pred_username'] == 'any') ? ' selected="selected"' : '') . '>' . $GLOBALS['strAnyUser'] . '</option>' . "\n"
00464        . $spaces . '            <option value="userdefined"' . ((!isset($GLOBALS['pred_username']) || $GLOBALS['pred_username'] == 'userdefined') ? ' selected="selected"' : '') . '>' . $GLOBALS['strUseTextField'] . ':</option>' . "\n"
00465        . $spaces . '        </select>' . "\n"
00466        . $spaces . '    </td>' . "\n"
00467        . $spaces . '    <td bgcolor="' . $cfg['BgcolorTwo'] . '">' . "\n"
00468        . $spaces . '        <input type="text" class="textfield" name="username" class="textfield" title="' . $GLOBALS['strUserName'] . '"' . (empty($GLOBALS['username']) ? '' : ' value="' . (isset($GLOBALS['new_username']) ? $GLOBALS['new_username'] : $GLOBALS['username']) . '"') . ' onchange="pred_username.value = \'userdefined\';" />' . "\n"
00469        . $spaces . '    </td>' . "\n"
00470        . $spaces . '</tr>' . "\n"
00471        . $spaces . '<tr>' . "\n"
00472        . $spaces . '    <td bgcolor="' . $cfg['BgcolorTwo'] . '">' . "\n"
00473        . $spaces . '        <label for="select_pred_hostname">' . "\n"
00474        . $spaces . '            ' . $GLOBALS['strHost'] . ':' . "\n"
00475        . $spaces . '        </label>' . "\n"
00476        . $spaces . '    </td>' . "\n"
00477        . $spaces . '    <td bgcolor="' . $cfg['BgcolorTwo'] . '">' . "\n"
00478        . $spaces . '        <select name="pred_hostname" id="select_pred_hostname" title="' . $GLOBALS['strHost'] . '"' . "\n";
00479     $res = PMA_DBI_query('SELECT USER();');
00480     $row = PMA_DBI_fetch_row($res);
00481     PMA_DBI_free_result($res);
00482     unset($res);
00483     if (!empty($row[0])) {
00484         $thishost = str_replace("'", '', substr($row[0], (strrpos($row[0], '@') + 1)));
00485         if ($thishost == 'localhost' || $thishost == '127.0.0.1') {
00486             unset($thishost);
00487         }
00488     }
00489     echo $spaces . '            onchange="if (this.value == \'any\') { hostname.value = \'%\'; } else if (this.value == \'localhost\') { hostname.value = \'localhost\'; } '
00490        . (empty($thishost) ? '' : 'else if (this.value == \'thishost\') { hostname.value = \'' . addslashes(htmlspecialchars($thishost)) . '\'; } ')
00491        . 'else if (this.value == \'hosttable\') { hostname.value = \'\'; } else if (this.value == \'userdefined\') { hostname.focus(); hostname.select(); }">' . "\n";
00492     unset($row);
00493 
00494     // when we start editing a user, $GLOBALS['pred_hostname'] is not defined
00495     if (!isset($GLOBALS['pred_hostname']) && isset($GLOBALS['hostname'])) {
00496         switch (strtolower($GLOBALS['hostname'])) {
00497             case 'localhost':
00498             case '127.0.0.1':
00499                 $GLOBALS['pred_hostname'] = 'localhost';
00500                 break;
00501             case '%':
00502                 $GLOBALS['pred_hostname'] = 'any';
00503                 break;
00504             default:
00505                 $GLOBALS['pred_hostname'] = 'userdefined';
00506                 break;
00507         }        
00508     }
00509     echo $spaces . '            <option value="any"' . ((isset($GLOBALS['pred_hostname']) && $GLOBALS['pred_hostname'] == 'any') ? ' selected="selected"' : '') . '>' . $GLOBALS['strAnyHost'] . '</option>' . "\n"
00510        . $spaces . '            <option value="localhost"' . ((isset($GLOBALS['pred_hostname']) && $GLOBALS['pred_hostname'] == 'localhost') ? ' selected="selected"' : '') . '>' . $GLOBALS['strLocalhost'] . '</option>' . "\n";
00511     if (!empty($thishost)) {
00512         echo $spaces . '            <option value="thishost"' . ((isset($GLOBALS['pred_hostname']) && $GLOBALS['pred_hostname'] == 'thishost') ? ' selected="selected"' : '') . '>' . $GLOBALS['strThisHost'] . '</option>' . "\n";
00513     }
00514     unset($thishost);
00515     echo $spaces . '            <option value="hosttable"' . ((isset($GLOBALS['pred_hostname']) && $GLOBALS['pred_hostname'] == 'hosttable') ? ' selected="selected"' : '') . '>' . $GLOBALS['strUseHostTable'] . '</option>' . "\n"
00516        . $spaces . '            <option value="userdefined"' . ((isset($GLOBALS['pred_hostname']) && $GLOBALS['pred_hostname'] == 'userdefined') ? ' selected="selected"' : '') . '>' . $GLOBALS['strUseTextField'] . ':</option>' . "\n"
00517        . $spaces . '        </select>' . "\n"
00518        . $spaces . '    </td>' . "\n"
00519        . $spaces . '    <td bgcolor="' . $cfg['BgcolorTwo'] . '">' . "\n"
00520        . $spaces . '        <input type="text" class="textfield" name="hostname" value="' . ( isset($GLOBALS['hostname']) ? $GLOBALS['hostname'] : '' ) . '" class="textfield" title="' . $GLOBALS['strHost'] . '" onchange="pred_hostname.value = \'userdefined\';" />' . "\n"
00521        . $spaces . '    </td>' . "\n"
00522        . $spaces . '</tr>' . "\n"
00523        . $spaces . '<tr>' . "\n"
00524        . $spaces . '    <td bgcolor="' . $cfg['BgcolorTwo'] . '">' . "\n"
00525        . $spaces . '        <label for="select_pred_password">' . "\n"
00526        . $spaces . '            ' . $GLOBALS['strPassword'] . ':' . "\n"
00527        . $spaces . '        </label>' . "\n"
00528        . $spaces . '    </td>' . "\n"
00529        . $spaces . '    <td bgcolor="' . $cfg['BgcolorTwo'] . '">' . "\n"
00530        . $spaces . '        <select name="pred_password" id="select_pred_password" title="' . $GLOBALS['strPassword'] . '"' . "\n"
00531        . $spaces . '            onchange="if (this.value == \'none\') { pma_pw.value = \'\'; pma_pw2.value = \'\'; } else if (this.value == \'userdefined\') { pma_pw.focus(); pma_pw.select(); }">' . "\n"
00532        . ($mode == 'change' ? $spaces . '            <option value="keep" selected="selected">' . $GLOBALS['strKeepPass'] . '</option>' . "\n" : '')
00533        . $spaces . '            <option value="none">' . $GLOBALS['strNoPassword'] . '</option>' . "\n"
00534        . $spaces . '            <option value="userdefined"' . ($mode == 'change' ? '' : ' selected="selected"') . '>' . $GLOBALS['strUseTextField'] . ':</option>' . "\n"
00535        . $spaces . '        </select>' . "\n"
00536        . $spaces . '    </td>' . "\n"
00537        . $spaces . '    <td bgcolor="' . $cfg['BgcolorTwo'] . '">' . "\n"
00538        . $spaces . '        <input type="password" name="pma_pw" class="textfield" title="' . $GLOBALS['strPassword'] . '" onchange="pred_password.value = \'userdefined\';" />' . "\n"
00539        . $spaces . '    </td>' . "\n"
00540        . $spaces . '</tr>' . "\n"
00541        . $spaces . '<tr>' . "\n"
00542        . $spaces . '    <td bgcolor="' . $cfg['BgcolorTwo'] . '">' . "\n"
00543        . $spaces . '        <label for="text_pma_pw2">' . "\n"
00544        . $spaces . '            ' . $GLOBALS['strReType'] . ':' . "\n"
00545        . $spaces . '        </label>' . "\n"
00546        . $spaces . '    </td>' . "\n"
00547        . $spaces . '    <td bgcolor="' . $cfg['BgcolorTwo'] . '">&nbsp;</td>' . "\n"
00548        . $spaces . '    <td bgcolor="' . $cfg['BgcolorTwo'] . '">' . "\n"
00549        . $spaces . '        <input type="password" name="pma_pw2" id="text_pma_pw2" class="textfield" title="' . $GLOBALS['strReType'] . '" onchange="pred_password.value = \'userdefined\';" />' . "\n"
00550        . $spaces . '    </td>' . "\n"
00551        . $spaces . '</tr>' . "\n"
00552        . $spaces . '<tr>' . "\n"
00553        . $spaces . '    <td bgcolor="' . $cfg['BgcolorTwo'] . '">' . "\n"
00554        . $spaces . '        <label for="text_pma_pw2">' . "\n"
00555        . $spaces . '            ' . $GLOBALS['strGeneratePassword'] . ':' . "\n"
00556        . $spaces . '        </label>' . "\n"
00557        . $spaces . '    </td>' . "\n"
00558        . $spaces . '    <td bgcolor="' . $cfg['BgcolorTwo'] . '">' . "\n"
00559        . $spaces . '        <input type="button" value="' . $GLOBALS['strGenerate'] . '" onClick="suggestPassword(this.form, \'generated_pw\')">' . "\n"
00560        . $spaces . '        <input type="button" value="' . $GLOBALS['strCopy'] . '" onClick="suggestPasswordCopy(this.form)">' . "\n"
00561        . $spaces . '        &nbsp;</td>' . "\n"
00562        . $spaces . '    <td bgcolor="' . $cfg['BgcolorTwo'] . '">' . "\n"
00563        . $spaces . '        <input type="text" name="generated_pw" id="generated_pw" class="textfield"/>' . "\n"
00564        . $spaces . '    </td>' . "\n"
00565        . $spaces . '</tr>' . "\n";
00566 } // end of the 'PMA_displayUserAndHostFields()' function
00567 
00568 
00572 if (!empty($change_copy)) {
00573     $user_host_condition = ' WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($old_username), 'quoted') . ' AND ' . PMA_convert_using('Host') .  ' = ' . PMA_convert_using($old_hostname, 'quoted') . ';';
00574     $res = PMA_DBI_query('SELECT * FROM `mysql`.`user` ' . $user_host_condition);
00575     if (!$res) {
00576         $message = $strNoUsersFound;
00577         unset($change_copy);
00578     } else {
00579         $row = PMA_DBI_fetch_assoc($res);
00580         extract($row, EXTR_OVERWRITE);
00581         // Recent MySQL versions have the field "Password" in mysql.user,
00582         // so the previous extract creates $Password but this script
00583         // uses $password
00584         if (!isset($password) && isset($Password)) {
00585             $password=$Password;
00586         }
00587         PMA_DBI_free_result($res);
00588         $queries = array();
00589     }
00590 }
00591 
00592 
00597 if (!empty($adduser_submit) || !empty($change_copy)) {
00598     unset($sql_query);
00599     if ($pred_username == 'any') {
00600         $username = '';
00601     }
00602     switch ($pred_hostname) {
00603         case 'any':
00604             $hostname = '%';
00605             break;
00606         case 'localhost':
00607             $hostname = 'localhost';
00608             break;
00609         case 'hosttable':
00610             $hostname = '';
00611             break;
