/**
* Get HTML for the Change password dialog
*
* @param string $mode where is the function being called?
* values : 'change_pw' or 'edit_other'
* @param string $username username
* @param string $hostname hostname
*
* @return string html snippet
*/
function PMA_getHtmlForChangePassword($mode, $username, $hostname)
{
/**
* autocomplete feature of IE kills the "onchange" event handler and it
* must be replaced by the "onpropertychange" one in this case
*/
$chg_evt_handler = PMA_USR_BROWSER_AGENT == 'IE' && PMA_USR_BROWSER_VER >= 5 && PMA_USR_BROWSER_VER < 7 ? 'onpropertychange' : 'onchange';
$is_privileges = basename($_SERVER['SCRIPT_NAME']) === 'server_privileges.php';
$html = '<form method="post" id="change_password_form" ' . 'action="' . basename($GLOBALS['PMA_PHP_SELF']) . '" ' . 'name="chgPassword" ' . 'class="' . ($is_privileges ? 'submenu-item' : '') . '">';
$html .= PMA_URL_getHiddenInputs();
if (strpos($GLOBALS['PMA_PHP_SELF'], 'server_privileges') !== false) {
$html .= '<input type="hidden" name="username" ' . 'value="' . htmlspecialchars($username) . '" />' . '<input type="hidden" name="hostname" ' . 'value="' . htmlspecialchars($hostname) . '" />';
}
$html .= '<fieldset id="fieldset_change_password">' . '<legend' . ($is_privileges ? ' data-submenu-label="' . __('Change password') . '"' : '') . '>' . __('Change password') . '</legend>' . '<table class="data noclick">' . '<tr class="odd">' . '<td colspan="2">' . '<input type="radio" name="nopass" value="1" id="nopass_1" ' . 'onclick="pma_pw.value = \'\'; pma_pw2.value = \'\'; ' . 'this.checked = true" />' . '<label for="nopass_1">' . __('No Password') . '</label>' . '</td>' . '</tr>' . '<tr class="even vmiddle">' . '<td>' . '<input type="radio" name="nopass" value="0" id="nopass_0" ' . 'onclick="document.getElementById(\'text_pma_pw\').focus();" ' . 'checked="checked" />' . '<label for="nopass_0">' . __('Password:'******' </label>' . '</td>' . '<td>' . '<input type="password" name="pma_pw" id="text_pma_pw" size="10" ' . 'class="textfield"' . $chg_evt_handler . '="nopass[1].checked = true" />' . ' ' . __('Re-type:') . ' ' . '<input type="password" name="pma_pw2" id="text_pma_pw2" size="10" ' . 'class="textfield"' . $chg_evt_handler . '="nopass[1].checked = true" />' . '</td>' . '</tr>';
$serverType = PMA_Util::getServerType();
$orig_auth_plugin = PMA_getCurrentAuthenticationPlugin('change', $username, $hostname);
$is_superuser = $GLOBALS['dbi']->isSuperuser();
if ($serverType == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50507 || $serverType == 'MariaDB' && PMA_MYSQL_INT_VERSION >= 50200) {
// Provide this option only for 5.7.6+
// OR for privileged users in 5.5.7+
if ($serverType == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50706 || $is_superuser && $mode == 'edit_other') {
$auth_plugin_dropdown = PMA_getHtmlForAuthPluginsDropdown($username, $hostname, $orig_auth_plugin, 'change_pw', 'new');
$html .= '<tr class="vmiddle">' . '<td>' . __('Password Hashing:') . '</td><td>';
$html .= $auth_plugin_dropdown;
$html .= '</td></tr>' . '<tr id="tr_element_before_generate_password"></tr>' . '</table>';
$html .= '<div ' . ($orig_auth_plugin != 'sha256_password' ? 'style="display:none"' : '') . ' id="ssl_reqd_warning_cp">' . PMA_Message::notice(__('This method requires using an \'<i>SSL connection</i>\' ' . 'or an \'<i>unencrypted connection that encrypts the password ' . 'using RSA</i>\'; while connecting to the server.') . PMA_Util::showMySQLDocu('sha256-authentication-plugin'))->getDisplay() . '</div>';
} else {
$html .= '<tr id="tr_element_before_generate_password"></tr>' . '</table>';
