From d18ac59c65621307eb559ae27d7aaa3305fda621 Mon Sep 17 00:00:00 2001
From: mcramer <m.cramer@pixcept.de>
Date: Wed, 12 Jun 2013 04:27:43 -0400
Subject: [PATCH] Reworked database user management to fix FS#2918 - multiserver - remote access db passwd not changed , when changed access from IP to % and vice versa
---
server/plugins-available/mysql_clientdb_plugin.inc.php | 118 ++++++++++++++++++++++++--------------
interface/web/sites/database_del.php | 2
interface/lib/plugins/sites_web_database_user_plugin.inc.php | 2
interface/web/sites/database_user_edit.php | 8 +-
interface/web/sites/database_edit.php | 4
interface/lib/classes/sites_database_plugin.inc.php | 18 +++---
6 files changed, 91 insertions(+), 61 deletions(-)
diff --git a/interface/lib/classes/sites_database_plugin.inc.php b/interface/lib/classes/sites_database_plugin.inc.php
index 11fe91c..37cc546 100644
--- a/interface/lib/classes/sites_database_plugin.inc.php
+++ b/interface/lib/classes/sites_database_plugin.inc.php
@@ -33,7 +33,7 @@
public function processDatabaseInsert($form_page) {
global $app;
- if($form_page->dataRecord["parent_domain_id"] > 0) {
+ /*if($form_page->dataRecord["parent_domain_id"] > 0) {
$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$app->functions->intval($form_page->dataRecord["parent_domain_id"]));
//* The Database user shall be owned by the same group then the website
@@ -42,7 +42,7 @@
$sys_groupid = $form_page->dataRecord['sys_groupid'];
}
-
+
if($form_page->dataRecord['database_user_id']) {
// check if there has already been a database on this server with that user
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . $app->functions->intval($form_page->dataRecord['server_id']) . "' AND (`database_user_id` = '" . $app->functions->intval($form_page->dataRecord['database_user_id']) . "' OR `database_ro_user_id` = '" . $app->functions->intval($form_page->dataRecord['database_user_id']) . "')");
@@ -69,13 +69,13 @@
$app->db->datalogSave('web_database_user', 'INSERT', 'database_user_id', $db_user['database_user_id'], array(), $db_user);
}
}
- }
+ }*/
}
public function processDatabaseUpdate($form_page) {
global $app;
- $old_record = $app->db->queryOneRecord('SELECT * FROM `web_database` WHERE `database_id` = ' . $app->functions->intval($form_page->id));
+ /*$old_record = $app->db->queryOneRecord('SELECT * FROM `web_database` WHERE `database_id` = ' . $app->functions->intval($form_page->id));
if($form_page->dataRecord["parent_domain_id"] > 0) {
$web = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain_id = ".$app->functions->intval($form_page->dataRecord["parent_domain_id"]));
@@ -111,9 +111,9 @@
$app->db->datalogSave('web_database_user', 'DELETE', 'database_user_id', $db_user['database_user_id'], $db_user, array());
}
}
- }
+ }*/
- if($form_page->dataRecord['database_user_id']) {
+ /*if($form_page->dataRecord['database_user_id']) {
// check if there has already been a database on this server with that user
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . $app->functions->intval($form_page->dataRecord['server_id']) . "' AND (`database_user_id` = '" . $app->functions->intval($form_page->dataRecord['database_user_id']) . "' OR `database_ro_user_id` = '" . $app->functions->intval($form_page->dataRecord['database_user_id']) . "')");
@@ -139,14 +139,14 @@
$app->db->datalogSave('web_database_user', 'INSERT', 'database_user_id', $db_user['database_user_id'], array(), $db_user);
}
}
- }
+ }*/
}
public function processDatabaseDelete($primary_id) {
global $app;
- $old_record = $app->db->queryOneRecord('SELECT * FROM `web_database` WHERE `database_id` = ' . $app->functions->intval($primary_id));
+ /*$old_record = $app->db->queryOneRecord('SELECT * FROM `web_database` WHERE `database_id` = ' . $app->functions->intval($primary_id));
if($old_record['database_user_id']) {
// check if any database on the server still uses this one