00612         case 'thishost':
00613             $res = PMA_DBI_query('SELECT USER();');
00614             $row = PMA_DBI_fetch_row($res);
00615             PMA_DBI_free_result($res);
00616             unset($res);
00617             $hostname = substr($row[0], (strrpos($row[0], '@') + 1));
00618             unset($row);
00619             break;
00620     }
00621     $res = PMA_DBI_query('SELECT \'foo\' FROM `user` WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($hostname, 'quoted') . ';', NULL, PMA_DBI_QUERY_STORE);
00622     if (PMA_DBI_num_rows($res) == 1) {
00623         PMA_DBI_free_result($res);
00624         $message = sprintf($strUserAlreadyExists, '[i]\'' . $username . '\'@\'' . $hostname . '\'[/i]');
00625         $adduser = 1;
00626     } else {
00627         PMA_DBI_free_result($res);
00628         $real_sql_query = 'GRANT ' . join(', ', PMA_extractPrivInfo()) . ' ON *.* TO \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\'';
00629         if ($pred_password != 'none' && $pred_password != 'keep') {
00630             $pma_pw_hidden = '';
00631             for ($i = 0; $i < strlen($pma_pw); $i++) {
00632                 $pma_pw_hidden .= '*';
00633             }
00634             $sql_query = $real_sql_query . ' IDENTIFIED BY \'' . $pma_pw_hidden . '\'';
00635             $real_sql_query .= ' IDENTIFIED BY \'' . $pma_pw . '\'';
00636         } else {
00637             if ($pred_password == 'keep' && !empty($password)) {
00638                 $real_sql_query .= ' IDENTIFIED BY PASSWORD \'' . $password . '\'';
00639             }
00640             $sql_query = $real_sql_query;
00641         }
00642         if ((isset($Grant_priv) && $Grant_priv == 'Y') || (PMA_MYSQL_INT_VERSION >= 40002 && (isset($max_questions) || isset($max_connections) || isset($max_updates)))) {
00643             $real_sql_query .= 'WITH';
00644             $sql_query .= 'WITH';
00645             if (isset($Grant_priv) && $Grant_priv == 'Y') {
00646                 $real_sql_query .= ' GRANT OPTION';
00647                 $sql_query .= ' GRANT OPTION';
00648             }
00649             if (PMA_MYSQL_INT_VERSION >= 40002) {
00650                 if (isset($max_questions)) {
00651                     $real_sql_query .= ' MAX_QUERIES_PER_HOUR ' . (int)$max_questions;
00652                     $sql_query .= ' MAX_QUERIES_PER_HOUR ' . (int)$max_questions;
00653                 }
00654                 if (isset($max_connections)) {
00655                     $real_sql_query .= ' MAX_CONNECTIONS_PER_HOUR ' . (int)$max_connections;
00656                     $sql_query .= ' MAX_CONNECTIONS_PER_HOUR ' . (int)$max_connections;
00657                 }
00658                 if (isset($max_updates)) {
00659                     $real_sql_query .= ' MAX_UPDATES_PER_HOUR ' . (int)$max_updates;
00660                     $sql_query .= ' MAX_UPDATES_PER_HOUR ' . (int)$max_updates;
00661                 }
00662             }
00663         }
00664         $real_sql_query .= ';';
00665         $sql_query .= ';';
00666         if (empty($change_copy)) {
00667             PMA_DBI_try_query($real_sql_query) or PMA_mysqlDie(PMA_DBI_getError(), $sql_query);
00668             $message = $strAddUserMessage;
00669         } else {
00670             $queries[]             = $real_sql_query;
00671             // we put the query containing the hidden password in
00672             // $queries_for_display, at the same position occupied
00673             // by the real query in $queries
00674             $tmp_count = count($queries);
00675             $queries_for_display[$tmp_count - 1] = $sql_query;
00676         }
00677         unset($res, $real_sql_query);
00678     }
00679 }
00680 
00681 
00685 if (!empty($change_copy)) {
00686     $user_host_condition = ' WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($old_username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($old_hostname, 'quoted') . ';';
00687     $res = PMA_DBI_query('SELECT * FROM `mysql`.`db`' . $user_host_condition );
00688     while ($row = PMA_DBI_fetch_assoc($res)) {
00689         $queries[] = 'GRANT ' . join(', ', PMA_extractPrivInfo($row)) . ' ON `' . $row['Db'] . '`.* TO \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\'' . ($row['Grant_priv'] == 'Y' ? ' WITH GRANT OPTION' : '') . ';';
00690     }
00691     PMA_DBI_free_result($res);
00692     $res = PMA_DBI_query('SELECT `Db`, `Table_name`, `Table_priv` FROM `mysql`.`tables_priv`' . $user_host_condition, $userlink, PMA_DBI_QUERY_STORE);
00693     while ($row = PMA_DBI_fetch_assoc($res)) {
00694 
00695         $res2 = PMA_DBI_QUERY('SELECT `Column_name`, `Column_priv` FROM `mysql`.`columns_priv` WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($old_username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($old_hostname, 'quoted') . ' AND ' . PMA_convert_using('Db') .  ' = ' . PMA_convert_using($row['Db'], 'quoted') . ' AND ' . PMA_convert_using('Table_name') . ' = ' . PMA_convert_using($row['Table_name'], 'quoted') . ';', NULL, PMA_DBI_QUERY_STORE);
00696 
00697         $tmp_privs1 = PMA_extractPrivInfo($row);
00698         $tmp_privs2 = array(
00699             'Select' => array(),
00700             'Insert' => array(),
00701             'Update' => array(),
00702             'References' => array()
00703         );
00704 
00705         while ($row2 = PMA_DBI_fetch_assoc($res2)) {
00706             $tmp_array = explode(',', $row2['Column_priv']);
00707             if (in_array('Select', $tmp_array)) {
00708                 $tmp_privs2['Select'][] = $row2['Column_name'];
00709             }
00710             if (in_array('Insert', $tmp_array)) {
00711                 $tmp_privs2['Insert'][] = $row2['Column_name'];
00712             }
00713             if (in_array('Update', $tmp_array)) {
00714                 $tmp_privs2['Update'][] = $row2['Column_name'];
00715             }
00716             if (in_array('References', $tmp_array)) {
00717                 $tmp_privs2['References'][] = $row2['Column_name'];
00718             }
00719             unset($tmp_array);
00720         }
00721         if (count($tmp_privs2['Select']) > 0 && !in_array('SELECT', $tmp_privs1)) {
00722             $tmp_privs1[] = 'SELECT (`' . join('`, `', $tmp_privs2['Select']) . '`)';
00723         }
00724         if (count($tmp_privs2['Insert']) > 0 && !in_array('INSERT', $tmp_privs1)) {
00725             $tmp_privs1[] = 'INSERT (`' . join('`, `', $tmp_privs2['Insert']) . '`)';
00726         }
00727         if (count($tmp_privs2['Update']) > 0 && !in_array('UPDATE', $tmp_privs1)) {
00728             $tmp_privs1[] = 'UPDATE (`' . join('`, `', $tmp_privs2['Update']) . '`)';
00729         }
00730         if (count($tmp_privs2['References']) > 0 && !in_array('REFERENCES', $tmp_privs1)) {
00731             $tmp_privs1[] = 'REFERENCES (`' . join('`, `', $tmp_privs2['References']) . '`)';
00732         }
00733         unset($tmp_privs2);
00734         $queries[] = 'GRANT ' . join(', ', $tmp_privs1) . ' ON `' . $row['Db'] . '`.`' . $row['Table_name'] . '` TO \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\'' . (in_array('Grant', explode(',', $row['Table_priv'])) ? ' WITH GRANT OPTION' : '') . ';';
00735     }
00736 }
00737 
00738 
00742 if (!empty($update_privs)) {
00743     // escaping a wildcard character in a GRANT is only accepted at the global
00744     // or database level, not at table level; this is why I remove
00745     // the escaping character
00746     // Note: in the phpMyAdmin list of Database-specific privileges,
00747     //  we will have for example
00748     //  test\_db  SELECT (this one is for privileges on a db level)
00749     //  test_db   USAGE  (this one is for table-specific privileges)
00750     //
00751     // It looks curious but reflects the way MySQL works
00752 
00753     if (empty($dbname)) {
00754         $db_and_table = '*.*';
00755     } else {
00756         if (!empty($tablename)) {
00757             $db_and_table = str_replace('\\','',PMA_backquote($dbname))
00758                           . '.' . PMA_backquote($tablename);
00759         } else {
00760             // do not remove the escaping character when working at db level 
00761             $db_and_table = PMA_backquote($dbname)
00762                           . '.*'; 
00763         }
00764     }
00765 
00766 
00767     $sql_query0 = 'REVOKE ALL PRIVILEGES ON ' . $db_and_table . ' FROM \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\';';
00768     if (!isset($Grant_priv) || $Grant_priv != 'Y') {
00769         $sql_query1 = 'REVOKE GRANT OPTION ON ' . $db_and_table . ' FROM \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\';';
00770     }
00771     $sql_query2 = 'GRANT ' . join(', ', PMA_extractPrivInfo()) . ' ON ' . $db_and_table . ' TO \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\'';
00772 
00773     if ((isset($Grant_priv) && $Grant_priv == 'Y') || (empty($dbname) && PMA_MYSQL_INT_VERSION >= 40002 && (isset($max_questions) || isset($max_connections) || isset($max_updates)))) {
00774         $sql_query2 .= 'WITH';
00775         if (isset($Grant_priv) && $Grant_priv == 'Y') {
00776             $sql_query2 .= ' GRANT OPTION';
00777         }
00778         if (PMA_MYSQL_INT_VERSION >= 40002) {
00779             if (isset($max_questions)) {
00780                 $sql_query2 .= ' MAX_QUERIES_PER_HOUR ' . (int)$max_questions;
00781             }
00782             if (isset($max_connections)) {
00783                 $sql_query2 .= ' MAX_CONNECTIONS_PER_HOUR ' . (int)$max_connections;
00784             }
00785             if (isset($max_updates)) {
00786                 $sql_query2 .= ' MAX_UPDATES_PER_HOUR ' . (int)$max_updates;
00787             }
00788         }
00789     }
00790     $sql_query2 .= ';';
00791     if (!PMA_DBI_try_query($sql_query0)) { // this query may fail, but this does not matter :o)
00792         unset($sql_query0);
00793     }
00794     if (isset($sql_query1) && !PMA_DBI_try_query($sql_query1)) { // this one may fail, too...