}
} else {
$auth_plugin_dropdown = PMA_getHtmlForAuthPluginsDropdown($username, $hostname, $orig_auth_plugin, 'change_pw', 'old');
$html .= '<tr class="vmiddle">' . '<td>' . __('Password Hashing:') . '</td><td>';
$html .= $auth_plugin_dropdown . '</td></tr>' . '<tr id="tr_element_before_generate_password"></tr>' . '</table>';
}
$html .= '</fieldset>' . '<fieldset id="fieldset_change_password_footer" class="tblFooters">' . '<input type="hidden" name="change_pw" value="1" />' . '<input type="submit" value="' . __('Go') . '" />' . '</fieldset>' . '</form>';
return $html;
}
/**
* Get HTML for the Change password dialog
*
* @param string $username username
* @param string $hostname hostname
*
* @return string html snippet
*/
function PMA_getHtmlForChangePassword($username, $hostname)
{
/**
* autocomplete feature of IE kills the "onchange" event handler and it
* must be replaced by the "onpropertychange" one in this case
*/
$chg_evt_handler = PMA_USR_BROWSER_AGENT == 'IE' && PMA_USR_BROWSER_VER >= 5 && PMA_USR_BROWSER_VER < 7 ? 'onpropertychange' : 'onchange';
$is_privileges = basename($_SERVER['SCRIPT_NAME']) === 'server_privileges.php';
$html = '<form method="post" id="change_password_form" ' . 'action="' . basename($GLOBALS['PMA_PHP_SELF']) . '" ' . 'name="chgPassword" ' . 'class="' . ($is_privileges ? 'submenu-item' : '') . '">';
$html .= PMA_URL_getHiddenInputs();
if (strpos($GLOBALS['PMA_PHP_SELF'], 'server_privileges') !== false) {
$html .= '<input type="hidden" name="username" ' . 'value="' . htmlspecialchars($username) . '" />' . '<input type="hidden" name="hostname" ' . 'value="' . htmlspecialchars($hostname) . '" />';
}
$html .= '<fieldset id="fieldset_change_password">' . '<legend' . ($is_privileges ? ' data-submenu-label="' . __('Change password') . '"' : '') . '>' . __('Change password') . '</legend>' . '<table class="data noclick">' . '<tr class="odd">' . '<td colspan="2">' . '<input type="radio" name="nopass" value="1" id="nopass_1" ' . 'onclick="pma_pw.value = \'\'; pma_pw2.value = \'\'; ' . 'this.checked = true" />' . '<label for="nopass_1">' . __('No Password') . '</label>' . '</td>' . '</tr>' . '<tr class="even vmiddle">' . '<td>' . '<input type="radio" name="nopass" value="0" id="nopass_0" ' . 'onclick="document.getElementById(\'text_pma_pw\').focus();" ' . 'checked="checked" />' . '<label for="nopass_0">' . __('Password:'******' </label>' . '</td>' . '<td>' . '<input type="password" name="pma_pw" id="text_pma_pw" size="10" ' . 'class="textfield"' . $chg_evt_handler . '="nopass[1].checked = true" />' . ' ' . __('Re-type:') . ' ' . '<input type="password" name="pma_pw2" id="text_pma_pw2" size="10" ' . 'class="textfield"' . $chg_evt_handler . '="nopass[1].checked = true" />' . '</td>' . '</tr>';
$default_auth_plugin = PMA_getCurrentAuthenticationPlugin('change', $username, $hostname);
// See http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-5.html
if (PMA_Util::getServerType() == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50705) {
$html .= '<tr class="vmiddle">' . '<td>' . __('Password Hashing:') . '</td>' . '<td>' . '<input type="radio" name="pw_hash" id="radio_pw_hash_mysql_native" ' . 'value="mysql_native_password"';
if ($default_auth_plugin == 'mysql_native_password') {
$html .= '" checked="checked"';
}
$html .= ' />' . '<label for="radio_pw_hash_mysql_native">' . __('MySQL native password') . '</label>' . '</td>' . '</tr>' . '<tr id="tr_element_before_generate_password">' . '<td> </td>' . '<td>' . '<input type="radio" name="pw_hash" id="radio_pw_hash_sha256" ' . 'value="sha256_password"';
