6 * Gets some core libraries
8 require('./libraries/grab_globals.lib.php3');
9 require('./libraries/common.lib.php3');
13 * Defines the url to return to in case of error in a sql statement
15 $err_url = 'user_details.php3'
17 . '&convcharset=' . $convcharset
18 . '&server=' . $server
24 * Displays the table of grants for an user
26 * @param mixed the id of the query used to get hosts and databases lists
27 * or an arry containing host and user informations
28 * @param mixed the database to check garnts for, FALSE for all databases
30 * @return boolean always true
32 * @global string the current language
33 * @global string the current charset for MySQL
34 * @global integer the server to use (refers to the number in the
39 * @TODO "SHOW GRANTS" statements is available and buggyless since
40 * MySQL 3.23.4 and it seems not to return privileges of the anonymous
41 * user while these privileges applies to all users.
43 function PMA_tableGrants(&$host_db_result, $dbcheck = FALSE) {
44 global $lang, $convcharset, $server;
47 <!-- Table of grants
-->
48 <table border
="<?php echo $GLOBALS['cfg']['Border']; ?>">
54 echo ' <th>' . $GLOBALS['strAction'] . '</th>' . "\n";
55 echo ' <th>' . $GLOBALS['strHost'] . '</th>' . "\n";
56 echo ' <th>' . $GLOBALS['strUser'] . '</th>';
59 echo ' <th colspan="2">' . $GLOBALS['strAction'] . '</th>';
62 echo ' <th>' . $GLOBALS['strDatabase'] . '</th>' . "\n";
63 echo ' <th>' . UCFirst($GLOBALS['strTable']) . '</th>' . "\n";
64 echo ' <th>' . $GLOBALS['strPrivileges'] . '</th>' . "\n";
66 echo ' <th>Grant Option</th>' . "\n";
74 $url_query = 'lang=' . $lang . '&convcharset=' . $convcharset . '&server=' . $server . '&db=mysql&table=user';
76 while ($row = (is_array($host_db_result) ?
$host_db_result : PMA_mysql_fetch_array($host_db_result))) {
77 $local_query = 'SHOW GRANTS FOR \'' . $row['User'] . '\'@\'' . $row['Host'] . '\'';
78 $result = PMA_mysql_query($local_query);
79 $grants_cnt = ($result) ? @mysql_num_rows
($result) : 0;
83 while ($usr_row = PMA_mysql_fetch_row($result)) {
84 if (eregi('GRANT (.*) ON ([^.]+).([^.]+) TO .*$', $usr_row[0], $parts)) {
85 // loic1: bug #487673 - revoke 'reference'
86 if ($parts[1] == 'USAGE') {
89 $priv = ereg_replace('REFERENCE([^S]|$)', 'REFERENCES\\1', trim($parts[1]));
92 $table = trim($parts[3]);
93 $grantopt = eregi('WITH GRANT OPTION$', $usr_row[0]);
103 if ($priv == '' && !$grantopt) {
107 // Checking the database (take into account wildcards)
109 && ($db != '*' && $db != $dbcheck)) {
110 // TODO: db names may contain characters that are regexp
112 $re = '(^|(\\\\\\\\)+|[^\])';
113 $db_regex = ereg_replace($re . '%', '\\1.*', ereg_replace($re . '_', '\\1.{1}', $db));
114 if (!eregi('^' . $db_regex . '$', $dbcheck)) {
119 $bgcolor = ($i %
2) ?
$GLOBALS['cfg']['BgcolorOne'] : $GLOBALS['cfg']['BgcolorTwo'];
120 $revoke_url = 'sql.php3'
122 . '&sql_query=' . urlencode('REVOKE ' . $priv . ' ON ' . PMA_backquote($db) . '.' . PMA_backquote($table) . ' FROM \'' . $row['User'] . '\'@\'' . $row['Host'] . '\'')
123 . '&zero_rows=' . urlencode(sprintf($GLOBALS['strRevokeMessage'], ' <span style="color: #002E80">' . $row['User'] . '@' . $row['Host'] . '</span>') . '<br />' . $GLOBALS['strRememberReload'])
124 . '&goto=user_details.php3';
126 $revoke_grant_url = 'sql.php3'
128 . '&sql_query=' . urlencode('REVOKE GRANT OPTION ON ' . PMA_backquote($db) . '.' . PMA_backquote($table) . ' FROM \'' . $row['User'] . '\'@\'' . $row['Host'] . '\'')
129 . '&zero_rows=' . urlencode(sprintf($GLOBALS['strRevokeGrantMessage'], ' <span style="color: #002E80">' . $row['User'] . '@' . $row['Host'] . '</span>') . '<br />' . $GLOBALS['strRememberReload'])
130 . '&goto=user_details.php3';
139 <td
<?php
if (!$grantopt) echo ' colspan="2"'; ?
> bgcolor
="<?php echo $bgcolor; ?>">
140 <a href
="<?php echo $revoke_url; ?>">
141 <?php
echo $GLOBALS['strRevokePriv']; ?
></a
>
148 <td
<?php
if (!$priv) echo ' colspan="2"'; ?
> bgcolor
="<?php echo $bgcolor; ?>">
149 <a href
="<?php echo $revoke_grant_url; ?>">
150 <?php
echo $GLOBALS['strRevokeGrant']; ?
></a
>
158 <td bgcolor
="<?php echo $bgcolor; ?>">
159 <a href
="<?php echo $revoke_url; ?>">
160 <?php
echo $GLOBALS['strRevoke']; ?
></a
>
166 <td bgcolor
="<?php echo $bgcolor; ?>"> 
;</td
>
171 <td bgcolor
="<?php echo $bgcolor; ?>"><?php
echo $row['Host']; ?
></td
>
172 <td bgcolor
="<?php echo $bgcolor; ?>"><?php
echo ($row['User']) ?
$row['User'] : '<span style="color: #FF0000">' . $GLOBALS['strAny'] . '</span>'; ?
></td
>
177 <td bgcolor
="<?php echo $bgcolor; ?>"><?php
echo ($db == '*') ?
'<span style="color: #002E80">' . $GLOBALS['strAll'] . '</span>' : $db; ?
></td
>
178 <td bgcolor
="<?php echo $bgcolor; ?>"><?php
echo ($table == '*') ?
'<span style="color: #002E80">' . $GLOBALS['strAll'] . '</span>' : $table; ?
></td
>
179 <td bgcolor
="<?php echo $bgcolor; ?>"><?php
echo ($priv != '') ?
$priv : '<span style="color: #002E80">' . $GLOBALS['strNoPrivileges'] . '</span>'; ?
></td
>
184 <td bgcolor
="<?php echo $bgcolor; ?>"><?php
echo ($grantopt) ?
$GLOBALS['strYes'] : $GLOBALS['strNo']; ?
></td
>
189 <!-- Debug
<td bgcolor
="<?php echo $bgcolor; ?>"><?php
echo $usr_row[0] ?