00795         unset($sql_query1);
00796     }
00797     PMA_DBI_query($sql_query2);
00798     $sql_query = (isset($sql_query0) ? $sql_query0 . ' ' : '')
00799                . (isset($sql_query1) ? $sql_query1 . ' ' : '')
00800                . $sql_query2;
00801     $message = sprintf($strUpdatePrivMessage, '\'' . $username . '\'@\'' . $hostname . '\'');
00802 }
00803 
00804 
00808 if (!empty($revokeall)) {
00809     $db_and_table = PMA_backquote($dbname) . '.' . (empty($tablename) ? '*' : PMA_backquote($tablename));
00810     $sql_query0 = 'REVOKE ALL PRIVILEGES ON ' . $db_and_table . ' FROM \'' . $username . '\'@\'' . $hostname . '\';';
00811     $sql_query1 = 'REVOKE GRANT OPTION ON ' . $db_and_table . ' FROM \'' . $username . '\'@\'' . $hostname . '\';';
00812     PMA_DBI_query($sql_query0);
00813     if (!PMA_DBI_try_query($sql_query1)) { // this one may fail, too...
00814         unset($sql_query1);
00815     }
00816     $sql_query = $sql_query0 . (isset($sql_query1) ? ' ' . $sql_query1 : '');
00817     $message = sprintf($strRevokeMessage, '\'' . $username . '\'@\'' . $hostname . '\'');
00818     if (empty($tablename)) {
00819         unset($dbname);
00820     } else {
00821         unset($tablename);
00822     }
00823 }
00824 
00825 
00829 if (!empty($change_pw)) {
00830     if ($nopass == 1) {
00831         $sql_query = 'SET PASSWORD FOR \'' . $username . '\'@\'' . $hostname . '\' = \'\';';
00832         PMA_DBI_query($sql_query);
00833         $message = sprintf($strPasswordChanged, '\'' . $username . '\'@\'' . $hostname . '\'');
00834     } else if (empty($pma_pw) || empty($pma_pw2)) {
00835         $message = $strPasswordEmpty;
00836     } else if ($pma_pw != $pma_pw2) {
00837         $message = $strPasswordNotSame;
00838     } else {
00839         $hidden_pw = '';
00840         for ($i = 0; $i < strlen($pma_pw); $i++) {
00841             $hidden_pw .= '*';
00842         }
00843         $local_query = 'SET PASSWORD FOR \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\' = PASSWORD(\'' . PMA_sqlAddslashes($pma_pw) . '\')';
00844         $sql_query = 'SET PASSWORD FOR \'' . PMA_sqlAddslashes($username) . '\'@\'' . $hostname . '\' = PASSWORD(\'' . $hidden_pw . '\')';
00845         PMA_DBI_try_query($local_query) or PMA_mysqlDie(PMA_DBI_getError(), $sql_query);
00846         $message = sprintf($strPasswordChanged, '\'' . $username . '\'@\'' . $hostname . '\'');
00847     }
00848 }
00849 
00850 
00855 $user_host_separator = chr(27);
00856 
00857 if (!empty($delete) || (!empty($change_copy) && $mode < 4)) {
00858     if (!empty($change_copy)) {
00859         $selected_usr = array($old_username . $user_host_separator . $old_hostname);
00860     } else {
00861         $queries = array();
00862     }
00863     for ($i = 0; isset($selected_usr[$i]); $i++) {
00864         list($this_user, $this_host) = explode($user_host_separator, $selected_usr[$i]);
00865         $queries[] = '# ' . sprintf($strDeleting, '\'' . $this_user . '\'@\'' . $this_host . '\'') . ' ...';
00866         if ($mode == 2) {
00867             // The SHOW GRANTS query may fail if the user has not been loaded
00868             // into memory
00869             $res = PMA_DBI_try_query('SHOW GRANTS FOR \'' . PMA_sqlAddslashes($this_user) . '\'@\'' . $this_host . '\';');
00870             if ($res) {
00871                 $queries[] = 'REVOKE ALL PRIVILEGES ON *.* FROM \'' . PMA_sqlAddslashes($this_user) . '\'@\'' . $this_host . '\';';
00872                 while ($row = PMA_DBI_fetch_row($res)) {
00873                     $this_table = substr($row[0], (strpos($row[0], 'ON') + 3), (strpos($row[0], ' TO ') - strpos($row[0], 'ON') - 3));
00874                     if ($this_table != '*.*') {
00875                         $queries[] = 'REVOKE ALL PRIVILEGES ON ' . $this_table . ' FROM \'' . PMA_sqlAddslashes($this_user) . '\'@\'' . $this_host . '\';';
00876 
00877                         if (strpos($row[0], 'WITH GRANT OPTION')) {
00878                             $queries[] = 'REVOKE GRANT OPTION ON ' . $this_table . ' FROM \'' . PMA_sqlAddslashes($this_user) . '\'@\'' . $this_host . '\';';
00879                         }
00880                     }
00881                     unset($this_table);
00882                 }
00883                 PMA_DBI_free_result($res);
00884             }
00885             unset($res);
00886         }
00887         $queries[] = 'DELETE FROM `user` WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($this_user), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($this_host, 'quoted') . ';';
00888         if ($mode != 2) {
00889             // If we REVOKE the table grants, we should not need to modify the
00890             // `db`, `tables_priv` and `columns_priv` tables manually...