if ($default_auth_plugin == 'sha256_password') {
$html .= '" checked="checked"';
}
$html .= ' />' . '<label for="radio_pw_hash_sha256">' . __('SHA256 password') . '</label>' . '</td>' . '</tr>';
} elseif (PMA_Util::getServerType() == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50606) {
$html .= '<tr class="vmiddle" id="tr_element_before_generate_password">' . '<td>' . __('Password Hashing:') . '</td>' . '<td>' . '<input type="radio" name="pw_hash" id="radio_pw_hash_new" ' . 'value="' . $default_auth_plugin . '" checked="checked" />' . '<label for="radio_pw_hash_new">' . $default_auth_plugin . '</label>' . '</td>' . '</tr>';
} else {
$html .= '<tr class="vmiddle">' . '<td>' . __('Password Hashing:') . '</td>' . '<td>' . '<input type="radio" name="pw_hash" id="radio_pw_hash_new" ' . 'value="mysql_native_password" checked="checked" />' . '<label for="radio_pw_hash_new">mysql_native_password</label>' . '</td>' . '</tr>' . '<tr id="tr_element_before_generate_password" >' . '<td> </td>' . '<td>' . '<input type="radio" name="pw_hash" id="radio_pw_hash_old" ' . 'value="old" />' . '<label for="radio_pw_hash_old">' . __('MySQL 4.0 compatible') . '</label>' . '</td>' . '</tr>';
}
$html .= '</table>';
$html .= '<div ' . ($default_auth_plugin != 'sha256_password' ? 'style="display:none"' : '') . ' id="ssl_reqd_warning_cp">' . PMA_Message::notice(__('This method requires using an \'<i>SSL connection</i>\' ' . 'or an \'<i>unencrypted connection that encrypts the password ' . 'using RSA</i>\'; while connecting to the server.') . PMA_Util::showMySQLDocu('sha256-authentication-plugin'))->getDisplay() . '</div>';
$html .= '</fieldset>' . '<fieldset id="fieldset_change_password_footer" class="tblFooters">' . '<input type="hidden" name="change_pw" value="1" />' . '<input type="submit" value="' . __('Go') . '" />' . '</fieldset>' . '</form>';
return $html;
}
/**
* Get HTML snippet for display user overview page
*
* @param string $pmaThemeImage a image source link
* @param string $text_dir text directory
*
* @return string $html_output
*/
function PMA_getHtmlForUserOverview($pmaThemeImage, $text_dir)
{
$html_output = '<h2>' . "\n" . PMA_Util::getIcon('b_usrlist.png') . __('Users overview') . "\n" . '</h2>' . "\n";
$password_column = 'Password';
if (PMA_Util::getServerType() == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50706) {
$password_column = 'authentication_string';
}
// $sql_query is for the initial-filtered,
// $sql_query_all is for counting the total no. of users
$sql_query = $sql_query_all = 'SELECT *,' . " IF(`" . $password_column . "` = _latin1 '', 'N', 'Y') AS 'Password'" . ' FROM `mysql`.`user`';
$sql_query .= isset($_REQUEST['initial']) ? PMA_rangeOfUsers($_REQUEST['initial']) : '';
$sql_query .= ' ORDER BY `User` ASC, `Host` ASC;';
$sql_query_all .= ' ;';
$res = $GLOBALS['dbi']->tryQuery($sql_query, null, PMA_DatabaseInterface::QUERY_STORE);
$res_all = $GLOBALS['dbi']->tryQuery($sql_query_all, null, PMA_DatabaseInterface::QUERY_STORE);
if (!$res) {
// the query failed! This may have two reasons:
// - the user does not have enough privileges
// - the privilege tables use a structure of an earlier version.
// so let's try a more simple query
$GLOBALS['dbi']->freeResult($res);
$GLOBALS['dbi']->freeResult($res_all);
$sql_query = 'SELECT * FROM `mysql`.`user`';
$res = $GLOBALS['dbi']->tryQuery($sql_query, null, PMA_DatabaseInterface::QUERY_STORE);
if (!$res) {
$html_output .= PMA_getHtmlForViewUsersError();
$html_output .= PMA_getAddUserHtmlFieldset();
} else {
// This message is hardcoded because I will replace it by
// a automatic repair feature soon.