></td
> Debug
-->
194 } // end while $usr_row
195 } // end if $grants_cnt >0
196 // $host_db_result is an array containing related to only one user
198 if (is_array($host_db_result)) {
210 } // end of the 'PMA_tableGrants()' function
214 * Displays the list of grants for a/all database/s
216 * @param mixed the database to check garnts for, FALSE for all databases
218 * @return boolean true/false in case of success/failure
220 * @see PMA_tableGrants()
222 function PMA_checkDb($dbcheck)
224 $local_query = 'SELECT Host, User FROM mysql.user ORDER BY Host, User';
225 $result = PMA_mysql_query($local_query);
226 $host_usr_cnt = ($result) ? @mysql_num_rows
($result) : 0;
228 if (!$host_usr_cnt) {
231 PMA_tableGrants($result, $dbcheck);
234 } // end of the 'PMA_checkDb()' function
238 * Displays the privileges part of a page
240 * @param string the name of the form for js validation
241 * @param array the list of the privileges of the user
243 * @return boolean always true
245 * @global integer whether all/none of the privileges have to be checked or
248 * @see PMA_normalOperations()
250 function PMA_tablePrivileges($form, $row = FALSE)
254 $checkpriv_url = $GLOBALS['cfg']['PmaAbsoluteUri']
255 . 'user_details.php3?';
256 if (empty($GLOBALS['QUERY_STRING'])) {
257 $GLOBALS['QUERY_STRING'] = (isset($_SERVER))
258 ?
$_SERVER['QUERY_STRING']
259 : $GLOBALS['HTTP_SERVER_VARS']['QUERY_STRING'];
261 if (!empty($GLOBALS['QUERY_STRING'])) {
262 $checkpriv_url .= str_replace('&', '&', $GLOBALS['QUERY_STRING']) . '&';
269 $list_priv = array('Select', 'Insert', 'Update', 'Delete', 'Create', 'Drop', 'Reload',
270 'Shutdown', 'Process', 'File', 'Grant', 'References', 'Index', 'Alter');
272 while ((list(,$priv) = each($list_priv)) && ++
$item) {
273 $priv_priv = $priv . '_priv';
274 if (isset($checkpriv)) {
275 $checked = ($checkpriv == 'all') ?
' checked="checked"' : '';
277 $checked = ($row && $row[$priv_priv] == 'Y') ?
' checked="checked"' : '';
279 if ($item %
2 == 1) {
282 echo ' <td> </td>' . "\n";
285 echo ' <input type="checkbox" name="' . $priv . '_priv" id="checkbox_priv_' . $priv . '"' . $checked . ' />' . "\n";
286 echo ' </td>' . "\n";
287 echo ' <td><label for="checkbox_priv_' . $priv . '">' . $priv . '</label></td>' . "\n";
288 if ($item %
2 == 0) {
289 echo ' </tr>' . "\n";
292 if ($item %
2 == 1) {
293 echo ' <td colspan="2"> <td>' . "\n";
294 echo ' </tr>' . "\n";
301 <a href
="<?php echo $checkpriv_url; ?>checkpriv=all" onclick
="checkForm('<?php echo $form; ?>', true); return false">
302 <?php
echo $GLOBALS['strCheckAll']; ?
></a
>
306 <a href
="<?php echo $checkpriv_url; ?>checkpriv=none" onclick
="checkForm('<?php echo $form; ?>', false); return false">
307 <?php
echo $GLOBALS['strUncheckAll']; ?
></a
>
315 } // end of the 'PMA_tablePrivileges()' function
319 * Displays the page for "normal" operations
321 * @return boolean always true
323 * @global string the current language
324 * @global string the current charset for MySQL
325 * @global integer the server to use (refers to the number in the
326 * configuration file)
328 * @see PMA_tablePrivileges()
330 function PMA_normalOperations()
332 global $lang, $convcharset, $server;
338 <div style
="margin-bottom: 10px">
339 <a href
="user_details.php3?lang=<?php echo $lang; ?>&convcharset=<?php echo $convcharset; ?>&server=<?php echo $server; ?>&db=mysql&table=user&mode=reload">
340 <?php
echo $GLOBALS['strReloadMySQL']; ?
></a
> 
;
341 <?php
echo PMA_showDocuShort('F/L/FLUSH.html') . "\n"; ?
>
346 <form name
="dbPrivForm" action
="user_details.php3" method
="post">
347 <?php
echo $GLOBALS['strCheckDbPriv'] . "\n"; ?
>
351 <?php
echo $GLOBALS['strDatabase']; ?
> 
;: 
;
355 $result = PMA_mysql_query('SHOW DATABASES');
356 if ($result && @mysql_num_rows
($result)) {
357 while ($row = PMA_mysql_fetch_row($result)) {
359 echo '<option value="' . str_replace('"', '"', $row[0]) . '">' . htmlspecialchars($row[0]) . '</option>' . "\n";
364 <input type
="hidden" name
="lang" value
="<?php echo $lang; ?>" />
365 <input type
="hidden" name
="convcharset" value
="<?php echo $convcharset; ?>" />
366 <input type
="hidden" name
="server" value
="<?php echo $server; ?>" />
367 <input type
="hidden" name
="check" value
="1" />
368 <input type
="submit" value
="<?php echo $GLOBALS['strGo']; ?>" />
376 <form action
="user_details.php3" method
="post" name
="addUserForm" onsubmit
="return checkAddUser()">
377 <?php
echo $GLOBALS['strAddUser'] . "\n"; ?
>
381 <input type
="radio" name
="anyhost" id
="radio_anyhost0" checked
="checked" />
382 <label
for="radio_anyhost0"><?php
echo $GLOBALS['strAnyHost']; ?
></label
>
386 <input type
="radio" name
="anyhost" id
="radio_anyhost1" />
387 <label
for="radio_anyhost1"><?php
echo $GLOBALS['strHost']; ?
></label
> 
;: 
;
390 <input type
="text" name
="host" size
="10" class="textfield" <?php
echo $GLOBALS['chg_evt_handler']; ?
>="this.form.anyhost[1].checked = true" />
395 <input type
="radio" name
="anyuser" id
="radio_anyuser0" />
396 <label
for="radio_anyuser0"><?php
echo $GLOBALS['strAnyUser']; ?
></label
>
400 <input type
="radio" name
="anyuser" id
="radio_anyuser1" checked
="checked" />
401 <label
for="radio_anyuser1"><?php
echo $GLOBALS['strUserName']; ?
></label
> 
;: 
;
404 <input type
="text" name
="pma_user" size
="10" class="textfield" <?php
echo $GLOBALS['chg_evt_handler']; ?
>="this.form.anyuser[1].checked = true" />
409 <input type
="radio" name
="nopass" value
="1" id
="radio_nopass1" onclick
="pma_pw.value = ''; pma_pw2.value = ''; this.checked = true" />
410 <label
for="radio_nopass1"><?php
echo $GLOBALS['strNoPassword']; ?
></label
>
414 <input type
="radio" name
="nopass" value
="0" id
="radio_nopass0" checked
="checked" />
415 <label
for="radio_nopass0"><?php
echo $GLOBALS['strPassword']; ?