00891             $user_host_condition = ' WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($this_user), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($this_host, 'quoted') . ';';
00892             $queries[] = 'DELETE FROM `db`' . $user_host_condition;
00893             $queries[] = 'DELETE FROM `tables_priv`' . $user_host_condition;
00894             $queries[] = 'DELETE FROM `columns_priv`' . $user_host_condition;
00895         }
00896         if (!empty($drop_users_db)) {
00897             $queries[] = 'DROP DATABASE IF EXISTS ' . PMA_backquote($this_user) . ';';
00898         }
00899     }
00900     if (empty($change_copy)) {
00901         if (empty($queries)) {
00902             $message = $strError . ': ' . $strDeleteNoUsersSelected;
00903         } else {
00904             if ($mode == 3) {
00905                 $queries[] = '# ' . $strReloadingThePrivileges . ' ...';
00906                 $queries[] = 'FLUSH PRIVILEGES;';
00907             }
00908             foreach ($queries as $sql_query) {
00909                 if ($sql_query{0} != '#') {
00910                     PMA_DBI_query($sql_query, $userlink);
00911                 }
00912             }
00913             $sql_query = join("\n", $queries);
00914             $message = $strUsersDeleted;
00915         }
00916         unset($queries);
00917     }
00918 }
00919 
00920 
00924 if (!empty($change_copy)) {
00925     $tmp_count = -1;
00926     foreach ($queries as $sql_query) {
00927         $tmp_count++;
00928         if ($sql_query{0} != '#') {
00929             PMA_DBI_query($sql_query);
00930         }
00931         // when there is a query containing a hidden password, take it
00932         // instead of the real query sent
00933         if (isset($queries_for_display[$tmp_count])) {
00934             $queries[$tmp_count] = $queries_for_display[$tmp_count];
00935         }
00936     }
00937     $message = $strSuccess;
00938     $sql_query = join("\n", $queries);
00939 }
00940 
00941 
00945 if (!empty($flush_privileges)) {
00946     $sql_query = 'FLUSH PRIVILEGES;';
00947     PMA_DBI_query($sql_query);
00948     $message = $strPrivilegesReloaded;
00949 }
00950 
00951 
00955 require('./server_links.inc.php');
00956 
00957 
00961 if (empty($adduser) && empty($checkprivs)) {
00962     if (!isset($username)) {
00963         // No username is given --> display the overview
00964         echo '<h2>' . "\n"
00965            . '    ' . ($GLOBALS['cfg']['MainPageIconic'] ? '<img src="'. $GLOBALS['pmaThemeImage'] . 'b_usrlist.png" border="0" hspace="2" align="middle" />' : '')
00966            . $strUserOverview . "\n"
00967            . '</h2>' . "\n";
00968         $oldPrivTables = FALSE;
00969         if (PMA_MYSQL_INT_VERSION >= 40002) {
00970             $sql_query = 'SELECT `User`, `Host`, IF(`Password` = ' . (PMA_MYSQL_INT_VERSION >= 40100 ? '_latin1 ' : '') . '\'\', \'N\', \'Y\') AS \'Password\', `Select_priv`, `Insert_priv`, `Update_priv`, `Delete_priv`, `Create_priv`, `Drop_priv`, `Reload_priv`, `Shutdown_priv`, `Process_priv`, `File_priv`, `Grant_priv`, `References_priv`, `Index_priv`, `Alter_priv`, `Show_db_priv`, `Super_priv`, `Create_tmp_table_priv`, `Lock_tables_priv`, `Execute_priv`, `Repl_slave_priv`, `Repl_client_priv` FROM `user` ';
00971  
00972             // the strtolower() is because sometimes the User field
00973             // might be BINARY, so LIKE would be case sensitive
00974             if (isset($initial)) {
00975                 $sql_query .= " WHERE " . PMA_convert_using('User')
00976                  . " LIKE " . PMA_convert_using($initial . '%', 'quoted')
00977                  . " OR ". PMA_convert_using('User')
00978                  . " LIKE " . PMA_convert_using(strtolower($initial) . '%', 'quoted');
00979             }
00980 
00981             $sql_query .= ' ORDER BY `User` ASC, `Host` ASC;';
00982             $res = PMA_DBI_try_query($sql_query, NULL, PMA_DBI_QUERY_STORE);
00983 
00984             if (!$res) {
00985                 // the query failed! This may have two reasons:
00986                 // - the user has not enough privileges
00987                 // - the privilege tables use a structure of an earlier version.
00988                 $oldPrivTables = TRUE;
00989             }
00990         }
00991         if (empty($res) || PMA_MYSQL_INT_VERSION < 40002) {
00992             $sql_query = 'SELECT `User`, `Host`, IF(`Password` = ' . (PMA_MYSQL_INT_VERSION >= 40100 ? '_latin1 ' : '') . '\'\', \'N\', \'Y\') AS \'Password\', `Select_priv`, `Insert_priv`, `Update_priv`, `Delete_priv`, `Index_priv`, `Alter_priv`, `Create_priv`, `Drop_priv`, `Grant_priv`, `References_priv`, `Reload_priv`, `Shutdown_priv`, `Process_priv`, `File_priv` FROM `user`';
00993 
00994             if (isset($initial)) {
00995                 $sql_query .= " WHERE " . PMA_convert_using('User')
00996                  . " LIKE " . PMA_convert_using($initial . '%', 'quoted')
00997                  . " OR ". PMA_convert_using('User')
00998                  . " LIKE " . PMA_convert_using(strtolower($initial) . '%', 'quoted');
00999             }
01000 
01001             $sql_query .= ' ORDER BY `User` ASC, `Host` ASC;';
01002             $res = PMA_DBI_try_query($sql_query, NULL, PMA_DBI_QUERY_STORE);
01003 
01004             if (!$res) {
01005                 // the query failed! This may have two reasons:
01006                 // - the user has not enough privileges
01007                 // - the privilege tables use a structure of an earlier version.
01008                 $oldPrivTables = TRUE;
01009             }
01010         }
01011         if (!$res) {
01012             echo '<i>' . $strNoPrivileges . '</i>' . "\n";
01013             PMA_DBI_free_result($res);
01014             unset($res);
01015         } else {
01016             if ($oldPrivTables) {
01017                 // rabus: This message is hardcoded because I will replace it by
01018                 // a automatic repair feature soon.
01019                 echo '<div class="warning">' . "\n"
01020                    . '    Warning: Your privilege table structure seem to be older than this MySQL version!<br />' . "\n"
01021                    . '    Please run the script <tt>mysql_fix_privilege_tables</tt> that should be included in your MySQL server distribution to solve this problem!' . "\n"
01022                    . '</div><br />' . "\n";
01023             }
01024 
01029             // for all initials, even non A-Z
01030             $array_initials = array();
01031 
01032             // initialize to FALSE the letters A-Z
01033             for ($letter_counter = 1; $letter_counter < 27; $letter_counter++) {
01034                 $array_initials[chr($letter_counter + 64)] = FALSE;
01035             }
01036 
01037             $initials = PMA_DBI_try_query('SELECT DISTINCT UPPER(LEFT(' . PMA_convert_using('User') . ',1)) FROM `user` ORDER BY `User` ASC', NULL, PMA_DBI_QUERY_STORE);
01038             while (list($tmp_initial) = PMA_DBI_fetch_row($initials)) {
01039                 $array_initials[$tmp_initial] = TRUE;
01040             }
01041 
01042             // Display the initials, which can be any characters, not 
01043             // just letters. For letters A-Z, we add the non-used letters
01044             // as greyed out.
01045 
01046             uksort($array_initials, "strnatcasecmp");
01047             reset($array_initials);
01048 
01049             echo '<table cellspacing="5" ><tr>';
01050             foreach ($array_initials as $tmp_initial => $initial_was_found) {
01051 
01052                 if ($initial_was_found) {
01053                     echo '<td><a href="' . $PHP_SELF . '?' . $url_query . '&amp;initial=' . urlencode($tmp_initial) . '" style="font-size:' . $font_bigger . '">' . $tmp_initial . '</a></td>' . "\n";
01054                 } else {
01055                     echo '<td style="font-size:' . $font_bigger . '">' . $tmp_initial . '</td>';
01056                 }
01057             }
01058             echo '<td><a href="' . $PHP_SELF . '?' . $url_query . '&amp;showall=1" style="font-size:' . $font_bigger . '">[' . $strShowAll . ']</a></td>' . "\n";
01059             echo '</tr></table>';
01060 
01065             if (isset($initial) || isset($showall) || PMA_DBI_num_rows($res) < 50) {
01066 
01067                 echo '<form name="usersForm" action="server_privileges.php" method="post">' . "\n"
01068                    . PMA_generate_common_hidden_inputs('', '', 1)
01069                    . '    <table border="0" cellpadding="2" cellspacing="1">' . "\n"
01070                    . '        <tr>' . "\n"
01071                    . '            <td></td>' . "\n"
01072                    . '            <th>&nbsp;' . $strUser . '&nbsp;</th>' . "\n"
01073                    . '            <th>&nbsp;' . $strHost . '&nbsp;</th>' . "\n"
01074                    . '            <th>&nbsp;' . $strPassword . '&nbsp;</th>' . "\n"
01075                    . '            <th>&nbsp;' . $strGlobalPrivileges . '&nbsp;</th>' . "\n"
01076                    . '            <th>&nbsp;' . $strGrantOption . '&nbsp;</th>' . "\n"
01077                    . '            ' . ($cfg['PropertiesIconic'] ? '<td>&nbsp;</td>' : '<th>' . $strAction . '</th>') . "\n";
01078                 echo '        </tr>' . "\n";
01079                 $useBgcolorOne = TRUE;
01080                 for ($i = 0; $row = PMA_DBI_fetch_assoc($res); $i++) {
01081                     echo '        <tr>' . "\n"
01082                        . '            <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '"><input type="checkbox" name="selected_usr[]" id="checkbox_sel_users_' . $i . '" value="' . htmlspecialchars($row['User'] . $user_host_separator . $row['Host']) . '"' . (empty($checkall) ?  '' : ' checked="checked"') . ' /></td>' . "\n"
01083                        . '            <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '"><label for="checkbox_sel_users_' . $i . '">' . (empty($row['User']) ? '<span style="color: #FF0000">' . $strAny . '</span>' : htmlspecialchars($row['User'])) . '</label></td>' . "\n"
01084                        . '            <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . htmlspecialchars($row['Host']) . '</td>' . "\n";
01085                     $privs = PMA_extractPrivInfo($row, TRUE);
