Translated using Weblate (Albanian)
[phpmyadmin.git] / server_privileges.php
blob06989de1c340334ebcdf06b07f8ae4458a260ecc
1 <?php
2 /* vim: set expandtab sw=4 ts=4 sts=4: */
3 /**
4 * Server privileges and users manipulations
6 * @package PhpMyAdmin
7 */
8 use PMA\libraries\Response;
10 /**
11 * include common file
13 require_once 'libraries/common.inc.php';
15 /**
16 * functions implementation for this script
18 require_once 'libraries/display_change_password.lib.php';
19 require_once 'libraries/server_privileges.lib.php';
20 require_once 'libraries/check_user_privileges.lib.php';
22 $cfgRelation = PMA_getRelationsParam();
24 /**
25 * Does the common work
27 $response = Response::getInstance();
28 $header = $response->getHeader();
29 $scripts = $header->getScripts();
30 $scripts->addFile('server_privileges.js');
31 $scripts->addFile('zxcvbn.js');
33 if ((isset($_REQUEST['viewing_mode'])
34 && $_REQUEST['viewing_mode'] == 'server')
35 && $GLOBALS['cfgRelation']['menuswork']
36 ) {
37 include_once 'libraries/server_users.lib.php';
38 $response->addHTML('<div>');
39 $response->addHTML(PMA_getHtmlForSubMenusOnUsersPage('server_privileges.php'));
42 /**
43 * Sets globals from $_POST patterns, for privileges and max_* vars
46 $post_patterns = array(
47 '/_priv$/i',
48 '/^max_/i'
51 PMA_setPostAsGlobal($post_patterns);
53 require 'libraries/server_common.inc.php';
55 /**
56 * Messages are built using the message name
58 $strPrivDescAllPrivileges = __('Includes all privileges except GRANT.');
59 $strPrivDescAlter = __('Allows altering the structure of existing tables.');
60 $strPrivDescAlterRoutine = __('Allows altering and dropping stored routines.');
61 $strPrivDescCreateDb = __('Allows creating new databases and tables.');
62 $strPrivDescCreateRoutine = __('Allows creating stored routines.');
63 $strPrivDescCreateTbl = __('Allows creating new tables.');
64 $strPrivDescCreateTmpTable = __('Allows creating temporary tables.');
65 $strPrivDescCreateUser = __('Allows creating, dropping and renaming user accounts.');
66 $strPrivDescCreateView = __('Allows creating new views.');
67 $strPrivDescDelete = __('Allows deleting data.');
68 $strPrivDescDropDb = __('Allows dropping databases and tables.');
69 $strPrivDescDropTbl = __('Allows dropping tables.');
70 $strPrivDescEvent = __('Allows to set up events for the event scheduler.');
71 $strPrivDescExecute = __('Allows executing stored routines.');
72 $strPrivDescFile = __('Allows importing data from and exporting data into files.');
73 $strPrivDescGrantTbl = __(
74 'Allows user to give to other users or remove from other users the privileges '
75 . 'that user possess yourself.'
77 $strPrivDescIndex = __('Allows creating and dropping indexes.');
78 $strPrivDescInsert = __('Allows inserting and replacing data.');
79 $strPrivDescLockTables = __('Allows locking tables for the current thread.');
80 $strPrivDescMaxConnections = __(
81 'Limits the number of new connections the user may open per hour.'
83 $strPrivDescMaxQuestions = __(
84 'Limits the number of queries the user may send to the server per hour.'
86 $strPrivDescMaxUpdates = __(
87 'Limits the number of commands that change any table or database '
88 . 'the user may execute per hour.'
90 $strPrivDescMaxUserConnections = __(
91 'Limits the number of simultaneous connections the user may have.'
93 $strPrivDescProcess = __('Allows viewing processes of all users.');
94 $strPrivDescReferences = __('Has no effect in this MySQL version.');
95 $strPrivDescReload = __(
96 'Allows reloading server settings and flushing the server\'s caches.'
98 $strPrivDescReplClient = __(
99 'Allows the user to ask where the slaves / masters are.'
101 $strPrivDescReplSlave = __('Needed for the replication slaves.');
102 $strPrivDescSelect = __('Allows reading data.');
103 $strPrivDescShowDb = __('Gives access to the complete list of databases.');
104 $strPrivDescShowView = __('Allows performing SHOW CREATE VIEW queries.');
105 $strPrivDescShutdown = __('Allows shutting down the server.');
106 $strPrivDescSuper = __(
107 'Allows connecting, even if maximum number of connections is reached; '
108 . 'required for most administrative operations like setting global variables '
109 . 'or killing threads of other users.'
111 $strPrivDescTrigger = __('Allows creating and dropping triggers.');
112 $strPrivDescUpdate = __('Allows changing data.');
113 $strPrivDescUsage = __('No privileges.');
115 $_add_user_error = false;
117 * Get DB information: username, hostname, dbname,
118 * tablename, db_and_table, dbname_is_wildcard
120 list(
121 $username, $hostname, $dbname, $tablename, $routinename,
122 $db_and_table, $dbname_is_wildcard
123 ) = PMA_getDataForDBInfo();
126 * Checks if the user is allowed to do what he tries to...