></label
> 
;: 
;
418 <input type
="password" name
="pma_pw" size
="10" class="textfield" <?php
echo $GLOBALS['chg_evt_handler']; ?
>="nopass[1].checked = true" />
420 <?php
echo $GLOBALS['strReType']; ?
> 
;: 
;
421 <input type
="password" name
="pma_pw2" size
="10" class="textfield" <?php
echo $GLOBALS['chg_evt_handler']; ?
>="nopass[1].checked = true" />
427 <?php
echo $GLOBALS['strPrivileges']; ?
> 
;:
434 PMA_tablePrivileges('addUserForm');
436 <input type
="hidden" name
="lang" value
="<?php echo $lang; ?>" />
437 <input type
="hidden" name
="convcharset" value
="<?php echo $convcharset; ?>" />
438 <input type
="hidden" name
="server" value
="<?php echo $server; ?>" />
439 <input type
="submit" name
="submit_addUser" value
="<?php echo $GLOBALS['strGo']; ?>" />
447 } // end of the 'PMA_normalOperations()' function
451 * Displays the grant operations part of an user properties page
453 * @param array grants of the current user
455 * @return boolean always true
457 * @global string the current language
458 * @global string the current charset for MySQL
459 * @global integer the server to use (refers to the number in the
460 * configuration file)
461 * @global string the host name to check grants for
462 * @global string the username to check grants for
463 * @global string the database to check grants for
464 * @global string the table to check grants for
466 * @see PMA_tablePrivileges()
468 function PMA_grantOperations($grants)
470 global $lang, $convcharset, $server, $host, $pma_user;
471 global $dbgrant, $tablegrant, $newdb;
477 <div style
="margin-bottom: 10px">
478 <a href
="user_details.php3?lang=<?php echo $lang; ?>&convcharset=<?php echo $convcharset; ?>&server=<?php echo $server; ?>&db=mysql&table=user">
479 <?php
echo $GLOBALS['strBack']; ?
></a
>
484 <form action
="user_details.php3" method
="post" name
="userGrants">
485 <input type
="hidden" name
="lang" value
="<?php echo $lang; ?>" />
486 <input type
="hidden" name
="convcharset" value
="<?php echo $convcharset; ?>" />
487 <input type
="hidden" name
="server" value
="<?php echo $server; ?>" />
488 <input type
="hidden" name
="grants" value
="1" />
489 <input type
="hidden" name
="host" value
="<?php echo str_replace('"', '"
;', $host); ?>" />
490 <input type="hidden" name="pma_user" value="<?php echo str_replace('"', '"', $pma_user); ?>" />
492 <?php
echo $GLOBALS['strAddPriv'] . "\n"; ?
>
496 <input type
="radio" name
="anydb" value
="1" id
="radio_anydb1"<?php
echo ($dbgrant) ?
'' : ' checked="checked"'; ?
> />
497 <label
for="radio_anydb1"><?php
echo $GLOBALS['strAnyDatabase']; ?
></label
>
499 <td
> 
; 
; 
;</td
>
501 <input type
="radio" name
="anydb" value
="0" id
="radio_anydb0"<?php
echo ($dbgrant) ?
' checked="checked"' : ''; ?
> />
502 <label
for="radio_anydb0"><?php
echo $GLOBALS['strDatabase']; ?
></label
><a href
="./Documentation.html#underscore" target
="documentation" title
="<?php echo $GLOBALS['strDocu']; ?>">(*)</a
> 
;: 
;
505 <select name
="dbgrant" onchange
="change(this)">
509 // if (!isset($dbgrant)) {
511 // echo '<option></option>' . "\n";
513 $is_selected_db = FALSE;
514 $result = PMA_mysql_query('SHOW DATABASES');
515 if ($result && @mysql_num_rows
($result)) {
516 while ($row = PMA_mysql_fetch_row($result)) {
517 $selected = (($row[0] == $dbgrant) ?
' selected="selected"' : '');
518 if (!empty($selected)) {
519 $is_selected_db = TRUE;
522 echo '<option' . $selected . '>' . $row[0] . '</option>' . "\n";
530 <input type
="submit" value
="<?php echo $GLOBALS['strShowTables']; ?>" />
535 <input type
="radio" name
="anytable" value
="1" id
="radio_anytable1"<?php
echo ($tablegrant) ?
'' : ' checked="checked"'; ?
> />
536 <label
for="radio_anytable1"><?php
echo $GLOBALS['strAnyTable']; ?
></label
>
538 <td
> 
; 
; 
;</td
>
540 <input type
="radio" name
="anytable" value
="0" id
="radio_anytable0"<?php
echo ($tablegrant) ?
' checked="checked"' : ''; ?
> />
541 <label
for="radio_anytable0"><?php
echo $GLOBALS['strTable']; ?
></label
> 
;: 
;
544 <select name
="tablegrant" onchange
="change(this)">
548 // if (!isset($tablegrant)) {
550 // echo '<option></option>' . "\n";
552 if (isset($dbgrant)) {
553 $result = PMA_mysql_query('SHOW TABLES FROM ' . PMA_backquote($dbgrant));
554 if ($result && @mysql_num_rows
($result)) {
555 while ($row = PMA_mysql_fetch_row($result)) {
556 $selected = ((isset($tablegrant) && $row[0] == $tablegrant) ?
' selected="selected"' : '');
558 echo '<option' . $selected . '>' . $row[0] . '</option>' . "\n";
567 <input type
="submit" value
="<?php echo $GLOBALS['strShowCols']; ?>" />
572 <input type
="radio" name
="anycolumn" value
="1" id
="radio_anycolumn1" checked
="checked" />
573 <label
for="radio_anycolumn1"><?php
echo $GLOBALS['strAnyColumn']; ?
></label
>
575 <td
> 
; 
; 
;</td
>
577 <input type
="radio" name
="anycolumn" value
="0" id
="radio_anycolumn0" />
578 <label
for="radio_anycolumn0"><?php
echo $GLOBALS['strColumn']; ?
></label
> 
;: 
;
583 if (!isset($dbgrant) ||
!isset($tablegrant)) {
584 echo ' ' . '<select name="colgrant[]">' . "\n";
585 echo ' ' . '<option></option>' . "\n";
586 echo ' ' . '</select>' . "\n";
589 $result = PMA_mysql_query('SHOW COLUMNS FROM ' . PMA_backquote($tablegrant) . ' FROM ' . PMA_backquote($dbgrant));
590 if ($result && @mysql_num_rows
($result)) {
592 . '<select name="colgrant[]" multiple="multiple" onchange="anycolumn[1].checked = true">' . "\n";
593 while ($row = PMA_mysql_fetch_row($result)) {
595 echo '<option value="' . str_replace('"', '"', $row[0]) . '">' . $row[0] . '</option>' . "\n";
598 echo ' ' . '<select name="colgrant[]">' . "\n";
599 echo ' ' . '<option></option>' . "\n";
600 } // end if... else...
602 . '</select>' . "\n";
610 <i
><?php
echo $GLOBALS['strOr']; ?