$raw = 'Your privilege table structure seems to be older than' . ' this MySQL version!<br />' . 'Please run the <code>mysql_upgrade</code> command' . '(<code>mysql_fix_privilege_tables</code> on older systems)' . ' that should be included in your MySQL server distribution' . ' to solve this problem!';
$html_output .= PMA_Message::rawError($raw)->getDisplay();
}
$GLOBALS['dbi']->freeResult($res);
} else {
$db_rights = PMA_getDbRightsForUserOverview();
// for all initials, even non A-Z
$array_initials = array();
/**
* Displays the initials
* Also not necessary if there is less than 20 privileges
*/
if ($GLOBALS['dbi']->numRows($res_all) > 20) {
$html_output .= PMA_getHtmlForInitials($array_initials);
}
/**
* Display the user overview
* (if less than 50 users, display them immediately)
*/
if (isset($_REQUEST['initial']) || isset($_REQUEST['showall']) || $GLOBALS['dbi']->numRows($res) < 50) {
$html_output .= PMA_getUsersOverview($res, $db_rights, $pmaThemeImage, $text_dir);
} else {
$html_output .= PMA_getAddUserHtmlFieldset();
}
// end if (display overview)
if (!$GLOBALS['is_ajax_request'] || !empty($_REQUEST['ajax_page_request'])) {
$flushnote = new PMA_Message(__('Note: phpMyAdmin gets the users\' privileges directly ' . 'from MySQL\'s privilege tables. The content of these tables ' . 'may differ from the privileges the server uses, ' . 'if they have been changed manually. In this case, ' . 'you should %sreload the privileges%s before you continue.'), PMA_Message::NOTICE);
$flushLink = '<a href="server_privileges.php' . PMA_URL_getCommon(array('flush_privileges' => 1)) . '" id="reload_privileges_anchor">';
$flushnote->addParam($flushLink, false);
$flushnote->addParam('</a>', false);
$html_output .= $flushnote->getDisplay();
}
}
return $html_output;
}
/**
* Get SQL queries for Display and Add user
*
* @param string $username username
* @param string $hostname host name
* @param string $password password
*
* @return array ($create_user_real, $create_user_show,$real_sql_query, $sql_query
* $password_set_real, $password_set_show)
*/
function PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password)
{
$slashedUsername = PMA_Util::sqlAddSlashes($username);
$slashedHostname = PMA_Util::sqlAddSlashes($hostname);
$slashedPassword = PMA_Util::sqlAddSlashes($password);
$create_user_stmt = sprintf('CREATE USER \'%s\'@\'%s\'', $slashedUsername, $slashedHostname);
if (PMA_MYSQL_INT_VERSION >= 50507 && isset($_REQUEST['authentication_plugin'])) {
$create_user_stmt .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'];
}
if (PMA_MYSQL_INT_VERSION >= 50707 && strpos($create_user_stmt, '%') !== false) {
$create_user_stmt = str_replace('%', '%%', $create_user_stmt);
}
$create_user_real = $create_user_show = $create_user_stmt;
$password_set_stmt = 'SET PASSWORD FOR \'%s\'@\'%s\' = PASSWORD(\'%s\')';
$password_set_show = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, '***');
$sql_query_stmt = sprintf('GRANT %s ON *.* TO \'%s\'@\'%s\'', join(', ', PMA_extractPrivInfo()), $slashedUsername, $slashedHostname);
$real_sql_query = $sql_query = $sql_query_stmt;
if (PMA_MYSQL_INT_VERSION < 50707) {
if ($_POST['pred_password'] == 'keep') {
$password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, $slashedPassword);
} else {
if ($_POST['pred_password'] == 'none') {
$password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, null);
} else {
$password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, $_POST['pma_pw']);
}
}
} else {
$password_set_real = null;
$create_user_stmt .= ' BY \'%s\'';
if ($_POST['pred_password'] == 'keep') {
$create_user_real = sprintf($create_user_stmt, $password);
$create_user_show = sprintf($create_user_stmt, '***');
} else {
if ($_POST['pred_password'] == 'none') {
$create_user_real = sprintf($create_user_stmt, null);
$create_user_show = sprintf($create_user_stmt, '***');
} else {
$create_user_real = sprintf($create_user_stmt, $_POST['pma_pw']);
$create_user_show = sprintf($create_user_stmt, '***');
}
}
}
// add REQUIRE clause
$require_clause = PMA_getRequireClause();
$real_sql_query .= $require_clause;
$sql_query .= $require_clause;
if (isset($_POST['Grant_priv']) && $_POST['Grant_priv'] == 'Y' || (isset($_POST['max_questions']) || isset($_POST['max_connections']) || isset($_POST['max_updates']) || isset($_POST['max_user_connections']))) {
