function zen_check_database_privs($priv = '', $table = '', $show_privs = false) { //bypass for now ... will attempt to use with modifications in a new release later if ($show_privs == true) { return 'Not Checked|||Not Checked'; } return true; // end bypass global $zdb_server, $zdb_user, $zdb_name; if (!zen_not_null($zdb_server)) { $zdb_server = zen_read_config_value('DB_SERVER', FALSE); } if (!zen_not_null($zdb_user)) { $zdb_user = zen_read_config_value('DB_SERVER_USERNAME', FALSE); } if (!zen_not_null($zdb_name)) { $zdb_name = zen_read_config_value('DB_DATABASE', FALSE); } if (isset($_GET['nogrants']) || isset($_POST['nogrants'])) { return true; } // bypass if flag set //Display permissions, or check for suitable permissions to carry out a particular task //possible outputs: //GRANT ALL PRIVILEGES ON *.* TO 'xyz'@'localhost' WITH GRANT OPTION //GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, FILE, INDEX, ALTER ON *.* TO 'xyz'@'localhost' IDENTIFIED BY PASSWORD '2344' //GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, DROP, INDEX, ALTER ON `db1`.* TO 'xyz'@'localhost' //GRANT SELECT (id) ON db1.tablename TO 'xyz'@'localhost global $db; global $db_test; $granted_privs_list = ''; if (ZC_UPG_DEBUG3 == true) { echo '<br />Checking for priv: [' . (zen_not_null($priv) ? $priv : 'none specified') . ']<br />'; } if (!defined('DB_SERVER')) { define('DB_SERVER', $zdb_server); } if (!defined('DB_SERVER_USERNAME')) { define('DB_SERVER_USERNAME', $zdb_user); } if (!defined('DB_DATABASE')) { define('DB_DATABASE', $zdb_name); } $user = DB_SERVER_USERNAME . "@" . DB_SERVER; if ($user == 'DB_SERVER_USERNAME@DB_SERVER' || DB_DATABASE == 'DB_DATABASE') { return true; } // bypass if constants not set properly $sql = "show grants for " . $user; if (ZC_UPG_DEBUG3 == true) { echo $sql . '<br />'; } if (is_object($db)) { $result = $db->Execute($sql); } elseif (is_object($db_test)) { $result = $db_test->Execute($sql); } while (!$result->EOF) { if (ZC_UPG_DEBUG3 == true) { echo $result->fields['Grants for ' . $user] . '<br />'; } $grant_syntax = $result->fields['Grants for ' . $user] . ' '; $granted_privs = str_replace('GRANT ', '', $grant_syntax); // remove "GRANT" keyword $granted_privs = substr($granted_privs, 0, strpos($granted_privs, ' TO ')); //remove anything after the "TO" keyword $granted_db = str_replace(array('`', '\\'), '', substr($granted_privs, strpos($granted_privs, ' ON ') + 4)); //remove backquote and find "ON" string if (ZC_UPG_DEBUG3 == true) { echo 'privs_list = ' . $granted_privs . '<br />'; } if (ZC_UPG_DEBUG3 == true) { echo 'granted_db = ' . $granted_db . '<br />'; } $db_priv_ok += $granted_db == '*.*' || $granted_db == DB_DATABASE . '.*' || $granted_db == DB_DATABASE . '.' . $table ? true : false; if (ZC_UPG_DEBUG3 == true) { echo 'db-priv-ok=' . $db_priv_ok . '<br />'; } if ($db_priv_ok) { // if the privs list pertains to the current database, or is *.*, carry on $granted_privs = substr($granted_privs, 0, strpos($granted_privs, ' ON ')); //remove anything after the "ON" keyword $granted_privs_list .= $granted_privs_list == '' ? $granted_privs : ', ' . $granted_privs; $specific_priv_found = zen_not_null($priv) && substr_count($granted_privs, $priv) == 1; if (ZC_UPG_DEBUG3 == true) { echo 'specific priv[' . $priv . '] found =' . $specific_priv_found . '<br />'; } if (ZC_UPG_DEBUG3 == true) { echo 'spec+db=' . ($specific_priv_found && $db_priv_ok == true) . ' ||| '; } if (ZC_UPG_DEBUG3 == true) { echo 'all+db=' . ($granted_privs == 'ALL PRIVILEGES' && $db_priv_ok == true) . '<br /><br />'; } if ($specific_priv_found && $db_priv_ok == true || $granted_privs == 'ALL PRIVILEGES' && $db_priv_ok == true) { return true; // privs found } } // endif $db_priv_ok $result->MoveNext(); } if ($show_privs) { if (ZC_UPG_DEBUG3 == true) { echo 'LIST OF PRIVS=' . $granted_privs_list . '<br />'; } return $db_priv_ok . '|||' . $granted_privs_list; } else { return false; // if not found, return false } }