></i
>
615 <?php
echo $GLOBALS['strDatabaseWildcard'] . "\n"; ?
> 
;
616 <input type
="text" name
="newdb" value
="<?php echo ((!$is_selected_db && !empty($pma_user)) ? $pma_user . '%' : ''); ?>" class="textfield" <?php
echo $GLOBALS['chg_evt_handler']; ?
>="change(this)" />
625 <?php
echo $GLOBALS['strPrivileges']; ?
> 
;: 
;
632 PMA_tablePrivileges('userGrants', $grants);
634 <input type
="submit" name
="upd_grants" value
="<?php echo $GLOBALS['strGo']; ?>" />
643 } // end of the 'PMA_grantOperations()' function
647 * Displays the page to edit operations
649 * @param string the host name to check grants for
650 * @param string the user name to check grants for
652 * @return boolean always true
654 * @global string the current language
655 * @global string the current charset for MySQL
656 * @global integer the server to use (refers to the number in the
657 * configuration file)
659 * @see PMA_tablePrivileges()
661 function PMA_editOperations($host, $user)
663 global $lang, $convcharset, $server;
665 $result = PMA_mysql_query('SELECT * FROM mysql.user WHERE User = \'' . PMA_sqlAddslashes($user) . '\' AND Host = \'' . PMA_sqlAddslashes($host) . '\'');
666 $rows = ($result) ? @mysql_num_rows
($result) : 0;
672 $row = PMA_mysql_fetch_array($result);
678 <div style
="margin-bottom: 10px">
679 <a href
="user_details.php3?lang=<?php echo $lang; ?>&convcharset=<?php echo $convcharset; ?>&server=<?php echo $server; ?>&db=mysql&table=user">
680 <?php
echo $GLOBALS['strBack']; ?
></a
>
685 <form action
="user_details.php3" method
="post" name
="updUserForm" onsubmit
="return checkUpdProfile()">
686 <?php
echo $GLOBALS['strUpdateProfile'] . "\n"; ?
>
690 <input type
="radio" value
="1" name
="anyhost" id
="radio_anyhost1"<?php
if ($host == '' ||
$host == '%') echo ' checked="checked"'; ?
> />
691 <label
for="radio_anyhost1"><?php
echo $GLOBALS['strAnyHost']; ?
></label
>
695 <input type
="radio" value
="0" name
="anyhost" id
="radio_anyhost0"<?php
if ($host != '' && $host != '%') echo ' checked="checked"'; ?
> />
696 <label
for="radio_anyhost0"><?php
echo $GLOBALS['strHost']; ?
></label
> 
;: 
;
699 <input type
="text" name
="new_server" size
="10" value
="<?php echo str_replace('"', '"
;', $host); ?>" class="textfield" <?php echo $GLOBALS['chg_evt_handler
']; ?>="this.form.anyhost[1].checked = true" />
704 <input type="radio" value="1" name="anyuser" id="radio_anyuser1"<?php if ($user == '' || $user == '%
') echo ' checked
="checked"'; ?> />
705 <label for="radio_anyuser1"><?php echo $GLOBALS['strAnyUser
']; ?></label>
709 <input type="radio" value="0" name="anyuser" id="radio_anyuser0"<?php if ($user != '' && $user != '%
') echo ' checked
="checked"'; ?> />
710 <label for="radio_anyuser0"><?php echo $GLOBALS['strUserName
']; ?></label> :
713 <input type="text" name="new_user" size="10" value="<?php echo str_replace('"', '"', $user); ?>" class="textfield" <?php
echo $GLOBALS['chg_evt_handler']; ?
>="this.form.anyuser[1].checked = true" />
718 <input type
="radio" name
="nopass" value
="-1" id
="radio_nopass-1" checked
="checked" onclick
="new_pw.value = ''; new_pw2.value = ''; this.checked = true" />
719 <label
for="radio_nopass-1"><?php
echo $GLOBALS['strKeepPass']; ?
></label
>
721 <td colspan
="3"> 
;</td
>
724 <td colspan
="4" align
="<?php echo $GLOBALS['cell_align_left']; ?>"> 
; 
; 
; 
; 
; 
;<?php
echo $GLOBALS['strOr']; ?
></td
>
728 <input type
="radio" name
="nopass" value
="1" id
="radio_nopass1" onclick
="new_pw.value = ''; new_pw2.value = ''; this.checked = true" />
729 <label
for="radio_nopass1"><?php
echo $GLOBALS['strNoPassword']; ?
></label
>
733 <input type
="radio" name
="nopass" value
="0" id
="radio_nopass0" />
734 <label
for="radio_nopass0"><?php
echo $GLOBALS['strPassword']; ?
></label
> 
;: 
;
737 <input type
="password" name
="new_pw" size
="10" <?php
echo $GLOBALS['chg_evt_handler']; ?
>="nopass[2].checked = true" />
739 <?php
echo $GLOBALS['strReType']; ?
> 
;: 
;
740 <input type
="password" name
="new_pw2" size
="10" <?php
echo $GLOBALS['chg_evt_handler']; ?
>="nopass[2].checked = true" />
744 <input type
="hidden" name
="lang" value
="<?php echo $lang; ?>" />
745 <input type
="hidden" name
="convcharset" value
="<?php echo $convcharset; ?>" />
746 <input type
="hidden" name
="server" value
="<?php echo $server; ?>" />
747 <input type
="hidden" name
="host" value
="<?php echo str_replace('"', '"
;', $host); ?>" />
748 <input type="hidden" name="pma_user" value="<?php echo str_replace('"', '"', $user); ?>" />
749 <input type
="submit" name
="submit_updProfile" value
="<?php echo $GLOBALS['strGo']; ?>" />
754 <form action
="user_details.php3" method
="post" name
="privForm">
755 <?php
echo $GLOBALS['strEditPrivileges'] . "\n"; ?
>
757 PMA_tablePrivileges('privForm', $row);
760 <input type
="hidden" name
="lang" value
="<?php echo $lang; ?>" />
761 <input type
="hidden" name
="convcharset" value
="<?php echo $convcharset; ?>" />
762 <input type
="hidden" name
="server" value
="<?php echo $server; ?>" />
763 <input type
="hidden" name
="host" value
="<?php echo str_replace('"', '"
;', $host); ?>" />
764 <input type="hidden" name="pma_user" value="<?php echo str_replace('"', '"', $user); ?>" />
765 <input type
="submit" name
="submit_chgPriv" value
="<?php echo $GLOBALS['strGo']; ?>" />
774 } // end of the 'PMA_editOperations()' function
778 * Displays the table of the users
780 * @param string the host name
781 * @param string the user name
783 * @return boolean always true
785 * @global string the current language
786 * @global string the current charset for MySQL
787 * @global integer the server to use (refers to the number in the
788 * configuration file)
790 function PMA_tableUsers($host = FALSE, $user = FALSE)
792 global $lang, $convcharset, $server;
794 $local_query = 'SELECT * FROM mysql.user ';
795 if ($host ||
$user) {
796 $local_query .= ' WHERE 1 ';
799 $local_query .= ' AND Host = \'' . PMA_sqlAddslashes($host) . '\'';
800 $local_query .= ' AND User = \'' . PMA_sqlAddslashes($user) . '\'';
802 $local_query .= ' ORDER BY Host, User';
803 $result = PMA_mysql_query($local_query);
804 $rows = ($result) ? @mysql_num_rows
($result) : 0;
810 echo '<i>' . $GLOBALS['strEnglishPrivileges'] . '</i><br />' . "\n";
811 echo '<table border="' . $GLOBALS['cfg']['Border'] . '">' . "\n";
813 echo ' <th colspan="'. (($user) ?