01086                     echo '            <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . ($row['Password'] == 'Y' ? $strYes : '<span style="color: #FF0000">' . $strNo . '</span>') . '</td>' . "\n"
01087                        . '            <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '"><tt>' . "\n"
01088                        . '                ' . join(',' . "\n" . '            ', $privs) . "\n"
01089                        . '            </tt></td>' . "\n"
01090                        . '            <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . ($row['Grant_priv'] == 'Y' ? $strYes : $strNo) . '</td>' . "\n"
01091                        . '            <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '" align="center"><a href="server_privileges.php?' . $url_query . '&amp;username=' . urlencode($row['User']) . '&amp;hostname=' . urlencode($row['Host']) . '">';
01092                     if ($GLOBALS['cfg']['PropertiesIconic']) {
01093                         echo '<img src="' . $GLOBALS['pmaThemeImage'] . 'b_usredit.png" width="16" height="16" border="0" hspace="2" align="middle" alt="' . $strEditPrivileges . '" title="' . $strEditPrivileges . '" />';
01094                     } else {
01095                         echo $strEditPrivileges;
01096                     }
01097                     echo '</a></td>' . "\n"
01098                        . '        </tr>' . "\n";
01099                     $useBgcolorOne = !$useBgcolorOne;
01100                 }
01101                 @PMA_DBI_free_result($res);
01102                 unset($res);
01103                 unset ($row);
01104                 echo '        <tr>' . "\n"
01105                    . '            <td></td>' . "\n"
01106                    . '            <td colspan="5">' . "\n"
01107                    . '                &nbsp;<i>' . $strEnglishPrivileges . '</i>&nbsp;' . "\n"
01108                    . '            </td>' . "\n"
01109                    . '        </tr>' . "\n"
01110                    . '        <tr>' . "\n"
01111                    . '            <td colspan="6" valign="bottom">' . "\n"
01112                    . '                <img src="' . $pmaThemeImage . 'arrow_' . $text_dir . '.png" border="0" width="38" height="22" alt="' . $strWithChecked . '" />' . "\n"
01113                    . '                <a href="./server_privileges.php?' . $url_query .  '&amp;checkall=1" onclick="setCheckboxes(\'usersForm\', \'selected_usr\', true); return false;">' . $strCheckAll . '</a>' . "\n"
01114                    . '                &nbsp;/&nbsp;' . "\n"
01115                    . '                <a href="server_privileges.php?' . $url_query .  '" onclick="setCheckboxes(\'usersForm\', \'selected_usr\', false); return false;">' . $strUncheckAll . '</a>' . "\n"
01116                    . '            </td>' . "\n"
01117                    . '        </tr>' . "\n"
01118                    . '    </table>' . "\n"
01119                    . '    <br /><table border="0" cellpading="3" cellspacing="0">' . "\n"
01120                    . '        <tr bgcolor="' . $cfg['BgcolorOne'] . '"><td '
01121                    . ($cfg['PropertiesIconic'] ? 'colspan="3"><b><a href="server_privileges.php?' . $url_query . '&amp;adduser=1"><img src="' . $pmaThemeImage . 'b_usradd.png" width="16" height="16" hspace="2" border="0" align="middle" />' : 'width="20" nowrap="nowrap" align="center" valign="top"><b>&#8226;</b></td><td><b><a href="server_privileges.php?' . $url_query . '&amp;adduser=1">' ). "\n"
01122                    . '            ' . $strAddUser . '</a></b>' . "\n"
01123                    . '            ' . "\n"
01124                    . '        </td></tr>' . "\n" . '        <tr><td colspan="2"></td></tr>'
01125                    . '        <tr bgcolor="' . $cfg['BgcolorOne'] . '"><td '
01126                    . ($cfg['PropertiesIconic'] ? 'colspan="3"><b><img src="' . $pmaThemeImage . 'b_usrdrop.png" width="16" height="16" hspace="2" border="0" align="middle" />' : 'width="20" nowrap="nowrap" align="center" valign="top"><b>&#8226;</b></td><td><b>' ). "\n"
01127                    . '            <b>' . $strRemoveSelectedUsers . '</b>' . "\n"
01128                    . '        </td></tr>' . "\n"
01129                    . '            <tr bgcolor="' . $cfg['BgcolorOne'] . '"><td width="16" class="nowrap">&nbsp;</td><td valign="top"><input type="radio" title="' . $strJustDelete . ' ' . $strJustDeleteDescr . '" name="mode" id="radio_mode_1" value="1" checked="checked" /></td>' . "\n"
01130                    . '            <td><label for="radio_mode_1" title="' . $strJustDelete . ' ' . $strJustDeleteDescr . '">' . "\n"
01131                    . '                ' . $strJustDelete . "\n"
01132                    . '            </label></td></tr>' . "\n"
01133                    . '            <tr bgcolor="' . $cfg['BgcolorOne'] . '"><td width="16" class="nowrap">&nbsp;</td><td valign="top"><input type="radio" title="' . $strRevokeAndDelete . ' ' . $strRevokeAndDeleteDescr . '" name="mode" id="radio_mode_2" value="2" /></td>' . "\n"
01134                    . '            <td><label for="radio_mode_2" title="' . $strRevokeAndDelete . ' ' . $strRevokeAndDeleteDescr . '">' . "\n"
01135                    . '                ' . $strRevokeAndDelete . "\n"
01136                    . '            </label></td></tr>' . "\n"
01137                    . '            <tr bgcolor="' . $cfg['BgcolorOne'] . '"><td width="16" class="nowrap">&nbsp;</td><td valign="top"><input type="radio" title="' . $strDeleteAndFlush . ' ' . $strDeleteAndFlushDescr . '" name="mode" id="radio_mode_3" value="3" /></td>' . "\n"
01138                    . '            <td><label for="radio_mode_3" title="' . $strDeleteAndFlush . ' ' . $strDeleteAndFlushDescr . '">' . "\n"
01139                    . '                ' . $strDeleteAndFlush . "\n"
01140                    . '            </label></td></tr>' . "\n"
01141                    . '            <tr bgcolor="' . $cfg['BgcolorOne'] . '"><td width="16" class="nowrap">&nbsp;</td><td valign="top"><input type="checkbox" title="' . $strDropUsersDb . '" name="drop_users_db" id="checkbox_drop_users_db" /></td>' . "\n"
01142                    . '            <td><label for="checkbox_drop_users_db" title="' . $strDropUsersDb . '">' . "\n"
01143                    . '                ' . $strDropUsersDb . "\n"
01144                    . '            </label>' . "\n"
01145                    . '        </td></tr>' . "\n" . '        <tr bgcolor="' . $cfg['BgcolorOne'] . '"><td colspan="3" align="right">'
01146                    . '            <input type="submit" name="delete" value="' . $strGo . '" id="buttonGo" />' . "\n"
01147                    . '        </td></tr>' . "\n"
01148                    . '    </table>' . "\n"
01149                    . '</form>' . "\n"
01150                    . '<div class="tblWarn">' . "\n"
01151                    . '    ' . sprintf($strFlushPrivilegesNote, '<a href="server_privileges.php?' . $url_query . '&amp;flush_privileges=1">', '</a>') . "\n"
01152                    . '</div>' . "\n";
01153                 } else {
01154 
01155                 unset ($row);
01156                 echo '    <br /><table border="0" cellpading="3" cellspacing="0">' . "\n"
01157                    . '        <tr bgcolor="' . $cfg['BgcolorOne'] . '"><td '
01158                    . ($cfg['PropertiesIconic'] ? 'colspan="3"><b><a href="server_privileges.php?' . $url_query . '&amp;adduser=1"><img src="' . $pmaThemeImage . 'b_usradd.png" width="16" height="16" hspace="2" border="0" align="middle" />' : 'width="20" nowrap="nowrap" align="center" valign="top"><b>&#8226;</b></td><td><b><a href="server_privileges.php?' . $url_query . '&amp;adduser=1">' ). "\n"
01159                    . '            ' . $strAddUser . '</a></b>' . "\n"
01160                    . '            ' . "\n"
01161                    . '        </td></tr>' . "\n" . '        <tr><td colspan="2"></td></tr>'
01162                    . '    </table>' . "\n"
01163                    . '</form>' . "\n"
01164                    . '<div class="tblWarn">' . "\n"
01165                    . '    ' . sprintf($strFlushPrivilegesNote, '<a href="server_privileges.php?' . $url_query . '&amp;flush_privileges=1">', '</a>') . "\n"
01166                    . '</div>' . "\n";
01167                 } // end if (display overview)
01168 
01169          }
01170 
01171 
01172     } else {
01173 
01174         // A user was selected -> display the user's properties
01175 
01176         echo '<h2>' . "\n"
01177            . ($cfg['PropertiesIconic'] ? '<img src="' . $pmaThemeImage . 'b_usredit.png" width="16" height="16" border="0" hspace="2" align="middle" />' : '' )
01178            . '    ' . $strUser . ' <i><a class="h2" href="server_privileges.php?' . $url_query . '&amp;username=' . urlencode($username) . '&amp;hostname=' . urlencode($hostname) . '">\'' . htmlspecialchars($username) . '\'@\'' . htmlspecialchars($hostname) . '\'</a></i>' . "\n";
01179         if (!empty($dbname)) {
01180             echo '    - ' . $strDatabase . ' <i><a class="h2" href="' . $cfg['DefaultTabDatabase'] . '?' . $url_query . '&amp;db=' . urlencode($dbname) . '&amp;reload=1">' . htmlspecialchars($dbname) . '</a></i>' . "\n";
01181             if (!empty($tablename)) {
01182                 echo '    - ' . $strTable . ' <i><a class="h2" href="' . $cfg['DefaultTabTable'] . '?' . $url_query . '&amp;db=' . urlencode($dbname) . '&amp;table=' . urlencode($tablename) . '&amp;reload=1">' . htmlspecialchars($tablename) . '</a></i>' . "\n";
01183             }
01184         }
01185         echo '</h2>' . "\n";
01186         $res = PMA_DBI_query('SELECT \'foo\' FROM `user` WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($hostname, 'quoted') . ';', NULL, PMA_DBI_QUERY_STORE);
01187         if (PMA_DBI_num_rows($res) < 1) {
01188             echo $strUserNotFound;
01189             require_once('./footer.inc.php');
01190         }
01191         PMA_DBI_free_result($res);
01192         unset($res);
01193         echo '<ul>' . "\n"
01194            . '    <li>' . "\n"
01195            . '        <form name="usersForm" action="server_privileges.php" method="post">' . "\n"
01196            . PMA_generate_common_hidden_inputs('', '', 3)
