function add_sql_database($sql, $user_id)
{
$cfg = EasySCP_Registry::get('Config');
if (!isset($_POST['uaction'])) {
return;
}
// let's generate database name.
if (empty($_POST['db_name'])) {
set_page_message(tr('Please specify a database name!'), 'warning');
return;
}
$dmn_id = get_user_domain_id($user_id);
if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on') {
// we'll use domain_id in the name of the database;
if (isset($_POST['id_pos']) && $_POST['id_pos'] === 'start') {
$db_name = $dmn_id . "_" . clean_input($_POST['db_name']);
} else {
if (isset($_POST['id_pos']) && $_POST['id_pos'] === 'end') {
$db_name = clean_input($_POST['db_name']) . "_" . $dmn_id;
}
}
} else {
$db_name = clean_input($_POST['db_name']);
}
if (strlen($db_name) > $cfg->MAX_SQL_DATABASE_LENGTH) {
set_page_message(tr('Database name is too long!'), 'warning');
return;
}
// have we such database in the system!?
if (check_db_name($sql, $db_name)) {
set_page_message(tr('Specified database name already exists!'), 'warning');
return;
}
// are wildcards used?
if (preg_match("/[%|\\?]+/", $db_name)) {
set_page_message(tr('Wildcards such as %% and ? are not allowed!'), 'warning');
return;
}
DB::query('CREATE DATABASE IF NOT EXISTS `' . $db_name . '` DEFAULT CHARACTER SET ' . EasyConfig::$cfg->DATABASE_DEFAULT_CHARACTER_SET . ' COLLATE ' . EasyConfig::$cfg->DATABASE_DEFAULT_COLLATE . ';')->closeCursor();
$sql_param = array(':domain_id' => $dmn_id, ':sqld_name' => $db_name);
$sql_query = "\n\t\tINSERT INTO\n\t\t\tsql_database (domain_id, sqld_name, status)\n\t\tVALUES\n\t\t\t(:domain_id, :sqld_name, 'ok');\n\t";
DB::prepare($sql_query);
DB::execute($sql_param)->closeCursor();
update_reseller_c_props(get_reseller_id($dmn_id));
write_log($_SESSION['user_logged'] . ": adds new SQL database: " . tohtml($db_name));
set_page_message(tr('SQL database created successfully!'), 'info');
user_goto('sql_manage.php');
}
function add_sql_database(&$sql, $user_id)
{
global $cfg;
if (!isset($_POST['uaction'])) {
return;
}
$root_sql =& ADONewConnection('mysql');
if (!@$root_sql->Connect($cfg['DB_HOST'], $cfg['DB_USER'], $cfg['DB_PASS'])) {
set_page_message(tr('Can not connect as MySQL administrator!'));
return;
}
//
// let's generate database name.
//
if ($_POST['db_name'] === '') {
set_page_message(tr('Please type database name!'));
return;
}
$dmn_id = get_user_domain_id($sql, $user_id);
if (isset($_POST['use_dmn_id']) && $_POST['use_dmn_id'] === 'on') {
//
// we'll use domain_id in the name of the database;
//
if (isset($_POST['id_pos']) && $_POST['id_pos'] === 'start') {
$db_name = $dmn_id . "_" . $_POST['db_name'];
} else {
if (isset($_POST['id_pos']) && $_POST['id_pos'] === 'end') {
$db_name = $_POST['db_name'] . "_" . $dmn_id;
}
}
} else {
$db_name = $_POST['db_name'];
}
if (strlen($db_name) > $cfg['MAX_SQL_DATABASE_LENGTH']) {
set_page_message(tr('Too long database name!'));
return;
}
//
// have we such database in the system!?
//
if (check_db_name($root_sql, $db_name)) {
set_page_message(tr('Specified database name already exists!'));
return;
}
// are wildcards used?
//
if (ereg("\\%|\\?", $db_name)) {
set_page_message(tr('Wildcards as % and ? are not allowed!'));
return;
}
$query = 'create database ' . quoteIdentifier($db_name);
$rs = exec_query($root_sql, $query, array());
$query = <<<SQL_QUERY
insert into sql_database
(domain_id, sqld_name)
values
(?, ?)
SQL_QUERY;
$rs = exec_query($sql, $query, array($dmn_id, $db_name));
write_log($_SESSION['user_logged'] . " : add new SQL database -> " . $db_name);
set_page_message(tr('SQL database created successfully!'));
user_goto('manage_sql.php');
}