'2' : '3') . '">' . $GLOBALS['strAction'] . '</th>' . "\n";
814 echo ' <th>' . $GLOBALS['strHost'] . '</th>' . "\n";
815 echo ' <th>' . $GLOBALS['strUser'] . '</th>' . "\n";
816 echo ' <th>' . $GLOBALS['strPassword'] . '</th>' . "\n";
817 echo ' <th>' . $GLOBALS['strPrivileges'] . '</th>' . "\n";
821 while ($row = PMA_mysql_fetch_array($result)) {
823 $bgcolor = ($i %
2) ?
$GLOBALS['cfg']['BgcolorOne'] : $GLOBALS['cfg']['BgcolorTwo'];
826 if ($row['Select_priv'] == 'Y') {
827 $strPriv .= 'Select ';
829 if ($row['Insert_priv'] == 'Y') {
830 $strPriv .= 'Insert ';
832 if ($row['Update_priv'] == 'Y') {
833 $strPriv .= 'Update ';
835 if ($row['Delete_priv'] == 'Y') {
836 $strPriv .= 'Delete ';
838 if ($row['Create_priv'] == 'Y') {
839 $strPriv .= 'Create ';
841 if ($row['Drop_priv'] == 'Y') {
844 if ($row['Reload_priv'] == 'Y') {
845 $strPriv .= 'Reload ';
847 if ($row['Shutdown_priv'] == 'Y') {
848 $strPriv .= 'Shutdown ';
850 if ($row['Process_priv'] == 'Y') {
851 $strPriv .= 'Process ';
853 if ($row['File_priv'] == 'Y') {
856 if ($row['Grant_priv'] == 'Y') {
857 $strPriv .= 'Grant ';
859 if ($row['References_priv'] == 'Y') {
860 $strPriv .= 'References ';
862 if ($row['Index_priv'] == 'Y') {
863 $strPriv .= 'Index ';
865 if ($row['Alter_priv'] == 'Y') {
866 $strPriv .= 'Alter ';
868 if ($strPriv == '') {
869 $strPriv = '<span style="color: #002E80">' . $GLOBALS['strNoPrivileges'] . '</span>';
872 $query = 'lang=' . $lang . '&server=' . $server . '&db=mysql&table=user&convcharset=' . $convcharset;
874 $edit_url = 'user_details.php3'
875 . '?lang=' . $lang . '&convcharset=' . $convcharset . '&server=' . $server
876 . '&edit=1&host=' . urlencode($row['Host']) . '&pma_user=' . urlencode($row['User']);
878 $delete_url = 'user_details.php3'
880 . '&delete=1&confirm=1&delete_host=' . urlencode($row['Host']) . '&delete_user=' . urlencode($row['User']);
881 $check_url = 'user_details.php3'
882 . '?lang=' . $lang . '&convcharset=' . $convcharset . '&server=' . $server
883 . '&grants=1&host=' . urlencode($row['Host']) . '&pma_user=' . urlencode($row['User']);
891 <td bgcolor
="<?php echo $bgcolor;?>">
892 <a href
="<?php echo $edit_url; ?>">
893 <?php
echo $GLOBALS['strEdit']; ?
></a
>
899 <td bgcolor
="<?php echo $bgcolor;?>">
900 <a href
="<?php echo $delete_url; ?>">
901 <?php
echo $GLOBALS['strDelete']; ?
></a
>
903 <td bgcolor
="<?php echo $bgcolor;?>">
904 <a href
="<?php echo $check_url; ?>">
905 <?php
echo $GLOBALS['strGrants']; ?
></a
>
908 <td bgcolor
="<?php echo $bgcolor;?>">
909 <a href
="<?php echo (($check_url != '') ? $check_url : '#'); ?>">
910 <?php
echo $GLOBALS['strGrants']; ?
></a
>
913 <td bgcolor
="<?php echo $bgcolor;?>">
914 <?php
echo $row['Host'] . "\n"; ?
>
916 <td bgcolor
="<?php echo $bgcolor;?>">
917 <?php
echo (($row['User']) ?
'<b>' . $row['User'] . '</b>' : '<span style="color: #FF0000">' . $GLOBALS['strAny'] . '</span>') . "\n"; ?
>
919 <td bgcolor
="<?php echo $bgcolor;?>">
920 <?php
echo (($row[$GLOBALS['password_field']]) ?
$GLOBALS['strYes'] : '<span style="color: #FF0000">' . $GLOBALS['strNo'] . '</span>') . "\n"; ?
>
922 <td bgcolor
="<?php echo $bgcolor;?>">
923 <?php
echo $strPriv . "\n"; ?
>
939 } // end of the 'PMA_tableUsers()' function
943 * Displays a confirmation form
945 * @param string the host name and...
946 * @param string ... the username to delete
948 * @global string the current language
949 * @global string the current charset for MySQL
950 * @global integer the server to use (refers to the number in the
951 * configuration file)
953 function PMA_confirm($the_host, $the_user) {
954 global $lang, $convcharset, $server;
956 if (get_magic_quotes_gpc() == 1) {
957 $the_host = stripslashes($the_host);
958 $the_user = stripslashes($the_user);
961 echo $GLOBALS['strConfirm'] . ' : <br />' . "\n";
962 echo 'DELETE FROM mysql.user WHERE Host = \'' . $the_host . '\' AND User = \'' . $the_user . '\'' . '<br />' . "\n";
964 <form action
="user_details.php3" method
="post">
965 <input type
="hidden" name
="lang" value
="<?php echo $lang; ?>" />
966 <input type
="hidden" name
="convcharset" value
="<?php echo $convcharset; ?>" />
967 <input type
="hidden" name
="server" value
="<?php echo $server; ?>" />
968 <input type
="hidden" name
="db" value
="mysql" />
969 <input type
="hidden" name
="table" value
="user" />
970 <input type
="hidden" name
="delete" value
="<?php echo(isset($GLOBALS['delete']) ? '1' : '0'); ?>" />
971 <input type
="hidden" name
="delete_host" value
="<?php echo str_replace('"', '"
;', $the_host); ?>" />
972 <input type="hidden" name="delete_user" value="<?php echo str_replace('"', '"', $the_user); ?>" />
973 <input type
="submit" name
="btnConfirm" value
="<?php echo $GLOBALS['strYes']; ?>" />
974 <input type
="submit" name
="btnConfirm" value
="<?php echo $GLOBALS['strNo']; ?>" />
979 include('./footer.inc.php3');
980 } // end of the 'PMA_confirm()' function
985 * Ensures the user is super-user and gets the case sensitive password field
988 $result = @PMA_mysql_query
('USE mysql');
989 if (PMA_mysql_error()) {
990 include('./header.inc.php3');
991 echo '<p><b>' . $strError . '</b></p>' . "\n";
992 echo '<p> ' . $strNoRights . '</p>' . "\n";
993 include('./footer.inc.php3');
996 // The previous logic did not work if the password field is named "password":
997 //$result = @PMA_mysql_query('SELECT COUNT(Password) FROM mysql.user');
998 //$password_field = (($result && PMA_mysql_result($result, 0)) ? 'Password' : 'password');
1000 // using a syntax that works with older and recent MySQL,
1001 // and assumes that the field name ends with "assword":
1002 $result = @PMA_mysql_query
('SHOW FIELDS FROM user FROM mysql LIKE \'%assword\'');
1004 $password_field = PMA_mysql_result($result, 0);
1008 * Autocomplete feature of IE kills the "onchange" event handler and it must be
1009 * replaced by the "onpropertychange" one in this case
1011 $chg_evt_handler = (PMA_USR_BROWSER_AGENT
== 'IE' && PMA_USR_BROWSER_VER
>= 5)
1012 ?