01197            . '            <input type="hidden" name="username" value="' . htmlspecialchars($username) . '" />' . "\n"
01198            . '            <input type="hidden" name="hostname" value="' . htmlspecialchars($hostname) . '" />' . "\n";
01199         if (!empty($dbname)) {
01200             echo '            <input type="hidden" name="dbname" value="' . htmlspecialchars($dbname) . '" />' . "\n";
01201             if (!empty($tablename)) {
01202                 echo '            <input type="hidden" name="tablename" value="' . htmlspecialchars($tablename) . '" />' . "\n";
01203             }
01204         }
01205         echo '            <b>' . $strEditPrivileges . '</b><br />' . "\n";
01206         PMA_displayPrivTable((empty($dbname) ? '*' : $dbname), ((empty($dbname) || empty($tablename)) ? '*' : $tablename), TRUE, 3);
01207         echo '        </form>' . "\n"
01208            . '    </li>' . "\n";
01209         if (empty($tablename)) {
01210             echo '    <li>' . "\n"
01211                . '        <b>' . (empty($dbname) ? $strDbPrivileges : $strTblPrivileges) . '</b><br />' . "\n"
01212                . '        <table border="0" cellpadding="2" cellspacing="1">' . "\n"
01213                . '            <tr>' . "\n"
01214                . '                <th>&nbsp;' . (empty($dbname) ? $strDatabase : $strTable) . '&nbsp;</th>' . "\n"
01215                . '                <th>&nbsp;' . $strPrivileges . '&nbsp;</th>' . "\n"
01216                . '                <th>&nbsp;' . $strGrantOption . '&nbsp;</th>' . "\n"
01217                . '                <th>&nbsp;' . (empty($dbname) ? $strTblPrivileges : $strColumnPrivileges) . '&nbsp;</th>' . "\n"
01218                . '                <th colspan="2">&nbsp;' . $strAction . '&nbsp;</th>' . "\n"
01219                . '            </tr>' . "\n";
01220             $user_host_condition = ' WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($hostname, 'quoted');
01221             if (empty($dbname)) {
01222                 $sql_query = 'SELECT * FROM `db`' . $user_host_condition . ' ORDER BY `Db` ASC;';
01223             } else {
01224                 $sql_query = 'SELECT `Table_name`, `Table_priv`, IF(`Column_priv` = ' . (PMA_MYSQL_INT_VERSION >= 40100 ? '_latin1 ' : '') . ' \'\', 0, 1) AS \'Column_priv\' FROM `tables_priv`' . $user_host_condition . ' AND ' . PMA_convert_using('Db') .  ' = ' . PMA_convert_using($dbname, 'quoted') . ' ORDER BY `Table_name` ASC;';
01225             }
01226             $res = PMA_DBI_query($sql_query, NULL, PMA_DBI_QUERY_STORE);
01227             if (PMA_DBI_affected_rows() == 0) {
01228                 echo '            <tr>' . "\n"
01229                    . '                <td bgcolor="' . $cfg['BgcolorOne'] . '" colspan="6"><center><i>' . $strNone . '</i></center></td>' . "\n"
01230                    . '            </tr>' . "\n";
01231             } else {
01232                 $useBgcolorOne = TRUE;
01233                 if (empty($dbname)) {
01234                     $res2 = PMA_DBI_query('SELECT `Db` FROM `tables_priv`' . $user_host_condition . ' GROUP BY `Db` ORDER BY `Db` ASC;');
01235                     $row2 = PMA_DBI_fetch_assoc($res2);
01236                 }
01237                 $found_rows = array();
01238                 while ($row = PMA_DBI_fetch_assoc($res)) {
01239 
01240                     while (empty($dbname) && $row2 && $row['Db'] > $row2['Db']) {
01241                         $found_rows[] = $row2['Db'];
01242 
01243                         echo '            <tr>' . "\n"
01244                            . '                <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . htmlspecialchars($row2['Db']) . '</td>' . "\n"
01245                            . '                <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '"><tt>' . "\n"
01246                            . '                    <dfn title="' . $strPrivDescUsage . '">USAGE</dfn>' . "\n"
01247                            . '                </tt></td>' . "\n"
01248                            . '                <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . $strNo . '</td>' . "\n"
01249                            . '                <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . $strYes . '</td>' . "\n"
01250                            . '                <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '"><a href="server_privileges.php?' . $url_query . '&amp;username=' . urlencode($username) . '&amp;hostname=' . urlencode($hostname) . '&amp;dbname=' . urlencode($row2['Db']) . '">' . $strEdit . '</a></td>' . "\n"
01251                            . '                <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '"><a href="server_privileges.php?' . $url_query . '&amp;username=' . urlencode($username) . '&amp;hostname=' . urlencode($hostname) . '&amp;dbname=' . urlencode($row2['Db']) . '&amp;revokeall=1">' . $strRevoke . '</a></td>' . "\n"
01252                            . '            </tr>' . "\n";
01253                         $row2 = PMA_DBI_fetch_assoc($res2);
01254                         $useBgcolorOne = !$useBgcolorOne;
01255                     } // end while
01256                     $found_rows[] = empty($dbname) ? $row['Db'] : $row['Table_name'];
01257 
01258                     echo '            <tr>' . "\n"
01259                        . '                <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . htmlspecialchars(empty($dbname) ? $row['Db'] : $row['Table_name']) . '</td>' . "\n"
01260                        . '                <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '"><tt>' . "\n"
01261                        . '                    ' . join(',' . "\n" . '            ', PMA_extractPrivInfo($row, TRUE)) . "\n"
01262                        . '                </tt></td>' . "\n"
01263                        . '                <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . (((empty($dbname) && $row['Grant_priv'] == 'Y') || (!empty($dbname) && in_array('Grant', explode(',', $row['Table_priv'])))) ? $strYes : $strNo) . '</td>' . "\n"
01264                        . '                <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">';
01265                     if ((empty($dbname) && $row2 && $row['Db'] == $row2['Db'])
01266                         || (!empty($dbname) && $row['Column_priv'])) {
01267                         echo $strYes;
01268                         if (empty($dbname)) {
01269                             $row2 = PMA_DBI_fetch_assoc($res2);
01270                         }
01271                     } else {
01272                         echo $strNo;
01273                     }
01274                     echo '</td>' . "\n"
01275                        . '                <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '"><a href="server_privileges.php?' . $url_query . '&amp;username=' . urlencode($username) . '&amp;hostname=' . urlencode($hostname) . '&amp;dbname=' . (empty($dbname) ? urlencode($row['Db']) : urlencode($dbname) . '&amp;tablename=' . urlencode($row['Table_name'])) . '">' . $strEdit . '</a></td>' . "\n"
01276                        . '                <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '"><a href="server_privileges.php?' . $url_query . '&amp;username=' . urlencode($username) . '&amp;hostname=' . urlencode($hostname) . '&amp;dbname=' . (empty($dbname) ? urlencode($row['Db']) : urlencode($dbname) . '&amp;tablename=' . urlencode($row['Table_name'])) . '&amp;revokeall=1">' . $strRevoke . '</a></td>' . "\n"
01277                        . '            </tr>' . "\n";
01278                     $useBgcolorOne = !$useBgcolorOne;
01279                 } // end while
01280 
01281 
01282                 while (empty($dbname) && $row2) {
01283 
01284                     $found_rows[] = $row2['Db'];
01285                     echo '            <tr>' . "\n"
01286                        . '                <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . htmlspecialchars($row2['Db']) . '</td>' . "\n"
01287                        . '                <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '"><tt>' . "\n"
01288                        . '                    <dfn title="' . $strPrivDescUsage . '">USAGE</dfn>' . "\n"
01289                        . '                </tt></td>' . "\n"
01290                        . '                <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . $strNo . '</td>' . "\n"
01291                        . '                <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . $strYes . '</td>' . "\n"
01292                        . '                <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '"><a href="server_privileges.php?' . $url_query . '&amp;username=' . urlencode($username) . '&amp;hostname=' . urlencode($hostname) . '&amp;dbname=' . urlencode($row2['Db']) . '">' . $strEdit . '</a></td>' . "\n"
01293                        . '                <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '"><a href="server_privileges.php?' . $url_query . '&amp;username=' . urlencode($username) . '&amp;hostname=' . urlencode($hostname) . '&amp;dbname=' . urlencode($row2['Db']) . '&amp;revokeall=1">' . $strRevoke . '</a></td>' . "\n"
01294                        . '            </tr>' . "\n";
01295                     $row2 = PMA_DBI_fetch_assoc($res2);
01296 
01297                     $useBgcolorOne = !$useBgcolorOne;
01298                 } // end while
01299                 if (empty($dbname)) {
01300                     PMA_DBI_free_result($res2);
01301                     unset($res2);
01302                     unset($row2);
01303                 }
01304             }
01305             PMA_DBI_free_result($res);
01306             unset($res);
01307             unset($row);
01308             echo '            <tr>' . "\n"
01309                . '                <td colspan="5">' . "\n"
01310                . '                    <form action="server_privileges.php" method="post">' . "\n"
01311                . PMA_generate_common_hidden_inputs('', '', 6)
01312                . '                        <input type="hidden" name="username" value="' . htmlspecialchars($username) . '" />' . "\n"
01313                . '                        <input type="hidden" name="hostname" value="' . htmlspecialchars($hostname) . '" />' . "\n";
01314             if (empty($dbname)) {