$with_clause = PMA_getWithClauseForAddUserAndUpdatePrivs();
$real_sql_query .= $with_clause;
$sql_query .= $with_clause;
}
if (isset($create_user_real)) {
$create_user_real .= ';';
$create_user_show .= ';';
}
$real_sql_query .= ';';
$sql_query .= ';';
// No Global GRANT_OPTION privilege
if (!$GLOBALS['is_grantuser']) {
$real_sql_query = '';
$sql_query = '';
}
if (PMA_Util::getServerType() == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50700) {
$password_set_real = null;
$password_set_show = null;
} else {
$password_set_real .= ";";
$password_set_show .= ";";
}
return array($create_user_real, $create_user_show, $real_sql_query, $sql_query, $password_set_real, $password_set_show);
}
echo '</ul>';
// User preferences
if ($server > 0) {
echo '<ul>';
PMA_printListItem(PMA_Util::getImage('b_tblops.png') . " " . __('More settings'), 'li_user_preferences', 'prefs_manage.php' . $common_url_query, null, null, null, "no_bullets");
echo '</ul>';
}
echo '</div>';
echo '</div>';
echo '<div id="main_pane_right">';
if ($server > 0 && $GLOBALS['cfg']['ShowServerInfo']) {
echo '<div class="group">';
echo '<h2>' . __('Database server') . '</h2>';
echo '<ul>' . "\n";
PMA_printListItem(__('Server:') . ' ' . $server_info, 'li_server_info');
PMA_printListItem(__('Server type:') . ' ' . PMA_Util::getServerType(), 'li_server_type');
PMA_printListItem(__('Server version:') . ' ' . PMA_MYSQL_STR_VERSION . ' - ' . PMA_MYSQL_VERSION_COMMENT, 'li_server_version');
PMA_printListItem(__('Protocol version:') . ' ' . $GLOBALS['dbi']->getProtoInfo(), 'li_mysql_proto');
PMA_printListItem(__('User:'******' ' . htmlspecialchars($mysql_cur_user_and_host), 'li_user_info');
echo ' <li id="li_select_mysql_charset">';
echo ' ' . __('Server charset:') . ' ' . ' <span lang="en" dir="ltr">';
if (!PMA_DRIZZLE) {
echo ' ' . $mysql_charsets_descriptions[$mysql_charset_map['utf-8']];
}
echo ' (' . $mysql_charset_map['utf-8'] . ')' . ' </span>' . ' </li>' . ' </ul>' . ' </div>';
}
if ($GLOBALS['cfg']['ShowServerInfo'] || $GLOBALS['cfg']['ShowPhpInfo']) {
echo '<div class="group">';
echo '<h2>' . __('Web server') . '</h2>';
echo '<ul>';
if ($GLOBALS['cfg']['ShowServerInfo']) {
/**
* Get SQL queries for Display and Add user
*
* @param string $username username
* @param string $hostname host name
* @param string $password password
*
* @return array ($create_user_real, $create_user_show,$real_sql_query, $sql_query
* $password_set_real, $password_set_show)
*/
function PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password)
{
$slashedUsername = PMA_Util::sqlAddSlashes($username);
$slashedHostname = PMA_Util::sqlAddSlashes($hostname);
$slashedPassword = PMA_Util::sqlAddSlashes($password);
$serverType = PMA_Util::getServerType();
$create_user_stmt = sprintf('CREATE USER \'%s\'@\'%s\'', $slashedUsername, $slashedHostname);
// See https://github.com/phpmyadmin/phpmyadmin/pull/11560#issuecomment-147158219
// for details regarding details of syntax usage for various versions
// 'IDENTIFIED WITH auth_plugin'
// is supported by MySQL 5.5.7+
if (($serverType == 'MySQL' || $serverType == 'Percona Server') && PMA_MYSQL_INT_VERSION >= 50507 && isset($_REQUEST['authentication_plugin'])) {
$create_user_stmt .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'];
}
// 'IDENTIFIED VIA auth_plugin'
// is supported by MariaDB 5.2+
if ($serverType == 'MariaDB' && PMA_MYSQL_INT_VERSION >= 50200 && isset($_REQUEST['authentication_plugin'])) {
$create_user_stmt .= ' IDENTIFIED VIA ' . $_REQUEST['authentication_plugin'];
}
$create_user_real = $create_user_show = $create_user_stmt;
$password_set_stmt = 'SET PASSWORD FOR \'%s\'@\'%s\' = \'%s\'';
$password_set_show = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, '***');
$password_set_real = null;
$sql_query_stmt = sprintf('GRANT %s ON *.* TO \'%s\'@\'%s\'', join(', ', PMA_extractPrivInfo()), $slashedUsername, $slashedHostname);
$real_sql_query = $sql_query = $sql_query_stmt;
// Set the proper hashing method
if (isset($_REQUEST['authentication_plugin'])) {
PMA_setProperPasswordHashing($_REQUEST['authentication_plugin']);
}
// Use 'CREATE USER ... WITH ... AS ..' syntax for
// newer MySQL versions
// and 'CREATE USER ... USING .. VIA ..' syntax for
// newer MariaDB versions