'onpropertychange'
1020 $db_bkp = (get_magic_quotes_gpc() ?
stripslashes($db) : $db);
1023 if (isset($table)) {
1024 $table_bkp = (get_magic_quotes_gpc() ?
stripslashes($table) : $table);
1027 if (get_magic_quotes_gpc()) {
1028 if (!empty($host)) {
1029 $host = stripslashes($host);
1031 if (!empty($pma_user)) {
1032 $pma_user = stripslashes($pma_user);
1036 if (!isset($message)) {
1037 $js_to_run = 'user_details.js';
1038 include('./header.inc.php3');
1040 if (!isset($submit_updProfile)) {
1042 echo ' ' . ((!isset($host) ||
$host == '') ?
$strAnyHost : $strHost . ' ' . $host) . ' - ' . ((!isset($pma_user) ||
$pma_user == '') ?
$strAnyUser : $strUser . ' ' . $pma_user) . "\n";
1045 if (isset($message)) {
1047 PMA_showMessage($message);
1050 if (isset($db_bkp)) {
1054 if (isset($table_bkp)) {
1055 $table = $table_bkp;
1061 * Some actions has been submitted
1063 // Confirms an action
1064 if (isset($confirm) && $confirm) {
1065 PMA_confirm($delete_host, $delete_user);
1070 else if (($server > 0) && isset($mode) && ($mode == 'reload')) {
1071 $result = PMA_mysql_query('FLUSH PRIVILEGES');
1073 echo '<p><b>' . $strMySQLReloaded . '</b></p>' . "\n";
1075 echo '<p><b>' . $strReloadFailed . '</b></p>' . "\n";
1080 else if (isset($delete) && $delete
1081 && isset($btnConfirm) && $btnConfirm == $strYes) {
1082 if (get_magic_quotes_gpc()) {
1083 $delete_host = stripslashes($delete_host);
1084 $delete_user = stripslashes($delete_user);
1086 $common_where = ' WHERE Host = \'' . PMA_sqlAddslashes($delete_host) . '\' AND User = \'' . PMA_sqlAddslashes($delete_user) . '\'';
1088 // Delete Grants First!
1089 $sql_query = 'DELETE FROM mysql.db' . $common_where;
1090 $sql_query_cpy = $sql_query;
1091 PMA_mysql_query($sql_query);
1092 $sql_query = 'DELETE FROM mysql.tables_priv' . $common_where;
1093 $sql_query_cpy .= ";\n" . $sql_query;
1094 PMA_mysql_query($sql_query);
1095 $sql_query = 'DELETE FROM mysql.columns_priv' . $common_where;
1096 $sql_query_cpy .= ";\n" . $sql_query;
1097 PMA_mysql_query($sql_query);
1099 $sql_query = 'DELETE FROM mysql.user' . $common_where;
1100 $sql_query_cpy .= ";\n" . $sql_query;
1101 $result = PMA_mysql_query($sql_query);
1103 $sql_query = $sql_query_cpy;
1104 unset($sql_query_cpy);
1106 PMA_showMessage(sprintf($strDeleteUserMessage, '<span style="color: #002E80">' . $delete_user . '@' . $delete_host . '</span>') . '<br />' . $strRememberReload);
1108 PMA_showMessage($strDeleteFailed);
1113 else if (isset($submit_addUser)) {
1115 if (!isset($host) ||
$host == '') {
1118 if (!isset($pma_user) ||
$pma_user == '') {
1122 // Password is not confirmed
1123 if ((!isset($nopass) ||
!$nopass) && $pma_pw == '') {
1124 echo '<p><b>' . $strError . ' : ' . $strPasswordEmpty . '</b></p>' . "\n";
1128 else if ($pma_pw != ''
1129 && (!isset($pma_pw2) ||
$pma_pw != $pma_pw2)) {
1130 echo '<p><b>' . $strError . ' : ' . $strPasswordNotSame . '</b></p>' . "\n";
1135 // Password confirmed
1138 $list_priv = array('Select', 'Insert', 'Update', 'Delete', 'Create', 'Drop', 'Reload',
1139 'Shutdown', 'Process', 'File', 'Grant', 'References', 'Index', 'Alter');
1140 for ($i = 0; $i < 14; $i++
) {
1141 $priv_name = $list_priv[$i] . '_priv';
1142 if (isset($
$priv_name)) {
1143 $sql_query .= (empty($sql_query) ?
$priv_name : ', ' . $priv_name) . ' = \'Y\'';
1145 $sql_query .= (empty($sql_query) ?
$priv_name : ', ' . $priv_name) . ' = \'N\'';
1150 if (get_magic_quotes_gpc() && $pma_pw != '') {
1151 $pma_pw = stripslashes($pma_pw);
1154 $local_query = 'INSERT INTO mysql.user '
1155 . 'SET Host = \'' . PMA_sqlAddslashes($host) . '\', User = \'' . PMA_sqlAddslashes($pma_user) . '\', ' . $password_field . ' = ' . (($pma_pw == '') ?
'\'\'' : 'PASSWORD(\'' . PMA_sqlAddslashes($pma_pw) . '\')')
1156 . ', ' . $sql_query;
1157 $sql_query = 'INSERT INTO mysql.user '
1158 . 'SET Host = \'' . PMA_sqlAddslashes($host) . '\', User = \'' . PMA_sqlAddslashes($pma_user) . '\', ' . $password_field . ' = ' . (($pma_pw == '') ?
