ISPConfig3 devel
blame | history | patch | commit | commitdiff | show whitespace
tbrehm
2010-10-05 dd60d57be92243b272936065e09577bbc6bf452e 
 interface/web/sites/database_edit.php


@@ -262,6 +262,17 @@


      if(strlen($dbname_prefix . $this->dataRecord['database_name']) > 64) $app->tform->errorMessage .= str_replace('{db}',$dbname_prefix . $this->dataRecord['database_name'],$app->tform->wordbook["database_name_error_len"]).'<br />';


      if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}',$dbuser_prefix . $this->dataRecord['database_user'],$app->tform->wordbook["database_user_error_len"]).'<br />';




      //* Check database name and user against blacklist


      $dbname_blacklist = array($conf['db_database'],'mysql');


      if(in_array($dbname_prefix . $this->dataRecord['database_name'],$dbname_blacklist)) {


         $app->tform->errorMessage .= $app->lng('Database name not allowed.').'<br />';


      }


		


      $dbuser_blacklist = array($conf['db_user'],'mysql','root');


      if(in_array($dbname_prefix . $this->dataRecord['database_user'],$dbname_blacklist)) {


         $app->tform->errorMessage .= $app->lng('Database user not allowed.').'<br />';


      }


		


      if ($app->tform->errorMessage == ''){


         /* restrict the names if there is no error */


            /* crop user and db names if they are too long -> mysql: user: 16 chars / db: 64 chars */


@@ -288,6 +299,16 @@


      if(strlen($dbname_prefix . $this->dataRecord['database_name']) > 64) $app->tform->errorMessage .= str_replace('{db}',$dbname_prefix . $this->dataRecord['database_name'],$app->tform->wordbook["database_name_error_len"]).'<br />';


      if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}',$dbuser_prefix . $this->dataRecord['database_user'],$app->tform->wordbook["database_user_error_len"]).'<br />';




      //* Check database name and user against blacklist


      $dbname_blacklist = array($conf['db_database'],'mysql');


      if(in_array($dbname_prefix . $this->dataRecord['database_name'],$dbname_blacklist)) {


         $app->tform->errorMessage .= $app->lng('Database name not allowed.').'<br />';


      }


		


      $dbuser_blacklist = array($conf['db_user'],'mysql','root');


      if(in_array($dbname_prefix . $this->dataRecord['database_user'],$dbname_blacklist)) {


         $app->tform->errorMessage .= $app->lng('Database user not allowed.').'<br />';


      }




      /* restrict the names */


        /* crop user and db names if they are too long -> mysql: user: 16 chars / db: 64 chars */