if (($serverType == 'MySQL' || $serverType == 'Percona Server') && PMA_MYSQL_INT_VERSION >= 50706 || $serverType == 'MariaDB' && PMA_MYSQL_INT_VERSION >= 50200) {
$password_set_real = null;
// Required for binding '%' with '%s'
$create_user_stmt = str_replace('%', '%%', $create_user_stmt);
// MariaDB uses 'USING' whereas MySQL uses 'AS'
if ($serverType == 'MariaDB') {
$create_user_stmt .= ' USING \'%s\'';
} else {
$create_user_stmt .= ' AS \'%s\'';
}
$create_user_real = $create_user_show = $create_user_stmt;
if ($_POST['pred_password'] == 'keep') {
$create_user_real = sprintf($create_user_stmt, $slashedPassword);
$create_user_show = sprintf($create_user_stmt, '***');
} else {
if ($_POST['pred_password'] == 'none') {
$create_user_real = sprintf($create_user_stmt, null);
$create_user_show = sprintf($create_user_stmt, '***');
} else {
$hashedPassword = PMA_getHashedPassword($_POST['pma_pw']);
$create_user_real = sprintf($create_user_stmt, $hashedPassword);
$create_user_show = sprintf($create_user_stmt, '***');
}
}
} else {
// Use 'SET PASSWORD' syntax for pre-5.7.6 MySQL versions
// and pre-5.2.0 MariaDB versions
if ($_POST['pred_password'] == 'keep') {
$password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, $slashedPassword);
} else {
if ($_POST['pred_password'] == 'none') {
$password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, null);
} else {
$hashedPassword = PMA_getHashedPassword($_POST['pma_pw']);
$password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, $hashedPassword);
}
}
}
// add REQUIRE clause
$require_clause = PMA_getRequireClause();
$real_sql_query .= $require_clause;
$sql_query .= $require_clause;
if (isset($_POST['Grant_priv']) && $_POST['Grant_priv'] == 'Y' || (isset($_POST['max_questions']) || isset($_POST['max_connections']) || isset($_POST['max_updates']) || isset($_POST['max_user_connections']))) {
$with_clause = PMA_getWithClauseForAddUserAndUpdatePrivs();
$real_sql_query .= $with_clause;
$sql_query .= $with_clause;
}
if (isset($create_user_real)) {
$create_user_real .= ';';
$create_user_show .= ';';
}
$real_sql_query .= ';';
$sql_query .= ';';
// No Global GRANT_OPTION privilege
if (!$GLOBALS['is_grantuser']) {
$real_sql_query = '';
$sql_query = '';
}
// Use 'SET PASSWORD' for pre-5.7.6 MySQL versions
// and pre-5.2.0 MariaDB
if ($serverType == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50706 || $serverType == 'MariaDB' && PMA_MYSQL_INT_VERSION >= 50200) {
$password_set_real = null;
$password_set_show = null;
} else {
$password_set_real .= ";";
$password_set_show .= ";";
}
return array($create_user_real, $create_user_show, $real_sql_query, $sql_query, $password_set_real, $password_set_show);
}
/**
* Returns the generation expression for virtual columns
*
* @param string $column name of the column
*
* @return array|boolean associative array of column name and their expressions
* or false on failure
*/
public function getColumnGenerationExpression($column = null)
{
$serverType = PMA_Util::getServerType();
if ($serverType == 'MySQL' && PMA_MYSQL_INT_VERSION > 50705 && !$GLOBALS['cfg']['Server']['DisableIS']) {
$sql = "SELECT\r\n `COLUMN_NAME` AS `Field`,\r\n `GENERATION_EXPRESSION` AS `Expression`\r\n FROM\r\n `information_schema`.`COLUMNS`\r\n WHERE\r\n `TABLE_SCHEMA` = '" . PMA_Util::sqlAddSlashes($this->_db_name) . "'\r\n AND `TABLE_NAME` = '" . PMA_Util::sqlAddSlashes($this->_name) . "'";
if ($column != null) {
$sql .= " AND `COLUMN_NAME` = '" . PMA_Util::sqlAddSlashes($column) . "'";
}
$columns = $this->_dbi->fetchResult($sql, 'Field', 'Expression');
return $columns;
}
$createTable = $this->showCreate();
if (!$createTable) {
return false;
}
$parser = new SqlParser\Parser($createTable);
/**
* @var SqlParser\Statements\CreateStatement $stmt
*/
$stmt = $parser->statements[0];
$fields = SqlParser\Utils\Table::getFields($stmt);
if ($column != null) {
$expression = isset($fields[$column]['expr']) ? substr($fields[$column]['expr'], 1, -1) : '';
return array($column => $expression);
}
$ret = array();
foreach ($fields as $field => $options) {
if (isset($options['expr'])) {
$ret[$field] = substr($options['expr'], 1, -1);
}
}
return $ret;
}
/**
* Generate the error url and submit the query
*
* @param string $username Username
* @param string $hostname Hostname
* @param string $password Password
* @param string $sql_query SQL query