128 if (!$GLOBALS['is_superuser'] && !$GLOBALS['is_grantuser']
129 && !$GLOBALS['is_createuser']
131 $response->addHTML(PMA_getHtmlForSubPageHeader('privileges', '', false));
132 $response->addHTML(
133 PMA\libraries\Message::error(__('No Privileges'))
134 ->getDisplay()
136 exit;
140 * Checks if the user is using "Change Login Information / Copy User" dialog
141 * only to update the password
143 if (isset($_REQUEST['change_copy']) && $username == $_REQUEST['old_username']
144 && $hostname == $_REQUEST['old_hostname']
146 $response->addHTML(
147 PMA\libraries\Message::error(
149 "Username and hostname didn't change. "
150 . "If you only want to change the password, "
151 . "'Change password' tab should be used."
153 )->getDisplay()
155 $response->setRequestStatus(false);
156 exit;
160 * Changes / copies a user, part I
162 list($queries, $password) = PMA_getDataForChangeOrCopyUser();
165 * Adds a user
166 * (Changes / copies a user, part II)
168 list($ret_message, $ret_queries, $queries_for_display, $sql_query, $_add_user_error)
169 = PMA_addUser(
170 isset($dbname)? $dbname : null,
171 isset($username)? $username : null,
172 isset($hostname)? $hostname : null,
173 isset($password)? $password : null,
174 $cfgRelation['menuswork']
176 //update the old variables
177 if (isset($ret_queries)) {
178 $queries = $ret_queries;
179 unset($ret_queries);
181 if (isset($ret_message)) {
182 $message = $ret_message;
183 unset($ret_message);
187 * Changes / copies a user, part III
189 if (isset($_REQUEST['change_copy'])) {
190 $queries = PMA_getDbSpecificPrivsQueriesForChangeOrCopyUser(
191 $queries, $username, $hostname
195 $itemType = '';
196 if (! empty($routinename)) {
197 $itemType = PMA_getRoutineType($dbname, $routinename);
201 * Updates privileges
203 if (! empty($_POST['update_privs'])) {
204 if (is_array($dbname)) {
205 foreach ($dbname as $key => $db_name) {
206 list($sql_query[$key], $message) = PMA_updatePrivileges(
207 (isset($username) ? $username : ''),
208 (isset($hostname) ? $hostname : ''),
209 (isset($tablename)
210 ? $tablename
211 : (isset($routinename) ? $routinename : '')),
212 (isset($db_name) ? $db_name : ''),
213 $itemType
217 $sql_query = implode("\n", $sql_query);
218 } else {
219 list($sql_query, $message) = PMA_updatePrivileges(
220 (isset($username) ? $username : ''),
221 (isset($hostname) ? $hostname : ''),
222 (isset($tablename)
223 ? $tablename
224 : (isset($routinename) ? $routinename : '')),
225 (isset($dbname) ? $dbname : ''),
226 $itemType
232 * Assign users to user groups
234 if (! empty($_REQUEST['changeUserGroup']) && $cfgRelation['menuswork']
235 && $GLOBALS['is_superuser'] && $GLOBALS['is_createuser']
237 PMA_setUserGroup($username, $_REQUEST['userGroup']);
238 $message = PMA\libraries\Message::success();
242 * Revokes Privileges
244 if (isset($_REQUEST['revokeall'])) {
245 list ($message, $sql_query) = PMA_getMessageAndSqlQueryForPrivilegesRevoke(
246 (isset($dbname) ? $dbname : ''),
247 (isset($tablename)
248 ? $tablename
249 : (isset($routinename) ? $routinename : '')),
250 $username,
251 $hostname,
252 $itemType
257 * Updates the password
259 if (isset($_REQUEST['change_pw'])) {
260 $message = PMA_updatePassword(
261 $err_url, $username, $hostname
266 * Deletes users
267 * (Changes / copies a user, part IV)
269 if (isset($_REQUEST['delete'])
270 || (isset($_REQUEST['change_copy']) && $_REQUEST['mode'] < 4)
272 include_once 'libraries/relation_cleanup.lib.php';
273 $queries = PMA_getDataForDeleteUsers($queries);
274 if (empty($_REQUEST['change_copy'])) {
275 list($sql_query, $message) = PMA_deleteUser($queries);
280 * Changes / copies a user, part V
282 if (isset($_REQUEST['change_copy'])) {
283 $queries = PMA_getDataForQueries($queries, $queries_for_display);
284 $message = PMA\libraries\Message::success();
285 $sql_query = join("\n", $queries);
289 * Reloads the privilege tables into memory
291 $message_ret = PMA_updateMessageForReload();
292 if (isset($message_ret)) {
293 $message = $message_ret;
294 unset($message_ret);
298 * If we are in an Ajax request for Create User/Edit User/Revoke User/
299 * Flush Privileges, show $message and exit.