'\'\'' : 'PASSWORD(\'' . ereg_replace('.', '*', $pma_pw) . '\')')
1159 . ', ' . $sql_query;
1160 $result = @PMA_mysql_query
($local_query) or PMA_mysqlDie('', '', FALSE, $err_url);
1163 PMA_showMessage($strAddUserMessage . '<br />' . $strRememberReload);
1167 // Updates the profile of an user
1168 else if (isset($submit_updProfile)) {
1171 if (!isset($host) ||
$host == '') {
1174 if (!isset($pma_user) ||
$pma_user == '') {
1178 // Builds the sql query
1181 if (isset($anyhost) && $anyhost) {
1183 } else if ($new_server != '' && get_magic_quotes_gpc()) {
1184 $new_server = stripslashes($new_server);
1186 if ($new_server != '' && $new_server != $host) {
1187 $common_upd .= 'Host = \'' . PMA_sqlAddslashes($new_server) . '\'';
1188 } else if (isset($new_server)) {
1192 if (isset($anyuser) && $anyuser) {
1194 } else if ($new_user != '' && get_magic_quotes_gpc()) {
1195 $new_user = stripslashes($new_user);
1197 if ($new_user != '' && $new_user != $pma_user) {
1198 $common_upd .= (empty($common_upd) ?
'' : ', ')
1199 . 'User = \'' . PMA_sqlAddslashes($new_user) . '\'';
1200 } else if (isset($new_user)) {
1204 if (isset($nopass) && $nopass == -1) {
1205 $sql_query = $common_upd;
1206 $local_query = $common_upd;
1208 else if ((!isset($nopass) ||
$nopass == 0) && $new_pw == '') {
1210 echo ' ' . $strHost . ' ' . $host . ' - ' . $strUser . ' ' . (($pma_user != '') ?
$pma_user : $strAny) . "\n";
1211 echo '</h1>' . "\n";
1212 echo '<p><b>' . $strError . ' : ' . $strPasswordEmpty . '</b></p>' . "\n";
1214 else if ($new_pw != ''
1215 && (!isset($new_pw2) ||
$new_pw != $new_pw2)) {
1217 echo ' ' . $strHost . ' ' . $host . ' - ' . $strUser . ' ' . (($pma_user != '') ?
$pma_user : $strAny) . "\n";
1218 echo '</h1>' . "\n";
1219 echo '<p><b>' . $strError . ' : ' . $strPasswordNotSame . '</b></p>' . "\n";
1222 $sql_query = (empty($common_upd) ?
'' : $common_upd . ', ')
1223 . $password_field . ' = ' . (($new_pw == '') ?
'\'\'' : 'PASSWORD(\'' . ereg_replace('.', '*', $new_pw) . '\')');
1224 $local_query = (empty($common_upd) ?
'' : $common_upd . ', ')
1225 . $password_field . ' = ' . (($new_pw == '') ?
'\'\'' : 'PASSWORD(\'' . PMA_sqlAddslashes($new_pw) . '\')');
1228 if (!empty($sql_query)) {
1229 $common_where = ' WHERE Host = \'' . PMA_sqlAddslashes($host) . '\' AND User = \'' . PMA_sqlAddslashes($pma_user) . '\'';
1232 $local_query = 'UPDATE user SET ' . $local_query . $common_where;
1233 $sql_query_cpy = 'UPDATE user SET ' . $sql_query . $common_where;
1234 $result = @PMA_mysql_query
($local_query) or PMA_mysqlDie('', '', FALSE, $err_url . '&host=' . urlencode($host) . '&pma_user=' . urlencode($pma_user) . '&edit=1');
1237 if (isset($new_server) ||
isset($new_user)) {
1238 $sql_query = 'UPDATE mysql.db SET ' . $common_upd . $common_where;
1239 $sql_query_cpy .= ";\n" . $sql_query;
1240 PMA_mysql_query($sql_query);
1241 $sql_query = 'UPDATE mysql.tables_priv SET ' . $common_upd . $common_where;
1242 $sql_query_cpy .= ";\n" . $sql_query;
1243 PMA_mysql_query($sql_query);
1244 $sql_query = 'UPDATE mysql.columns_priv SET ' . $common_upd . $common_where;
1245 $sql_query_cpy .= ";\n" . $sql_query;
1246 PMA_mysql_query($sql_query);
1250 $sql_query = $sql_query_cpy;
1251 unset($sql_query_cpy);
1252 if (isset($new_server)) {
1253 $host = $new_server;
1255 if (isset($new_user)) {
1256 $pma_user = $new_user;
1259 echo ' ' . $strHost . ' ' . $host . ' - ' . $strUser . ' ' . (($pma_user != '') ?
$pma_user : $strAny) . "\n";
1260 echo '</h1>' . "\n";
1261 PMA_showMessage($strUpdateProfileMessage . '<br />' . $strRememberReload);
1264 echo ' ' . $strHost . ' ' . $host . ' - ' . $strUser . ' ' . (($pma_user != '') ?
$pma_user : $strAny) . "\n";
1265 echo '</h1>' . "\n";
1266 PMA_showMessage($strNoModification);
1270 // Changes the privileges of an user
1271 else if (isset($submit_chgPriv)) {
1274 if (!isset($host) ||
$host == '') {
1277 if (!isset($pma_user) ||
$pma_user == '') {
1282 $list_priv = array('Select', 'Insert', 'Update', 'Delete', 'Create', 'Drop', 'Reload',
1283 'Shutdown', 'Process', 'File', 'Grant', 'References', 'Index', 'Alter');
1284 for ($i = 0; $i < 14; $i++
) {
1285 $priv_name = $list_priv[$i] . '_priv';
1286 if (isset($
$priv_name)) {
1287 $sql_query .= (empty($sql_query) ?
$priv_name : ', ' . $priv_name) . ' = \'Y\'';
1289 $sql_query .= (empty($sql_query) ?
$priv_name : ', ' . $priv_name) . ' = \'N\'';
1294 $sql_query = 'UPDATE user SET '
1296 . ' WHERE Host = \'' . PMA_sqlAddslashes($host) . '\' AND User = \'' . PMA_sqlAddslashes($pma_user) . '\'';
1297 $result = @PMA_mysql_query
($sql_query) or PMA_mysqlDie('', '', FALSE, $err_url . '&host=' . urlencode($host) . '&pma_user=' . urlencode($pma_user) . '&edit=1');
1298 PMA_showMessage(sprintf($strUpdatePrivMessage, '<span style="color: #002E80">' . $pma_user . '@' . $host . '</span>') . '<br />' . $strRememberReload);
1301 // Revoke/Grant privileges
1302 else if (isset($grants) && $grants) {
1304 if (!isset($host) ||
$host == '') {
1307 if (!isset($pma_user) ||
$pma_user == '') {
1311 if (isset($upd_grants)) {
1315 if (isset($colgrant) && !$anycolumn && !$newdb) {
1316 $colgrant_cnt = count($colgrant);
1317 for ($i = 0; $i < $colgrant_cnt; $i++
) {
1318 if (get_magic_quotes_gpc()) {
1319 $colgrant[$i] = stripslashes($colgrant[$i]);
1321 $col_list .= (empty($col_list) ?