* @param string $hashing_function Hashing function
* @param string $orig_auth_plugin Original Authentication Plugin
*
* @return void
*/
function PMA_changePassUrlParamsAndSubmitQuery($username, $hostname, $password, $sql_query, $hashing_function, $orig_auth_plugin)
{
$err_url = 'user_password.php' . PMA_URL_getCommon();
$serverType = PMA_Util::getServerType();
if ($serverType == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50706) {
$local_query = 'ALTER USER \'' . $username . '\'@\'' . $hostname . '\'' . ' IDENTIFIED with ' . $orig_auth_plugin . ' BY ' . ($password == '' ? '\'\'' : '\'' . PMA_Util::sqlAddSlashes($password) . '\'');
} else {
if ($serverType == 'MariaDB' && PMA_MYSQL_INT_VERSION >= 50200) {
if ($orig_auth_plugin == 'mysql_native_password') {
// Set the hashing method used by PASSWORD()
// to be 'mysql_native_password' type
$GLOBALS['dbi']->tryQuery('SET old_passwords = 0;');
} else {
if ($orig_auth_plugin == 'sha256_password') {
// Set the hashing method used by PASSWORD()
// to be 'sha256_password' type
$GLOBALS['dbi']->tryQuery('SET `old_passwords` = 2;');
}
}
$hashedPassword = PMA_getHashedPassword($_POST['pma_pw']);
$local_query = "UPDATE `mysql`.`user` SET" . " `authentication_string` = '" . $hashedPassword . "', `Password` = '', " . " `plugin` = '" . $orig_auth_plugin . "'" . " WHERE `User` = '" . $username . "' AND Host = '" . $hostname . "';";
$GLOBALS['dbi']->tryQuery("FLUSH PRIVILEGES;");
} else {
$local_query = 'SET password = '******'' ? '\'\'' : $hashing_function . '(\'' . PMA_Util::sqlAddSlashes($password) . '\')');
}
}
if (!@$GLOBALS['dbi']->tryQuery($local_query)) {
PMA_Util::mysqlDie($GLOBALS['dbi']->getError(), $sql_query, false, $err_url);
}
}
/**
* Generate the error url and submit the query
*
* @param string $username Username
* @param string $hostname Hostname
* @param string $password Password
* @param string $sql_query SQL query
* @param string $hashing_function Hashing function
* @param string $auth_plugin Authentication Plugin
*
* @return void
*/
function PMA_changePassUrlParamsAndSubmitQuery($username, $hostname, $password, $sql_query, $hashing_function, $auth_plugin)
{
$err_url = 'user_password.php' . PMA_URL_getCommon();
if (PMA_Util::getServerType() === 'MySQL' && PMA_MYSQL_INT_VERSION >= 50706) {
$local_query = 'ALTER USER \'' . $username . '\'@\'' . $hostname . '\'' . ' IDENTIFIED with ' . $auth_plugin . ' BY ' . ($password == '' ? '\'\'' : '\'' . PMA_Util::sqlAddSlashes($password) . '\'');
} else {
$local_query = 'SET password = '******'' ? '\'\'' : $hashing_function . '(\'' . PMA_Util::sqlAddSlashes($password) . '\')');
}
if (!@$GLOBALS['dbi']->tryQuery($local_query)) {
PMA_Util::mysqlDie($GLOBALS['dbi']->getError(), $sql_query, false, $err_url);
}
}
/**
* Get SQL queries for Display and Add user
*
* @param string $username username
* @param string $hostname host name
* @param string $password password
*
* @return array ($create_user_real, $create_user_show,$real_sql_query, $sql_query
* $password_set_real, $password_set_show)
*/
function PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password)
{
$slashedUsername = PMA_Util::sqlAddSlashes($username);
$slashedHostname = PMA_Util::sqlAddSlashes($hostname);
// '%' character causes binding problems with sprintf
// and therefore has to be escaped using an extra '%'
$escapedHostname = $hostname;
$escapedUsername = $username;
if (strpos($hostname, '%') !== false) {
$escapedHostname = str_replace('%', '%%', $hostname);
}
if (strpos($username, '%') !== false) {
$escapedUsername = str_replace('%', '%%', $username);
}
$slashedEscapedUsername = PMA_Util::sqlAddSlashes($escapedUsername);
$slashedEscapedHostname = PMA_Util::sqlAddSlashes($escapedHostname);
$create_user_stmt = sprintf('CREATE USER \'%s\'@\'%s\'', $slashedEscapedUsername, $slashedEscapedHostname);
$create_user_real = $create_user_show = $create_user_stmt;
$password_set_stmt = 'SET PASSWORD FOR \'%s\'@\'%s\' = PASSWORD(\'%s\')';
$password_set_show = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, '***');
$password_set_real = null;
$sql_query_stmt = sprintf('GRANT %s ON *.* TO \'%s\'@\'%s\'', join(', ', PMA_extractPrivInfo()), $slashedUsername, $slashedHostname);
$real_sql_query = $sql_query = $sql_query_stmt;
//@todo Following blocks should be delegated to another function and factorized.