$check = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `server_id` = '" . $app->functions->intval($old_record['server_id']) . "' AND (`database_user_id` = '" . $app->functions->intval($old_record['database_user_id']) . "' OR `database_ro_user_id` = '" . $app->functions->intval($old_record['database_user_id']) . "') AND `database_id` != '" . $app->functions->intval($primary_id) . "'");
@@ -170,7 +170,7 @@
$app->db->datalogSave('web_database_user', 'DELETE', 'database_user_id', $db_user['database_user_id'], $db_user, array());
}
}
- }
+ }*/
}
}
diff --git a/interface/lib/plugins/sites_web_database_user_plugin.inc.php b/interface/lib/plugins/sites_web_database_user_plugin.inc.php
index 0be7502..791ee59 100644
--- a/interface/lib/plugins/sites_web_database_user_plugin.inc.php
+++ b/interface/lib/plugins/sites_web_database_user_plugin.inc.php
@@ -36,6 +36,6 @@
$client_group_id = $app->functions->intval($page_form->dataRecord["client_group_id"]);
$app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_user_id = ".$page_form->id);
}
- $app->db->query("UPDATE web_database_user SET server_id = '" . $app->functions->intval($conf['server_id']) . "' WHERE database_user_id = ".$page_form->id);
+ //$app->db->query("UPDATE web_database_user SET server_id = '" . $app->functions->intval($conf['server_id']) . "' WHERE database_user_id = ".$page_form->id);
}
}
\ No newline at end of file
diff --git a/interface/web/sites/database_del.php b/interface/web/sites/database_del.php
index 2dc90fd..d3c00cd 100644
--- a/interface/web/sites/database_del.php
+++ b/interface/web/sites/database_del.php
@@ -52,7 +52,7 @@
if($app->tform->checkPerm($this->id,'d') == false) $app->error($app->lng('error_no_delete_permission'));
$app->uses('sites_database_plugin');
- $app->sites_database_plugin->processDatabaseDelete($this->id);
+ //$app->sites_database_plugin->processDatabaseDelete($this->id);
}
}
diff --git a/interface/web/sites/database_edit.php b/interface/web/sites/database_edit.php
index c259ff0..833b18d 100644
--- a/interface/web/sites/database_edit.php
+++ b/interface/web/sites/database_edit.php
@@ -341,7 +341,7 @@
$app->uses('sites_database_plugin');
- $app->sites_database_plugin->processDatabaseInsert($this);
+ //$app->sites_database_plugin->processDatabaseInsert($this);
$app->db->query($sql);
if($app->db->errorMessage != '') die($app->db->errorMessage);
@@ -355,7 +355,7 @@
if(!empty($sql) && !$app->tform->isReadonlyTab($app->tform->getCurrentTab(),$this->id)) {
$app->uses('sites_database_plugin');
- $app->sites_database_plugin->processDatabaseUpdate($this);
+ //$app->sites_database_plugin->processDatabaseUpdate($this);
$app->db->query($sql);
if($app->db->errorMessage != '') die($app->db->errorMessage);
diff --git a/interface/web/sites/database_user_edit.php b/interface/web/sites/database_user_edit.php
index a6b08b3..1c2defa 100644
--- a/interface/web/sites/database_user_edit.php
+++ b/interface/web/sites/database_user_edit.php
@@ -147,7 +147,7 @@
$this->dataRecord['database_user'] = substr($dbuser_prefix . $this->dataRecord['database_user'], 0, 16);
}
- $this->dataRecord['server_id'] = 0;
+ $this->dataRecord['server_id'] = 0; // we need this on all servers
parent::onBeforeUpdate();
}
@@ -179,7 +179,7 @@
$this->dataRecord['database_user'] = substr($dbuser_prefix . $this->dataRecord['database_user'], 0, 16);
}
- $this->dataRecord['server_id'] = $conf['server_id'];
+ $this->dataRecord['server_id'] = 0; // we need this on all servers
parent::onBeforeInsert();
}
@@ -209,7 +209,7 @@
$app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_user_id = ".$this->id);
}
- $password = $app->db->queryOneRecord("SELECT database_password FROM web_database_user WHERE database_user_id = ".$this->id);
+ /*$password = $app->db->queryOneRecord("SELECT database_password FROM web_database_user WHERE database_user_id = ".$this->id);
$records = $app->db->queryAllRecords("SELECT DISTINCT server_id FROM web_database WHERE database_user_id = '".$app->functions->intval($this->id)."' UNION SELECT DISTINCT server_id FROM web_database WHERE database_ro_user_id = '".$app->functions->intval($this->id)."'");