301 if ($response->isAjax()
302 && empty($_REQUEST['ajax_page_request'])
303 && ! isset($_REQUEST['export'])
304 && (! isset($_REQUEST['submit_mult']) || $_REQUEST['submit_mult'] != 'export')
305 && ((! isset($_REQUEST['initial']) || $_REQUEST['initial'] === null
306 || $_REQUEST['initial'] === '')
307 || (isset($_REQUEST['delete']) && $_REQUEST['delete'] === __('Go')))
308 && ! isset($_REQUEST['showall'])
309 && ! isset($_REQUEST['edit_user_group_dialog'])
310 && ! isset($_REQUEST['db_specific'])
312 $extra_data = PMA_getExtraDataForAjaxBehavior(
313 (isset($password) ? $password : ''),
314 (isset($sql_query) ? $sql_query : ''),
315 (isset($hostname) ? $hostname : ''),
316 (isset($username) ? $username : '')
319 if (! empty($message) && $message instanceof PMA\libraries\Message) {
320 $response->setRequestStatus($message->isSuccess());
321 $response->addJSON('message', $message);
322 $response->addJSON($extra_data);
323 exit;
328 * Displays the links
330 if (isset($_REQUEST['viewing_mode']) && $_REQUEST['viewing_mode'] == 'db') {
331 $GLOBALS['db'] = $_REQUEST['db'] = $_REQUEST['checkprivsdb'];
333 $url_query .= '&amp;goto=db_operations.php';
335 // Gets the database structure
336 $sub_part = '_structure';
337 ob_start();
339 list(
340 $tables,
341 $num_tables,
342 $total_num_tables,
343 $sub_part,
344 $is_show_stats,
345 $db_is_system_schema,
346 $tooltip_truename,
347 $tooltip_aliasname,
348 $pos
349 ) = PMA\libraries\Util::getDbInfo($db, isset($sub_part) ? $sub_part : '');
351 $content = ob_get_contents();
352 ob_end_clean();
353 $response->addHTML($content . "\n");
354 } else {
355 if (! empty($GLOBALS['message'])) {
356 $response->addHTML(PMA\libraries\Util::getMessage($GLOBALS['message']));
357 unset($GLOBALS['message']);
362 * Displays the page
364 $response->addHTML(
365 PMA_getHtmlForUserGroupDialog(
366 isset($username)? $username : null,
367 $cfgRelation['menuswork']
371 // export user definition
372 if (isset($_REQUEST['export'])
373 || (isset($_REQUEST['submit_mult']) && $_REQUEST['submit_mult'] == 'export')
375 list($title, $export) = PMA_getListForExportUserDefinition(
376 isset($username) ? $username : null,
377 isset($hostname) ? $hostname : null
380 unset($username, $hostname, $grants, $one_grant);
382 if ($response->isAjax()) {
383 $response->addJSON('message', $export);
384 $response->addJSON('title', $title);
385 exit;
386 } else {
387 $response->addHTML("<h2>$title</h2>$export");
391 if (isset($_REQUEST['adduser'])) {
392 // Add user
393 $response->addHTML(
394 PMA_getHtmlForAddUser((isset($dbname) ? $dbname : ''))
396 } elseif (isset($_REQUEST['checkprivsdb'])) {
397 if (isset($_REQUEST['checkprivstable'])) {
398 // check the privileges for a particular table.
399 $response->addHTML(
400 PMA_getHtmlForSpecificTablePrivileges(
401 $_REQUEST['checkprivsdb'], $_REQUEST['checkprivstable']
404 } else {
405 // check the privileges for a particular database.
406 $response->addHTML(
407 PMA_getHtmlForSpecificDbPrivileges($_REQUEST['checkprivsdb'])
410 } else {
411 if (isset($dbname) && ! is_array($dbname)) {
412 $url_dbname = urlencode(
413 str_replace(
414 array('\_', '\%'),
415 array('_', '%'),
416 $_REQUEST['dbname']
421 if (! isset($username)) {
422 // No username is given --> display the overview
423 $response->addHTML(
424 PMA_getHtmlForUserOverview($pmaThemeImage, $text_dir)
426 } else if (!empty($routinename)) {
427 $response->addHTML(
428 PMA_getHtmlForRoutineSpecificPrivilges(
429 $username, $hostname, $dbname, $routinename,
430 (isset($url_dbname) ? $url_dbname : '')
433 } else {
434 // A user was selected -> display the user's properties
435 // In an Ajax request, prevent cached values from showing
436 if ($response->isAjax()) {
437 header('Cache-Control: no-cache');
440 $response->addHTML(
441 PMA_getHtmlForUserProperties(
442 (isset($dbname_is_wildcard) ? $dbname_is_wildcard : ''),
443 (isset($url_dbname) ? $url_dbname : ''),
444 $username, $hostname,
445 (isset($dbname) ? $dbname : ''),
446 (isset($tablename) ? $tablename : '')
452 if ((isset($_REQUEST['viewing_mode']) && $_REQUEST['viewing_mode'] == 'server')
453 && $GLOBALS['cfgRelation']['menuswork']
455 $response->addHTML('</div>');