01315                 echo '                        <label for="text_dbname">' . $strAddPrivilegesOnDb . ':</label>' . "\n";
01316                 $res = PMA_DBI_query('SHOW DATABASES;');
01317                 $pred_db_array = array();
01318                 while ($row = PMA_DBI_fetch_row($res)) {
01319                     if (!isset($found_rows) || !in_array(str_replace('_', '\\_', $row[0]), $found_rows)) {
01320                         $pred_db_array[] = $row[0];
01321                     }
01322                 }
01323                 PMA_DBI_free_result($res);
01324                 unset($res);
01325                 unset($row);
01326                 if (!empty($pred_db_array)) {
01327                     echo '                        <select name="pred_dbname" onchange="this.form.submit();">' . "\n"
01328                        . '                            <option value="" selected="selected">' . $strUseTextField . ':</option>' . "\n";
01329                     foreach ($pred_db_array as $current_db) {
01330                         echo '                            <option value="' . htmlspecialchars(str_replace('_', '\\_', $current_db)) . '">' . htmlspecialchars($current_db) . '</option>' . "\n";
01331                     }
01332                     echo '                        </select>' . "\n";
01333                 }
01334                 echo '                        <input type="text" id="text_dbname" name="dbname" class="textfield" />' . "\n";
01335             } else {
01336                 echo '                        <input type="hidden" name="dbname" value="' . htmlspecialchars($dbname) . '"/>' . "\n"
01337                    . '                        <label for="text_tablename">' . $strAddPrivilegesOnTbl . ':</label>' . "\n";
01338                 if ($res = @PMA_DBI_try_query('SHOW TABLES FROM ' . PMA_backquote($dbname) . ';', NULL, PMA_DBI_QUERY_STORE)) {
01339                     $pred_tbl_array = array();
01340                     while ($row = PMA_DBI_fetch_row($res)) {
01341                         if (!isset($found_rows) || !in_array($row[0], $found_rows)) {
01342                             $pred_tbl_array[] = $row[0];
01343                         }
01344                     }
01345                     PMA_DBI_free_result($res);
01346                     unset($res);
01347                     unset($row);
01348                     if (!empty($pred_tbl_array)) {
01349                         echo '                        <select name="pred_tablename" onchange="this.form.submit();">' . "\n"
01350                            . '                            <option value="" selected="selected">' . $strUseTextField . ':</option>' . "\n";
01351                         foreach ($pred_tbl_array as $current_table) {
01352                             echo '                            <option value="' . htmlspecialchars($current_table) . '">' . htmlspecialchars($current_table) . '</option>' . "\n";
01353                         }
01354                         echo '                        </select>' . "\n";
01355                     }
01356                 } else {
01357                     unset($res);
01358                 }
01359                 echo '                        <input type="text" id="text_tablename" name="tablename" class="textfield" />' . "\n";
01360             }
01361             echo '                        <input type="submit" value="' . $strGo . '" />' . PMA_showHint($strEscapeWildcards) . "\n"
01362                . '                    </form>' . "\n"
01363                . '                </td>' . "\n"
01364                . '            </tr>' . "\n"
01365                . '        </table><br />' . "\n"
01366                . '    </li>' . "\n";
01367         }
01368         if (empty($dbname)) {
01369             echo '    <li>' . "\n"
01370                . '        <form action="server_privileges.php" method="post" onsubmit="return checkPassword(this);">' . "\n"
01371                . PMA_generate_common_hidden_inputs('', '', 3)
01372                . '            <input type="hidden" name="username" value="' . htmlspecialchars($username) . '" />' . "\n"
01373                . '            <input type="hidden" name="hostname" value="' . htmlspecialchars($hostname) . '" />' . "\n";
01374             echo '            <b>' . $strChangePassword . '</b><br />' . "\n"
01375                . '            <table border="0" cellpadding="2" cellspacing="1">' . "\n"
01376                . '                <tr>' . "\n"
01377                . '                    <td bgcolor="' . $cfg['BgcolorOne'] . '"><input type="radio" name="nopass" value="1" id="radio_nopass_1" onclick="pma_pw.value=\'\'; pma_pw2.value=\'\';" /></td>' . "\n"
01378                . '                    <td bgcolor="' . $cfg['BgcolorOne'] . '" colspan="2"><label for="radio_nopass_1">' . $strNoPassword . '</label></td>' . "\n"
01379                . '                </tr>' . "\n"
01380                . '                <tr>' . "\n"
01381                . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="radio" name="nopass" value="0" id="radio_nopass_0" onclick="document.getElementById(\'pw_pma_pw\').focus();" /></td>' . "\n"
01382                . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="radio_nopass_0">' . $strPassword . ':</label></td>' . "\n"
01383                . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="password" name="pma_pw" id="pw_pma_pw" class="textfield" onchange="nopass[1].checked = true;" /></td>' . "\n"
01384                . '                </tr>' . "\n"
01385                . '                <tr>' . "\n"
01386                . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '">&nbsp;</td>' . "\n"
01387                . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '"><label for="pw_pma_pw2">' . $strReType . ':</label></td>' . "\n"
01388                . '                    <td bgcolor="' . $cfg['BgcolorTwo'] . '"><input type="password" name="pma_pw2" id="pw_pma_pw2" class="textfield" onchange="nopass[1].checked = true;" /></td>' . "\n"
01389                . '                </tr>' . "\n"
01390                . '                <tr>' . "\n"
01391                . '                    <td colspan="3" align="right">' . "\n"
01392                . '                        <input type="submit" name="change_pw" value="' . $strGo . '" />' . "\n"
01393                . '                    </td>' . "\n"
01394                . '                </tr>' . "\n"
01395                . '            </table>' . "\n"
01396                . '        </form>' . "\n"
01397                . '    </li>' . "\n"
01398                . '    <li>' . "\n"
01399                . '        <form action="server_privileges.php" method="post" onsubmit="return checkPassword(this);">' . "\n"
01400                . PMA_generate_common_hidden_inputs('', '', 3)
01401                . '            <input type="hidden" name="old_username" value="' . htmlspecialchars($username) . '" />' . "\n"
01402                . '            <input type="hidden" name="old_hostname" value="' . htmlspecialchars($hostname) . '" />' . "\n"
01403                . '            <b>' . $strChangeCopyUser . '</b><br />' . "\n"
01404                . '            <table border="0" cellpadding="2" cellspacing="1">' . "\n";
01405             PMA_displayLoginInformationFields('change', 3);
01406             echo '            </table>' . "\n"
01407                . '            ' . $strChangeCopyMode . '<br />' . "\n"
01408                . '            <input type="radio" name="mode" value="4" id="radio_mode_4" checked="checked" /><label for="radio_mode_4">' . "\n"
01409                . '                ' . $strChangeCopyModeCopy . "\n"
01410                . '            </label>' . "\n"
01411                . '            <br />' . "\n"
01412                . '            <input type="radio" name="mode" value="1" id="radio_mode_1" /><label for="radio_mode_1">' . "\n"
01413                . '                ' . $strChangeCopyModeJustDelete . "\n"
01414                . '            </label>' . "\n"
01415                . '            <br />' . "\n"
01416                . '            <input type="radio" name="mode" value="2" id="radio_mode_2" /><label for="radio_mode_2">' . "\n"
01417                . '                ' . $strChangeCopyModeRevoke . "\n"
01418                . '            </label>' . "\n"
01419                . '            <br />' . "\n"
01420                . '            <input type="radio" name="mode" value="3" id="radio_mode_3" /><label for="radio_mode_3">' . "\n"
01421                . '                ' . $strChangeCopyModeDeleteAndReload . "\n"
01422                . '            </label>' . "\n"
01423                . '            <br />' . "\n"
01424                . '            <input type="submit" name="change_copy" value="' . $strGo . '" />' . "\n"
01425                . '        </form>' . "\n"
01426                . '    </li>' . "\n";
01427         }
01428         echo '</ul>' . "\n";
01429     }
01430 } else if (!empty($adduser)) {
01431     // Add a new user
01432     $url_query .= '&amp;adduser=1';
01433     echo '<h2>' . "\n"
01434        . ($cfg['PropertiesIconic'] ? '<img src="' . $pmaThemeImage . 'b_usradd.png" width="16" height="16" border="0" hspace="2" align="middle" />' : '' )
01435        . '    ' . $strAddUser . "\n"
01436        . '</h2>' . "\n"
01437        . '<form name="usersForm" action="server_privileges.php" method="post" onsubmit="return checkAddUser(this);">' . "\n"
01438        . PMA_generate_common_hidden_inputs('', '', 1)
01439        . '    <table border="0" cellpadding="2" cellspacing="1">' . "\n"
01440        . '        <tr>' . "\n"
01441        . '            <th colspan="3">' . "\n"
01442        . '                ' . $strLoginInformation . "\n"
01443        . '            </th>' . "\n"
01444        . '        </tr>' . "\n";
01445     PMA_displayLoginInformationFields('new', 2);
01446     echo '    </table><br />' . "\n";
01447     PMA_displayPrivTable('*', '*', FALSE, 1);
01448     echo '    <br />' . "\n"
01449        . '    <input type="submit" name="adduser_submit" value="' . $strGo . '" />' . "\n"
01450        . '</form>' . "\n";
01451 } else {
01452     // check the privileges for a particular database.