foreach($records as $rec) {
@@ -219,7 +219,7 @@
$new_rec['database_password'] = $password['database_password'];
$app->db->datalogSave('web_database_user', 'UPDATE', 'database_user_id', $this->id, $this->oldDataRecord, $new_rec);
}
- unset($new_rec);
+ unset($new_rec);*/
}
}
diff --git a/server/plugins-available/mysql_clientdb_plugin.inc.php b/server/plugins-available/mysql_clientdb_plugin.inc.php
index 393c3fb..b4fa6d3 100644
--- a/server/plugins-available/mysql_clientdb_plugin.inc.php
+++ b/server/plugins-available/mysql_clientdb_plugin.inc.php
@@ -247,8 +247,10 @@
// get the users for this database
$db_user = $app->db->queryOneRecord("SELECT `database_user`, `database_password` FROM `web_database_user` WHERE `database_user_id` = '" . intval($data['new']['database_user_id']) . "'");
+ $old_db_user = $app->db->queryOneRecord("SELECT `database_user`, `database_password` FROM `web_database_user` WHERE `database_user_id` = '" . intval($data['old']['database_user_id']) . "'");
$db_ro_user = $app->db->queryOneRecord("SELECT `database_user`, `database_password` FROM `web_database_user` WHERE `database_user_id` = '" . intval($data['new']['database_ro_user_id']) . "'");
+ $old_db_ro_user = $app->db->queryOneRecord("SELECT `database_user`, `database_password` FROM `web_database_user` WHERE `database_user_id` = '" . intval($data['old']['database_ro_user_id']) . "'");
$host_list = '';
if($data['new']['remote_access'] == 'y') {
@@ -278,28 +280,28 @@
else $this->process_host_list('GRANT', $data['new']['database_name'], $db_ro_user['database_user'], $db_ro_user['database_password'], $host_list, $link, '', true);
}
} else if($data['new']['active'] == 'n' && $data['old']['active'] == 'y') { // revoke database user, if inactive
- if($db_user) {
- if($db_user['database_user'] == 'root'){
+ if($old_db_user) {
+ if($old_db_user['database_user'] == 'root'){
$app->log('User root not allowed for Client databases',LOGLEVEL_WARNING);
} else {
// Find out users to drop and users to revoke
- $drop_or_revoke_user = $this->drop_or_revoke_user($data['new']['database_id'], $data['new']['database_user_id'], $old_host_list);
- if($drop_or_revoke_user['drop_hosts'] != '') $this->process_host_list('DROP', $data['new']['database_name'], $db_user['database_user'], $db_user['database_password'], $drop_or_revoke_user['drop_hosts'], $link);
- if($drop_or_revoke_user['revoke_hosts'] != '') $this->process_host_list('REVOKE', $data['new']['database_name'], $db_user['database_user'], $db_user['database_password'], $drop_or_revoke_user['revoke_hosts'], $link);
+ $drop_or_revoke_user = $this->drop_or_revoke_user($data['old']['database_id'], $data['old']['database_user_id'], $old_host_list);
+ if($drop_or_revoke_user['drop_hosts'] != '') $this->process_host_list('DROP', $data['old']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $drop_or_revoke_user['drop_hosts'], $link);
+ if($drop_or_revoke_user['revoke_hosts'] != '') $this->process_host_list('REVOKE', $data['old']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $drop_or_revoke_user['revoke_hosts'], $link);
//$this->process_host_list('DROP', $data['new']['database_name'], $db_user['database_user'], $db_user['database_password'], $old_host_list, $link);
//$this->process_host_list('REVOKE', $data['new']['database_name'], $db_user['database_user'], $db_user['database_password'], $old_host_list, $link);
}
}
- if($db_ro_user && $data['new']['database_user_id'] != $data['new']['database_ro_user_id']) {
- if($db_ro_user['database_user'] == 'root'){
+ if($old_db_ro_user && $data['old']['database_user_id'] != $data['old']['database_ro_user_id']) {
+ if($old_db_ro_user['database_user'] == 'root'){
$app->log('User root not allowed for Client databases',LOGLEVEL_WARNING);
} else {
// Find out users to drop and users to revoke