//There are too much duplication here.
if ($_POST['pred_password'] != 'none' && $_POST['pred_password'] != 'keep') {
$slashedPassword = PMA_Util::sqlAddSlashes($_POST['pma_pw']);
if (isset($_REQUEST['authentication_plugin']) && $_REQUEST['authentication_plugin']) {
if (PMA_MYSQL_INT_VERSION >= 50700) {
$create_user_stmt .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'] . ' BY \'%s\'';
$create_user_show = sprintf($create_user_stmt, '***');
$create_user_real = sprintf($create_user_stmt, $slashedPassword);
} else {
$create_user_stmt .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'];
$create_user_show = $create_user_real = $create_user_stmt;
}
} else {
$sql_query_stmt .= ' IDENTIFIED BY \'%s\' ';
$sql_query = sprintf($sql_query_stmt, '***');
$real_sql_query = sprintf($sql_query_stmt, $slashedPassword);
}
$password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, $slashedPassword);
} else {
$slashedPassword = PMA_Util::sqlAddSlashes($password);
if ($_POST['pred_password'] == 'keep' && !empty($password)) {
if (isset($_REQUEST['authentication_plugin']) && $_REQUEST['authentication_plugin']) {
if (PMA_MYSQL_INT_VERSION >= 50700) {
$create_user_stmt .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'] . ' BY \'%s\'';
$create_user_show = sprintf($create_user_stmt, '***');
$create_user_real = sprintf($create_user_stmt, $slashedPassword);
} else {
$create_user_stmt .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'];
$create_user_show = $create_user_real = $create_user_stmt;
}
$password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, $slashedPassword);
} else {
$sql_query_stmt .= ' IDENTIFIED BY \'%s\' ';
$sql_query = sprintf($sql_query_stmt, '***');
$real_sql_query = sprintf($sql_query_stmt, $slashedPassword);
$password_set_real = null;
}
} elseif ($_POST['pred_password'] == 'keep' && empty($password)) {
if (isset($_REQUEST['authentication_plugin']) && $_REQUEST['authentication_plugin']) {
if (PMA_MYSQL_INT_VERSION >= 50700) {
$create_user_stmt .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'] . ' BY \'%s\'';
$create_user_show = sprintf($create_user_stmt, '***');
$create_user_real = sprintf($create_user_stmt, null);
} else {
$create_user_stmt .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'];
$create_user_show = $create_user_real = $create_user_stmt;
}
$password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, null);
} else {
$sql_query_stmt .= ' IDENTIFIED BY \'%s\' ';
$sql_query = sprintf($sql_query_stmt, '***');
$real_sql_query = sprintf($sql_query_stmt, null);
$password_set_real = null;
}
}
}
// add REQUIRE clause
$require_clause = PMA_getRequireClause();
$real_sql_query .= $require_clause;
$sql_query .= $require_clause;
if (isset($_POST['Grant_priv']) && $_POST['Grant_priv'] == 'Y' || (isset($_POST['max_questions']) || isset($_POST['max_connections']) || isset($_POST['max_updates']) || isset($_POST['max_user_connections']))) {
$with_clause = PMA_getWithClauseForAddUserAndUpdatePrivs();
$real_sql_query .= $with_clause;
$sql_query .= $with_clause;
}
if (isset($create_user_real)) {
$create_user_real .= ';';
$create_user_show .= ';';
}
$real_sql_query .= ';';
$sql_query .= ';';
// No Global GRANT_OPTION privilege
if (!$GLOBALS['is_grantuser']) {
$real_sql_query = '';
$sql_query = '';
}
if (PMA_Util::getServerType() == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50700) {
$password_set_real = null;
$password_set_show = null;
} else {
$password_set_real .= ";";
$password_set_show .= ";";
}
return array($create_user_real, $create_user_show, $real_sql_query, $sql_query, $password_set_real, $password_set_show);
}
echo '</div>';
echo '<div id="main_pane_right">';
if ($server > 0 && $GLOBALS['cfg']['ShowServerInfo']) {
echo '<div class="group">';
echo '<h2>' . __('Database server') . '</h2>';
echo '<ul>' . "\n";
PMA_printListItem(
__('Server') . ': ' . $server_info,
'li_server_info'
);
PMA_printListItem(
__('Software') . ': ' . PMA_Util::getServerType(),
'li_server_type'
);
PMA_printListItem(
__('Software version') . ': ' . PMA_MYSQL_STR_VERSION . ' - ' . PMA_MYSQL_VERSION_COMMENT,
'li_server_version'
);
PMA_printListItem(
__('Protocol version') . ': ' . PMA_DBI_get_proto_info(),
'li_mysql_proto'
);
PMA_printListItem(
__('User') . ': ' . htmlspecialchars($mysql_cur_user_and_host),
'li_user_info'
);