01453     echo '<h2>' . "\n"
01454        . ($cfg['PropertiesIconic'] ? '<img src="' . $pmaThemeImage . 'b_usrcheck.png" width="16" height="16" border="0" hspace="2" align="middle" />' : '' )
01455        . '    ' . sprintf($strUsersHavingAccessToDb, '<a href="' . $GLOBALS['cfg']['DefaultTabDatabase'] . '?' . PMA_generate_common_url($checkprivs) . '">' .  htmlspecialchars($checkprivs) . '</a>') . "\n"
01456        . '</h2>' . "\n"
01457        . '<table border="0" cellpadding="2" cellspacing="1">' . "\n"
01458        . '    <tr>' . "\n"
01459        . '        <th>' . "\n"
01460        . '            &nbsp;' . $strUser . '&nbsp;' . "\n"
01461        . '        </th>' . "\n"
01462        . '        <th>' . "\n"
01463        . '            &nbsp;' . $strHost . '&nbsp;' . "\n"
01464        . '        </th>' . "\n"
01465        . '        <th>' . "\n"
01466        . '            &nbsp;' . $strType . '&nbsp;' . "\n"
01467        . '        </th>' . "\n"
01468        . '        <th>' . "\n"
01469        . '            &nbsp;' . $strPrivileges . '&nbsp;' . "\n"
01470        . '        </th>' . "\n"
01471        . '        <th>' . "\n"
01472        . '            &nbsp;' . $strGrantOption . '&nbsp;' . "\n"
01473        . '        </th>' . "\n"
01474        . '        <th>' . "\n"
01475        . '            &nbsp;' . $strAction . '&nbsp;' . "\n"
01476        . '        </th>' . "\n"
01477        . '    </tr>' . "\n";
01478     $useBgcolorOne = TRUE;
01479     unset($row);
01480     unset($row1);
01481     unset($row2);
01482     // now, we build the table...
01483     if (PMA_MYSQL_INT_VERSION >= 40000) {
01484         // Starting with MySQL 4.0.0, we may use UNION SELECTs and this makes
01485         // the job much easier here!
01486 
01487         $no = PMA_convert_using('N', 'quoted');
01488 
01489         $list_of_privileges = PMA_convert_using('Select_priv') . ' AS Select_priv, ' . PMA_convert_using('Insert_priv') . ' AS Insert_priv, ' . PMA_convert_using('Update_priv') . ' AS Update_priv, ' . PMA_convert_using('Delete_priv') . ' AS Delete_priv, ' . PMA_convert_using('Create_priv') . ' AS Create_priv, ' . PMA_convert_using('Drop_priv') . ' AS Drop_priv, ' . PMA_convert_using('Grant_priv') . ' AS Grant_priv, '. PMA_convert_using('References_priv') . ' AS References_priv';
01490 
01491         $list_of_compared_privileges = PMA_convert_using('Select_priv') . ' = ' . $no . ' AND ' . PMA_convert_using('Insert_priv') . ' = ' . $no . ' AND ' . PMA_convert_using('Update_priv') . ' = ' . $no . ' AND ' . PMA_convert_using('Delete_priv') . ' = ' . $no . ' AND ' . PMA_convert_using('Create_priv') . ' = ' . $no . ' AND ' . PMA_convert_using('Drop_priv') . ' = ' . $no . ' AND ' . PMA_convert_using('Grant_priv') . ' = ' . $no . ' AND ' . PMA_convert_using('References_priv') . ' = ' . $no;
01492 
01493         $sql_query = '(SELECT ' . PMA_convert_using('User') . ' AS User,' . PMA_convert_using('Host') . ' AS Host,' . PMA_convert_using('Db') . ' AS Db,' . $list_of_privileges . ' FROM `db` WHERE ' . PMA_convert_using($checkprivs, 'quoted') . ' LIKE ' .  PMA_convert_using('Db') . ' AND NOT (' . $list_of_compared_privileges. ')) UNION (SELECT ' . PMA_convert_using('User') . ' AS User, ' . PMA_convert_using('Host') . ' AS Host, ' . PMA_convert_using('*', 'quoted') . ' AS Db, ' . $list_of_privileges . ' FROM `user` WHERE NOT (' . $list_of_compared_privileges . ')) ORDER BY User ASC, Host ASC, Db ASC;';
01494         $res = PMA_DBI_query($sql_query);
01495 
01496         $row = PMA_DBI_fetch_assoc($res);
01497         if ($row) {
01498             $found = TRUE;
01499         }
01500     } else {
01501         // With MySQL 3, we need 2 seperate queries here.
01502         $sql_query = 'SELECT * FROM `user` WHERE NOT (`Select_priv` = \'N\' AND `Insert_priv` = \'N\' AND `Update_priv` = \'N\' AND `Delete_priv` = \'N\' AND `Create_priv` = \'N\' AND `Drop_priv` = \'N\' AND `Grant_priv` = \'N\' AND `References_priv` = \'N\') ORDER BY `User` ASC, `Host` ASC;';
01503         $res1 = PMA_DBI_query($sql_query);
01504         $row1 = PMA_DBI_fetch_assoc($res1);
01505         $sql_query = 'SELECT * FROM `db` WHERE \'' . $checkprivs . '\' LIKE `Db` AND NOT (`Select_priv` = \'N\' AND `Insert_priv` = \'N\' AND `Update_priv` = \'N\' AND `Delete_priv` = \'N\' AND `Create_priv` = \'N\' AND `Drop_priv` = \'N\' AND `Grant_priv` = \'N\' AND `References_priv` = \'N\') ORDER BY `User` ASC, `Host` ASC;';
01506         $res2 = PMA_DBI_query($sql_query);
01507         $row2 = PMA_DBI_fetch_assoc($res2);
01508         if ($row1 || $row2) {
01509             $found = TRUE;
01510         }
01511     } // end if (PMA_MYSQL_INT_VERSION >= 40000) ... else ...
01512     if ($found) {
01513         while (TRUE) {
01514             // prepare the current user
01515             if (PMA_MYSQL_INT_VERSION >= 40000) {
01516                 $current_privileges = array();
01517                 $current_user = $row['User'];
01518                 $current_host = $row['Host'];
01519                 while ($row && $current_user == $row['User'] && $current_host == $row['Host']) {
01520                     $current_privileges[] = $row;
01521                     $row = PMA_DBI_fetch_assoc($res);
01522                 }
01523             } else {
01524                 $current_privileges = array();
01525                 if ($row1 && (!$row2 || ($row1['User'] < $row2['User'] || ($row1['User'] == $row2['User'] && $row1['Host'] <= $row2['Host'])))) {
01526                     $current_user = $row1['User'];
01527                     $current_host = $row1['Host'];
01528                     $current_privileges = array($row1);
01529                     $row1 = PMA_DBI_fetch_assoc($res1);
01530                 } else {
01531                     $current_user = $row2['User'];
01532                     $current_host = $row2['Host'];
01533                     $current_privileges = array();
01534                 }
01535                 while ($row2 && $current_user == $row2['User'] && $current_host == $row2['Host']) {
01536                     $current_privileges[] = $row2;
01537                     $row2 = PMA_DBI_fetch_assoc($res2);
01538                 }
01539             }
01540             echo '    <tr>' . "\n"
01541                . '        <td';
01542             if (count($current_privileges) > 1) {
01543                 echo ' rowspan="' . count($current_privileges) . '"';
01544             }
01545             echo ' bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . "\n"
01546                . '            ' . (empty($current_user) ? '<span style="color: #FF0000">' . $strAny . '</span>' : htmlspecialchars($current_user)) . "\n"
01547                . '        </td>' . "\n"
01548                . '        <td';
01549             if (count($current_privileges) > 1) {
01550                 echo ' rowspan="' . count($current_privileges) . '"';
01551             }
01552             echo ' bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . "\n"
01553                . '            ' . htmlspecialchars($current_host) . "\n"
01554                . '        </td>' . "\n";
01555             foreach ($current_privileges as $current) {
01556                 echo '        <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . "\n"
01557                    . '            ';
01558                 if (!isset($current['Db']) || $current['Db'] == '*') {
01559                     echo $strGlobal;
01560                 } else if ($current['Db'] == $checkprivs) {
01561                     echo $strDbSpecific;
01562                 } else {
01563                     echo $strWildcard, ': <tt>' . htmlspecialchars($current['Db']) . '</tt>';
01564                 }
01565                 echo "\n"
01566                    . '        </td>' . "\n"
01567                    . '        <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . "\n"
01568                    . '            <tt>' . "\n"
01569                    . '                ' . join(',' . "\n" . '                ', PMA_extractPrivInfo($current, TRUE)) . "\n"
01570                    . '            <tt>' . "\n"
01571                    . '        </td>' . "\n"
01572                    . '        <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . "\n"
01573                    . '            ' . ($current['Grant_priv'] == 'Y' ? $strYes : $strNo) . "\n"
01574                    . '        </td>' . "\n"
01575                    . '        <td bgcolor="' . ($useBgcolorOne ? $cfg['BgcolorOne'] : $cfg['BgcolorTwo']) . '">' . "\n"
01576                    . '            <a href="./server_privileges.php?' . $url_query . '&amp;username=' . urlencode($current_user) . '&amp;hostname=' . urlencode($current_host) . (!isset($current['Db']) || $current['Db'] == '*' ? '' : '&amp;dbname=' . urlencode($current['Db'])) . '">' . "\n"
01577                    . '                ' . $strEdit . "\n"
01578                    . '            </a>' . "\n"
01579                    . '        </td>' . "\n"
01580                    . '    </tr>' . "\n";
01581             }
01582             if (empty($row) && empty($row1) && empty($row2)) {
01583                 break;
01584             }
01585             $useBgcolorOne = !$useBgcolorOne;
01586         }
01587     } else {
01588         echo '    <tr>' . "\n"
01589            . '        <td colspan="6" bgcolor="' . $cfg['BgcolorTwo'] . '">' . "\n"
01590            . '            ' . $strNoUsersFound . "\n"
01591            . '        </td>' . "\n"
01592            . '    </tr>' . "\n";
01593     }
01594     echo '</table>' . "\n";
01595 } // end if (empty($adduser) && empty($checkprivs)) ... else if ... else ...
01596 
01597 
01601 echo "\n\n";
01602 require_once('./footer.inc.php');
01603 
01604 ?>


Généré par Les spécialistes TYPO3 avec  doxygen 1.4.6