- $drop_or_revoke_user = $this->drop_or_revoke_user($data['new']['database_id'], $data['new']['database_ro_user_id'], $old_host_list);
- if($drop_or_revoke_user['drop_hosts'] != '') $this->process_host_list('DROP', $data['new']['database_name'], $db_ro_user['database_user'], $db_ro_user['database_password'], $drop_or_revoke_user['drop_hosts'], $link);
- if($drop_or_revoke_user['revoke_hosts'] != '') $this->process_host_list('REVOKE', $data['new']['database_name'], $db_ro_user['database_user'], $db_ro_user['database_password'], $drop_or_revoke_user['revoke_hosts'], $link);
+ $drop_or_revoke_user = $this->drop_or_revoke_user($data['old']['database_id'], $data['old']['database_ro_user_id'], $old_host_list);
+ if($drop_or_revoke_user['drop_hosts'] != '') $this->process_host_list('DROP', $data['old']['database_name'], $old_db_ro_user['database_user'], $old_db_ro_user['database_password'], $drop_or_revoke_user['drop_hosts'], $link);
+ if($drop_or_revoke_user['revoke_hosts'] != '') $this->process_host_list('REVOKE', $data['old']['database_name'], $old_db_ro_user['database_user'], $old_db_ro_user['database_password'], $drop_or_revoke_user['revoke_hosts'], $link);
//$this->process_host_list('DROP', $data['new']['database_name'], $db_ro_user['database_user'], $db_ro_user['database_password'], $old_host_list, $link);
//$this->process_host_list('REVOKE', $data['new']['database_name'], $db_ro_user['database_user'], $db_ro_user['database_password'], $old_host_list, $link);
@@ -314,15 +316,14 @@
//* selected Users have changed
if($data['new']['database_user_id'] != $data['old']['database_user_id']) {
if($data['old']['database_user_id'] && $data['old']['database_user_id'] != $data['new']['database_ro_user_id']) {
- $old_db_user = $app->db->queryOneRecord("SELECT `database_user`, `database_password` FROM `web_database_user` WHERE `database_user_id` = '" . intval($data['old']['database_user_id']) . "'");
if($old_db_user) {
if($old_db_user['database_user'] == 'root'){
$app->log('User root not allowed for Client databases',LOGLEVEL_WARNING);
} else {
// Find out users to drop and users to revoke
- $drop_or_revoke_user = $this->drop_or_revoke_user($data['new']['database_id'], $data['old']['database_user_id'], $old_host_list);
- if($drop_or_revoke_user['drop_hosts'] != '') $this->process_host_list('DROP', $data['new']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $drop_or_revoke_user['drop_hosts'], $link);
- if($drop_or_revoke_user['revoke_hosts'] != '') $this->process_host_list('REVOKE', $data['new']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $drop_or_revoke_user['revoke_hosts'], $link);
+ $drop_or_revoke_user = $this->drop_or_revoke_user($data['old']['database_id'], $data['old']['database_user_id'], $old_host_list);
+ if($drop_or_revoke_user['drop_hosts'] != '') $this->process_host_list('DROP', $data['old']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $drop_or_revoke_user['drop_hosts'], $link);
+ if($drop_or_revoke_user['revoke_hosts'] != '') $this->process_host_list('REVOKE', $data['old']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $drop_or_revoke_user['revoke_hosts'], $link);
//$this->process_host_list('DROP', $data['new']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $old_host_list, $link);
//$this->process_host_list('REVOKE', $data['new']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $old_host_list, $link);
@@ -336,15 +337,14 @@
}
if($data['new']['database_ro_user_id'] != $data['old']['database_ro_user_id']) {
if($data['old']['database_ro_user_id'] && $data['old']['database_ro_user_id'] != $data['new']['database_user_id']) {
- $old_db_user = $app->db->queryOneRecord("SELECT `database_user`, `database_password` FROM `web_database_user` WHERE `database_user_id` = '" . intval($data['old']['database_ro_user_id']) . "'");
- if($old_db_user) {
- if($old_db_user['database_user'] == 'root'){
+ if($old_db_ro_user) {
+ if($old_db_ro_user['database_user'] == 'root'){
$app->log('User root not allowed for Client databases',LOGLEVEL_WARNING);
