/**
* Test for PMA_getSqlQueryForDisplayPrivTable
*
* @return void
*/
public function testPMAGetSqlQueryForDisplayPrivTable()
{
$username = "******";
$db = '*';
$table = "pma_table";
$hostname = "pma_hostname";
//$db == '*'
$ret = PMA_getSqlQueryForDisplayPrivTable($db, $table, $username, $hostname);
$sql = "SELECT * FROM `mysql`.`user`" . " WHERE `User` = '" . PMA\libraries\Util::sqlAddSlashes($username) . "'" . " AND `Host` = '" . PMA\libraries\Util::sqlAddSlashes($hostname) . "';";
$this->assertEquals($sql, $ret);
//$table == '*'
$db = "pma_db";
$table = "*";
$ret = PMA_getSqlQueryForDisplayPrivTable($db, $table, $username, $hostname);
$sql = "SELECT * FROM `mysql`.`db`" . " WHERE `User` = '" . PMA\libraries\Util::sqlAddSlashes($username) . "'" . " AND `Host` = '" . PMA\libraries\Util::sqlAddSlashes($hostname) . "'" . " AND '" . PMA\libraries\Util::unescapeMysqlWildcards($db) . "'" . " LIKE `Db`;";
$this->assertEquals($sql, $ret);
//$table == 'pma_table'
$db = "pma_db";
$table = "pma_table";
$ret = PMA_getSqlQueryForDisplayPrivTable($db, $table, $username, $hostname);
$sql = "SELECT `Table_priv`" . " FROM `mysql`.`tables_priv`" . " WHERE `User` = '" . PMA\libraries\Util::sqlAddSlashes($username) . "'" . " AND `Host` = '" . PMA\libraries\Util::sqlAddSlashes($hostname) . "'" . " AND `Db` = '" . PMA\libraries\Util::unescapeMysqlWildcards($db) . "'" . " AND `Table_name` = '" . PMA\libraries\Util::sqlAddSlashes($table) . "';";
$this->assertEquals($sql, $ret);
}
/**
* Displays the privileges form table
*
* @param string $db the database
* @param string $table the table
* @param boolean $submit whether to display the submit button or not
*
* @global array $cfg the phpMyAdmin configuration
* @global resource $user_link the database connection
*
* @return string html snippet
*/
function PMA_getHtmlToDisplayPrivilegesTable($db = '*', $table = '*', $submit = true)
{
$html_output = '';
$sql_query = '';
if ($db == '*') {
$table = '*';
}
if (isset($GLOBALS['username'])) {
$username = $GLOBALS['username'];
$hostname = $GLOBALS['hostname'];
$sql_query = PMA_getSqlQueryForDisplayPrivTable($db, $table, $username, $hostname);
$row = $GLOBALS['dbi']->fetchSingleRow($sql_query);
}
if (empty($row)) {
if ($table == '*' && $GLOBALS['is_superuser']) {
if ($db == '*') {
$sql_query = 'SHOW COLUMNS FROM `mysql`.`user`;';
} elseif ($table == '*') {
$sql_query = 'SHOW COLUMNS FROM `mysql`.`db`;';
}
$res = $GLOBALS['dbi']->query($sql_query);
while ($row1 = $GLOBALS['dbi']->fetchRow($res)) {
if (mb_substr($row1[0], 0, 4) == 'max_') {
$row[$row1[0]] = 0;
} elseif (mb_substr($row1[0], 0, 5) == 'x509_' || mb_substr($row1[0], 0, 4) == 'ssl_') {
$row[$row1[0]] = '';
} else {
$row[$row1[0]] = 'N';
}
}
$GLOBALS['dbi']->freeResult($res);
} elseif ($table == '*') {
$row = array();
} else {
$row = array('Table_priv' => '');
}
}
if (isset($row['Table_priv'])) {
PMA_fillInTablePrivileges($row);
// get columns
$res = $GLOBALS['dbi']->tryQuery('SHOW COLUMNS FROM ' . PMA_Util::backquote(PMA_Util::unescapeMysqlWildcards($db)) . '.' . PMA_Util::backquote($table) . ';');
$columns = array();
if ($res) {
while ($row1 = $GLOBALS['dbi']->fetchRow($res)) {
$columns[$row1[0]] = array('Select' => false, 'Insert' => false, 'Update' => false, 'References' => false);
}
$GLOBALS['dbi']->freeResult($res);
}
unset($res, $row1);
}
// table-specific privileges
if (!empty($columns)) {