PMA_backquote($colgrant[$i]) : ', ' . PMA_backquote($colgrant[$i]));
1324 $col_list = ' (' . $col_list . ')';
1327 $list_priv = array('Select', 'Insert', 'Update', 'Delete', 'Create', 'Drop', 'Reload',
1328 'Shutdown', 'Process', 'File', 'References', 'Index', 'Alter');
1329 for ($i = 0; $i < 13; $i++
) {
1330 $priv_name = $list_priv[$i] . '_priv';
1331 if (isset($
$priv_name)) {
1332 $sql_query .= (empty($sql_query) ?
$list_priv[$i] : ', ' . $list_priv[$i]) . $col_list;
1336 if (empty($sql_query)) {
1337 $sql_query = 'USAGE' . $col_list;
1339 $priv_grant = 'Grant_priv';
1340 $priv_grant = (isset($
$priv_grant) ?
' WITH GRANT OPTION' : '');
1342 if (get_magic_quotes_gpc()) {
1344 $newdb = stripslashes($newdb);
1346 if (isset($dbgrant) && !$anydb && !$newdb) {
1347 $dbgrant = stripslashes($dbgrant);
1349 if (isset($tablegrant) && !$anytable && !$newdb) {
1350 $tablegrant = stripslashes($tablegrant);
1355 // Escape wilcard characters if required
1356 if (isset($dbgrant) && !$anydb && !$newdb) {
1357 $re = '(^|(\\\\\\\\)+|[^\])(_|%)'; // non-escaped wildcards
1358 $dbgrant = ereg_replace($re, '\\1\\\\3', $dbgrant);
1362 $sql_query .= ' ON '
1363 . (($anydb ||
$dbgrant == '') ?
'*' : PMA_backquote($dbgrant))
1365 . (($anytable ||
$tablegrant == '') ?
'*' : PMA_backquote($tablegrant));
1367 $sql_query .= ' ON ' . PMA_backquote($newdb) . '.*';
1370 $sql_query .= ' TO ' . '\'' . PMA_sqlAddslashes($pma_user) . '\'' . '@' . '\'' . PMA_sqlAddslashes($host) . '\'';
1372 $sql_query = 'GRANT ' . $sql_query . $priv_grant;
1373 $result = @PMA_mysql_query
($sql_query) or PMA_mysqlDie('', '', FALSE, $err_url . '&host=' . urlencode($host) . '&pma_user=' . urlencode($pma_user) . '&grants=1');
1374 PMA_showMessage($strAddPrivMessage . '.<br />' . $strRememberReload);
1383 // Edit an user properies
1384 if (isset($edit) && $edit) {
1385 PMA_tableUsers($host, $pma_user);
1386 PMA_editOperations($host, $pma_user);
1389 // Revoke/Grant privileges for an user
1390 else if (isset($grants) && $grants) {
1391 // Displays the full list of privileges for this host & user
1392 $infos['Host'] = $host;
1393 $infos['User'] = $pma_user;
1394 PMA_tableGrants($infos);
1396 // Displays the list of privileges for user on the selected db/table/column
1397 $user_priv = array();
1398 $list_priv = array('Select', 'Insert', 'Update', 'Delete', 'Create', 'Drop', 'Reload',
1399 'Shutdown', 'Process', 'File', 'Grant', 'References', 'Index',
1401 $list_priv_new = array();
1403 // Gets globals privileges
1404 $result = PMA_mysql_query('SELECT * FROM mysql.user WHERE (Host = \'' . PMA_sqlAddslashes($host) . '\' OR Host = \'%\') AND (User = \'' . PMA_sqlAddslashes($pma_user) . '\' OR User = \'\')');
1405 $row = ($result) ? @PMA_mysql_fetch_array
($result) : FALSE;
1407 while (list(,$priv) = each($list_priv)) {
1408 $priv_priv = $priv . '_priv';
1409 if ($row[$priv_priv] == 'Y') {
1410 $user_priv[$priv_priv] = 'Y';
1412 $user_priv[$priv_priv] = 'N';
1413 $list_priv_new[] = $priv;
1416 mysql_free_result($result);
1417 $list_priv = $list_priv_new;
1418 unset($list_priv_new);
1419 $list_priv_new = array();
1422 // If a target database is set, gets privileges for this database
1423 if (count($list_priv) && isset($dbgrant)) {
1424 if (get_magic_quotes_gpc()) {
1425 $dbgrant = stripslashes($dbgrant);
1427 $result = PMA_mysql_query('SELECT * FROM mysql.db WHERE (Host = \'' . PMA_sqlAddslashes($host) . '\' OR Host = \'%\') AND (User = \'' . PMA_sqlAddslashes($pma_user) . '\' OR User = \'\') AND Db = \'' . PMA_sqlAddslashes($dbgrant) . '\'');
1428 $row = ($result) ? @PMA_mysql_fetch_array
($result) : FALSE;
1430 while (list(,$priv) = each($list_priv)) {
1431 $priv_priv = $priv . '_priv';
1432 if (isset($row[$priv_priv]) && $row[$priv_priv] == 'Y') {
1433 $user_priv[$priv_priv] = 'Y';
1435 $list_priv_new[] = $priv;
1438 mysql_free_result($result);
1439 $list_priv = $list_priv_new;
1440 unset($list_priv_new);
1441 $list_priv_new = array();
1445 // If a target table is set, gets privileges for this table
1446 if (count($list_priv) && isset($tablegrant)) {
1447 if (get_magic_quotes_gpc()) {
1448 $tablegrant = stripslashes($tablegrant);
1450 $result = PMA_mysql_query('SELECT * FROM mysql.tables_priv WHERE (Host = \'' . PMA_sqlAddslashes($host) . '\' OR Host = \'%\') AND (User = \'' . PMA_sqlAddslashes($pma_user) . '\' OR User = \'\') AND Db = \'' . PMA_sqlAddslashes($dbgrant) . '\' AND Table_name = \'' . PMA_sqlAddslashes($tablegrant) . '\'');
1451 $row = ($result) ? @PMA_mysql_fetch_array
($result) : FALSE;
1452 if ($row && $row['Table_priv']) {
1453 while (list(,$priv) = each($list_priv)) {
1454 $priv_priv = $priv . '_priv';
1455 if (eregi('(^|,)' . $priv . '(,|$)', $row['Table_priv'])) {
1456 $user_priv[$priv_priv] = 'Y';
1458 $list_priv_new[] = $priv;
1461 mysql_free_result($result);
1462 $list_priv = $list_priv_new;
1463 unset($list_priv_new);
1464 $list_priv_new = array();
1468 // TODO: column privileges
1470 PMA_grantOperations($user_priv);
1473 // Check database privileges
1474 else if (isset($check) && $check) {
1479 <a href
="user_details.php3?lang=<?php echo $lang;?>&convcharset=<?php echo $convcharset; ?>&server=<?php echo $server; ?>&db=mysql&table=user">
1480 <?php
echo $strBack; ?
></a
>
1487 // Displays all users profiles
1489 if (!isset($host)) {
1492 if (!isset($pma_user)) {
1495 PMA_tableUsers($host, $pma_user) or PMA_mysqlDie($strNoUsersFound, '', FALSE, '');
1496 PMA_normalOperations();
1501 * Displays the footer
1503 require('./footer.inc.php3');