} else {
// Find out users to drop and users to revoke
- $drop_or_revoke_user = $this->drop_or_revoke_user($data['new']['database_id'], $data['old']['database_user_id'], $old_host_list);
- if($drop_or_revoke_user['drop_hosts'] != '') $this->process_host_list('DROP', $data['new']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $drop_or_revoke_user['drop_hosts'], $link);
- if($drop_or_revoke_user['revoke_hosts'] != '') $this->process_host_list('REVOKE', $data['new']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $drop_or_revoke_user['revoke_hosts'], $link);
+ $drop_or_revoke_user = $this->drop_or_revoke_user($data['old']['database_id'], $data['old']['database_user_id'], $old_host_list);
+ if($drop_or_revoke_user['drop_hosts'] != '') $this->process_host_list('DROP', $data['old']['database_name'], $old_db_ro_user['database_user'], $old_db_ro_user['database_password'], $drop_or_revoke_user['drop_hosts'], $link);
+ if($drop_or_revoke_user['revoke_hosts'] != '') $this->process_host_list('REVOKE', $data['old']['database_name'], $old_db_ro_user['database_user'], $old_db_ro_user['database_password'], $drop_or_revoke_user['revoke_hosts'], $link);
//$this->process_host_list('DROP', $data['new']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $old_host_list, $link);
//$this->process_host_list('REVOKE', $data['new']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $old_host_list, $link);
@@ -377,27 +377,27 @@
else $this->process_host_list('GRANT', $data['new']['database_name'], $db_ro_user['database_user'], $db_ro_user['database_password'], $data['new']['remote_ips'], $link, '', true);
}
} else {
- if($db_user) {
- if($db_user['database_user'] == 'root'){
+ if($old_db_user) {
+ if($old_db_user['database_user'] == 'root'){
$app->log('User root not allowed for Client databases',LOGLEVEL_WARNING);
} else {
// Find out users to drop and users to revoke
- $drop_or_revoke_user = $this->drop_or_revoke_user($data['new']['database_id'], $data['new']['database_user_id'], $data['old']['remote_ips']);
- if($drop_or_revoke_user['drop_hosts'] != '') $this->process_host_list('DROP', $data['new']['database_name'], $db_user['database_user'], $db_user['database_password'], $drop_or_revoke_user['drop_hosts'], $link);
- if($drop_or_revoke_user['revoke_hosts'] != '') $this->process_host_list('REVOKE', $data['new']['database_name'], $db_user['database_user'], $db_user['database_password'], $drop_or_revoke_user['revoke_hosts'], $link);
+ $drop_or_revoke_user = $this->drop_or_revoke_user($data['old']['database_id'], $data['old']['database_user_id'], $data['old']['remote_ips']);
+ if($drop_or_revoke_user['drop_hosts'] != '') $this->process_host_list('DROP', $data['old']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $drop_or_revoke_user['drop_hosts'], $link);
+ if($drop_or_revoke_user['revoke_hosts'] != '') $this->process_host_list('REVOKE', $data['old']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $drop_or_revoke_user['revoke_hosts'], $link);
//$this->process_host_list('DROP', $data['new']['database_name'], $db_user['database_user'], $db_user['database_password'], $data['old']['remote_ips'], $link);
//$this->process_host_list('REVOKE', $data['new']['database_name'], $db_user['database_user'], $db_user['database_password'], $data['old']['remote_ips'], $link);
}
}
- if($db_ro_user && $data['new']['database_user_id'] != $data['new']['database_ro_user_id']) {
- if($db_ro_user['database_user'] == 'root'){
+ if($old_db_ro_user && $data['old']['database_user_id'] != $data['old']['database_ro_user_id']) {
+ if($old_db_ro_user['database_user'] == 'root'){
$app->log('User root not allowed for Client databases',LOGLEVEL_WARNING);
} else {
// Find out users to drop and users to revoke
- $drop_or_revoke_user = $this->drop_or_revoke_user($data['new']['database_id'], $data['new']['database_ro_user_id'], $data['old']['remote_ips']);