$html_output .= PMA_getHtmlForTableSpecificPrivileges($username, $hostname, $db, $table, $columns, $row);
} else {
// global or db-specific
$html_output .= PMA_getHtmlForGlobalOrDbSpecificPrivs($db, $table, $row);
}
$html_output .= '</fieldset>' . "\n";
if ($submit) {
$html_output .= '<fieldset id="fieldset_user_privtable_footer" ' . 'class="tblFooters">' . "\n" . '<input type="hidden" name="update_privs" value="1" />' . "\n" . '<input type="submit" value="' . __('Go') . '" />' . "\n" . '</fieldset>' . "\n";
}
return $html_output;
}
/**
* Displays the privileges form table
*
* @param string $db the database
* @param string $table the table
* @param boolean $submit wheather to display the submit button or not
*
* @global array $cfg the phpMyAdmin configuration
* @global ressource $user_link the database connection
*
* @return string html snippet
*/
function PMA_getHtmlToDisplayPrivilegesTable($db = '*', $table = '*', $submit = true)
{
$html_output = '';
if ($db == '*') {
$table = '*';
}
if (isset($GLOBALS['username'])) {
$username = $GLOBALS['username'];
$hostname = $GLOBALS['hostname'];
$sql_query = PMA_getSqlQueryForDisplayPrivTable($db, $table, $username, $hostname);
$row = PMA_DBI_fetch_single_row($sql_query);
}
if (empty($row)) {
if ($table == '*') {
if ($db == '*') {
$sql_query = 'SHOW COLUMNS FROM `mysql`.`user`;';
} elseif ($table == '*') {
$sql_query = 'SHOW COLUMNS FROM `mysql`.`db`;';
}
$res = PMA_DBI_query($sql_query);
while ($row1 = PMA_DBI_fetch_row($res)) {
if (substr($row1[0], 0, 4) == 'max_') {
$row[$row1[0]] = 0;
} else {
$row[$row1[0]] = 'N';
}
}
PMA_DBI_free_result($res);
} else {
$row = array('Table_priv' => '');
}
}
if (isset($row['Table_priv'])) {
$row1 = PMA_DBI_fetch_single_row('SHOW COLUMNS FROM `mysql`.`tables_priv` LIKE \'Table_priv\';', 'ASSOC', $GLOBALS['userlink']);
// note: in MySQL 5.0.3 we get "Create View', 'Show view';
// the View for Create is spelled with uppercase V
// the view for Show is spelled with lowercase v
// and there is a space between the words
$av_grants = explode('\',\'', substr($row1['Type'], strpos($row1['Type'], '(') + 2, strpos($row1['Type'], ')') - strpos($row1['Type'], '(') - 3));
unset($row1);
$users_grants = explode(',', $row['Table_priv']);
foreach ($av_grants as $current_grant) {
$row[$current_grant . '_priv'] = in_array($current_grant, $users_grants) ? 'Y' : 'N';
}
unset($row['Table_priv'], $current_grant, $av_grants, $users_grants);
// get columns
$res = PMA_DBI_try_query('SHOW COLUMNS FROM ' . PMA_Util::backquote(PMA_Util::unescapeMysqlWildcards($db)) . '.' . PMA_Util::backquote($table) . ';');
$columns = array();
if ($res) {
while ($row1 = PMA_DBI_fetch_row($res)) {
$columns[$row1[0]] = array('Select' => false, 'Insert' => false, 'Update' => false, 'References' => false);
}
PMA_DBI_free_result($res);
}
unset($res, $row1);
}
// t a b l e - s p e c i f i c p r i v i l e g e s
if (!empty($columns)) {
$html_output .= PMA_getHtmlForTableSpecificPrivileges($username, $hostname, $db, $table, $columns, $row);
} else {
// g l o b a l o r d b - s p e c i f i c
$html_output .= PMA_getHtmlForGlobalOrDbSpecificPrivs($db, $table, $row);
}
$html_output .= '</fieldset>' . "\n";
if ($submit) {
$html_output .= '<fieldset id="fieldset_user_privtable_footer" ' . 'class="tblFooters">' . "\n" . '<input type="submit" name="update_privs" ' . 'value="' . __('Go') . '" />' . "\n" . '</fieldset>' . "\n";
}
return $html_output;
}