- if($drop_or_revoke_user['drop_hosts'] != '') $this->process_host_list('DROP', $data['new']['database_name'], $db_ro_user['database_user'], $db_ro_user['database_password'], $drop_or_revoke_user['drop_hosts'], $link);
- if($drop_or_revoke_user['revoke_hosts'] != '') $this->process_host_list('REVOKE', $data['new']['database_name'], $db_ro_user['database_user'], $db_ro_user['database_password'], $drop_or_revoke_user['revoke_hosts'], $link);
+ $drop_or_revoke_user = $this->drop_or_revoke_user($data['old']['database_id'], $data['old']['database_ro_user_id'], $data['old']['remote_ips']);
+ if($drop_or_revoke_user['drop_hosts'] != '') $this->process_host_list('DROP', $data['old']['database_name'], $old_db_ro_user['database_user'], $old_db_ro_user['database_password'], $drop_or_revoke_user['drop_hosts'], $link);
+ if($drop_or_revoke_user['revoke_hosts'] != '') $this->process_host_list('REVOKE', $data['old']['database_name'], $old_db_ro_user['database_user'], $old_db_ro_user['database_password'], $drop_or_revoke_user['revoke_hosts'], $link);
//$this->process_host_list('DROP', $data['new']['database_name'], $db_ro_user['database_user'], $db_ro_user['database_password'], $data['old']['remote_ips'], $link);
//$this->process_host_list('REVOKE', $data['new']['database_name'], $db_ro_user['database_user'], $db_ro_user['database_password'], $data['old']['remote_ips'], $link);
@@ -407,31 +407,39 @@
$app->log('Changing MySQL remote access privileges for database: '.$data['new']['database_name'],LOGLEVEL_DEBUG);
} elseif($data['new']['remote_access'] == 'y' && $data['new']['remote_ips'] != $data['old']['remote_ips']) {
//* Change remote access list
+ if($old_db_user) {
+ if($old_db_user['database_user'] == 'root'){
+ $app->log('User root not allowed for Client databases',LOGLEVEL_WARNING);
+ } else {
+ // Find out users to drop and users to revoke
+ $drop_or_revoke_user = $this->drop_or_revoke_user($data['old']['database_id'], $data['old']['database_user_id'], $data['old']['remote_ips']);
+ if($drop_or_revoke_user['drop_hosts'] != '') $this->process_host_list('DROP', $data['old']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $drop_or_revoke_user['drop_hosts'], $link);
+ if($drop_or_revoke_user['revoke_hosts'] != '') $this->process_host_list('REVOKE', $data['old']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $drop_or_revoke_user['revoke_hosts'], $link);
+ }
+ }
if($db_user) {
if($db_user['database_user'] == 'root'){
$app->log('User root not allowed for Client databases',LOGLEVEL_WARNING);
} else {
- // Find out users to drop and users to revoke
- $drop_or_revoke_user = $this->drop_or_revoke_user($data['new']['database_id'], $data['new']['database_user_id'], $data['old']['remote_ips']);
- if($drop_or_revoke_user['drop_hosts'] != '') $this->process_host_list('DROP', $data['new']['database_name'], $db_user['database_user'], $db_user['database_password'], $drop_or_revoke_user['drop_hosts'], $link);
- if($drop_or_revoke_user['revoke_hosts'] != '') $this->process_host_list('REVOKE', $data['new']['database_name'], $db_user['database_user'], $db_user['database_password'], $drop_or_revoke_user['revoke_hosts'], $link);
-
- //$this->process_host_list('DROP', $data['new']['database_name'], $db_user['database_user'], $db_user['database_password'], $data['old']['remote_ips'], $link);
- //$this->process_host_list('REVOKE', $data['new']['database_name'], $db_user['database_user'], $db_user['database_password'], $data['old']['remote_ips'], $link);
$this->process_host_list('GRANT', $data['new']['database_name'], $db_user['database_user'], $db_user['database_password'], $data['new']['remote_ips'], $link);
}
}
+
+ if($old_db_ro_user && $data['old']['database_user_id'] != $data['old']['database_ro_user_id']) {
+ if($old_db_ro_user['database_user'] == 'root'){
+ $app->log('User root not allowed for Client databases',LOGLEVEL_WARNING);
+ } else {
+ // Find out users to drop and users to revoke
+ $drop_or_revoke_user = $this->drop_or_revoke_user($data['old']['database_id'], $data['old']['database_user_id'], $data['old']['remote_ips']);
+ if($drop_or_revoke_user['drop_hosts'] != '') $this->process_host_list('DROP', $data['old']['database_name'], $old_db_ro_user['database_user'], $old_db_ro_user['database_password'], $drop_or_revoke_user['drop_hosts'], $link);
+ if($drop_or_revoke_user['revoke_hosts'] != '') $this->process_host_list('REVOKE', $data['old']['database_name'], $old_db_ro_user['database_user'], $old_db_ro_user['database_password'], $drop_or_revoke_user['revoke_hosts'], $link);
+ }
+ }
+
if($db_ro_user && $data['new']['database_user_id'] != $data['new']['database_ro_user_id']) {
if($db_ro_user['database_user'] == 'root'){
$app->log('User root not allowed for Client databases',LOGLEVEL_WARNING);
} else {
- // Find out users to drop and users to revoke
- $drop_or_revoke_user = $this->drop_or_revoke_user($data['new']['database_id'], $data['new']['database_user_id'], $data['old']['remote_ips']);
- if($drop_or_revoke_user['drop_hosts'] != '') $this->process_host_list('DROP', $data['new']['database_name'], $db_ro_user['database_user'], $db_ro_user['database_password'], $drop_or_revoke_user['drop_hosts'], $link);
- if($drop_or_revoke_user['revoke_hosts'] != '') $this->process_host_list('REVOKE', $data['new']['database_name'], $db_ro_user['database_user'], $db_ro_user['database_password'], $drop_or_revoke_user['revoke_hosts'], $link);
-
- //$this->process_host_list('DROP', $data['new']['database_name'], $db_ro_user['database_user'], $db_ro_user['database_password'], $data['old']['remote_ips'], $link);
- //$this->process_host_list('REVOKE', $data['new']['database_name'], $db_ro_user['database_user'], $db_ro_user['database_password'], $data['old']['remote_ips'], $link);
$this->process_host_list('GRANT', $data['new']['database_name'], $db_ro_user['database_user'], $db_ro_user['database_password'], $data['new']['remote_ips'], $link, '', true);
}
}
@@ -460,6 +468,28 @@
return;
}
+ $old_host_list = '';
+ if($data['old']['remote_access'] == 'y') {
+ $old_host_list = $data['old']['remote_ips'];
+ if($old_host_list == '') $old_host_list = '%';
+ }
+ if($old_host_list != '') $old_host_list .= ',';
+ $old_host_list .= 'localhost';
+
+ if($data['old']['database_user_id']) {
+ $old_db_user = $app->db->queryOneRecord("SELECT `database_user`, `database_password` FROM `web_database_user` WHERE `database_user_id` = '" . intval($data['old']['database_user_id']) . "'");
+ $drop_or_revoke_user = $this->drop_or_revoke_user($data['old']['database_id'], $data['old']['database_user_id'], $old_host_list);
+ if($drop_or_revoke_user['drop_hosts'] != '') $this->process_host_list('DROP', $data['old']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $drop_or_revoke_user['drop_hosts'], $link);
+ if($drop_or_revoke_user['revoke_hosts'] != '') $this->process_host_list('REVOKE', $data['old']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $drop_or_revoke_user['revoke_hosts'], $link);
+ }
+ if($data['old']['database_ro_user_id']) {
+ $old_db_user = $app->db->queryOneRecord("SELECT `database_user`, `database_password` FROM `web_database_user` WHERE `database_user_id` = '" . intval($data['old']['database_ro_user_id']) . "'");
+ $drop_or_revoke_user = $this->drop_or_revoke_user($data['old']['database_id'], $data['old']['database_ro_user_id'], $old_host_list);
+ if($drop_or_revoke_user['drop_hosts'] != '') $this->process_host_list('DROP', $data['old']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $drop_or_revoke_user['drop_hosts'], $link);
+ if($drop_or_revoke_user['revoke_hosts'] != '') $this->process_host_list('REVOKE', $data['old']['database_name'], $old_db_user['database_user'], $old_db_user['database_password'], $drop_or_revoke_user['revoke_hosts'], $link);
+ }
+
+
if($link->query('DROP DATABASE '.$link->escape_string($data['old']['database_name']))) {
$app->log('Dropping MySQL database: '.$data['old']['database_name'],LOGLEVEL_DEBUG);
} else {
--
Gitblit v1.9.1