// init some vars: $enable_ssl = ''; $enable_ssl_admin = ''; /* * read existing settings instead of trying to detect from first install */ if ($is_upgrade) { $http_server = zen_read_config_value('HTTP_SERVER', FALSE); $http_catalog = zen_read_config_value('DIR_WS_CATALOG', FALSE); $virtual_path = str_replace('http://', '', $http_server) . $http_catalog; $virtual_https_server = str_replace('https://', '', zen_read_config_value('HTTPS_SERVER', FALSE)); $virtual_https_path = $virtual_https_server . zen_read_config_value('DIR_WS_HTTPS_CATALOG', FALSE); $enable_ssl = zen_read_config_value('ENABLE_SSL', FALSE); $enable_ssl_admin = zen_read_config_value('ENABLE_SSL_ADMIN', FALSE); $dir_fs_www_root = zen_read_config_value('DIR_FS_CATALOG', FALSE); $https_catalog = zen_read_config_value('DIR_WS_HTTPS_CATALOG', FALSE); $http_server = $zc_install->trimTrailingSlash($http_server); $http_catalog = $zc_install->trimTrailingSlash($http_catalog); $virtual_path = $zc_install->trimTrailingSlash($virtual_path); $virtual_https_server = $zc_install->trimTrailingSlash($virtual_https_server); $virtual_https_path = $zc_install->trimTrailingSlash($virtual_https_path); $dir_fs_www_root = $zc_install->trimTrailingSlash($dir_fs_www_root); $https_catalog = $zc_install->trimTrailingSlash($https_catalog); } else { //fresh install, so do auto-detect of several settings $dir_fs_www_root = $zc_install->detectDocumentRoot(); // Determine http path $virtual_path = $_SERVER['HTTP_HOST'] . $_SERVER['SCRIPT_NAME']; $virtual_path = substr($virtual_path, 0, strpos($virtual_path, '/zc_install')); // Determine the https directory. This is a best-guess since we're not likely installing over SSL connection: $virtual_https_server = getenv('HTTP_HOST');
} //endif $is_upgrade } } if ($is_upgrade) { // read previous settings from configure.php $zdb_type = zen_read_config_value('DB_TYPE'); $zdb_prefix = zen_read_config_value('DB_PREFIX'); $zdb_server = zen_read_config_value('DB_SERVER'); $zdb_user = zen_read_config_value('DB_SERVER_USERNAME'); $zdb_pwd = zen_read_config_value('DB_SERVER_PASSWORD'); $zdb_name = zen_read_config_value('DB_DATABASE'); $zdb_sql_cache = $_GET['sql_cache'] == '' ? zen_read_config_value('DIR_FS_SQL_CACHE') : $_GET['sql_cache']; $zdb_cache_type = zen_read_config_value('SQL_CACHE_METHOD'); $zdb_persistent = zen_read_config_value('USE_PCONNECT'); $zdb_sessions = zen_read_config_value('STORE_SESSIONS') ? 'true' : 'false'; } else { // set defaults: $zdb_type = 'MySQL'; $zdb_prefix = ''; $zdb_server = 'localhost'; $zdb_user = '******'; $zdb_name = 'zencart'; $zdb_sql_cache = $_GET['sql_cache']; $zdb_cache_type = 'None'; $zdb_persistent = 'false'; $zdb_sessions = 'true'; } //endif $is_upgrade if (!isset($_POST['db_host'])) { $_POST['db_host'] = $zdb_server;
function dbActivate() { if (isset($this->db)) { return; } if ($this->getConfigKey('DB_TYPE') == '') { $this->setConfigKey('DB_TYPE', zen_read_config_value('DB_TYPE', FALSE)); } if ($this->getConfigKey('DB_CHARSET') == '') { $this->setConfigKey('DB_CHARSET', zen_read_config_value('DB_CHARSET', FALSE)); } if ($this->getConfigKey('DB_CHARSET') != 'latin1') { $this->setConfigKey('DB_CHARSET', 'utf8'); } if (!defined('DB_CHARSET') && $this->getConfigKey('DB_CHARSET') != '') { define('DB_CHARSET', $this->getConfigKey('DB_CHARSET')); } if ($this->getConfigKey('DB_PREFIX') == '') { $this->setConfigKey('DB_PREFIX', zen_read_config_value('DB_PREFIX', FALSE)); } if ($this->getConfigKey('DB_SERVER') == '') { $this->setConfigKey('DB_SERVER', zen_read_config_value('DB_SERVER', FALSE)); } if ($this->getConfigKey('DB_SERVER_USERNAME') == '') { $this->setConfigKey('DB_SERVER_USERNAME', zen_read_config_value('DB_SERVER_USERNAME', FALSE)); } if ($this->getConfigKey('DB_SERVER_PASSWORD') == '') { $this->setConfigKey('DB_SERVER_PASSWORD', zen_read_config_value('DB_SERVER_PASSWORD', FALSE)); } if ($this->getConfigKey('DB_DATABASE') == '') { $this->setConfigKey('DB_DATABASE', zen_read_config_value('DB_DATABASE', FALSE)); } include_once '../includes/classes/db/' . $this->getConfigKey('DB_TYPE') . '/query_factory.php'; $this->db = new queryFactory(); $this->db->Connect($this->getConfigKey('DB_SERVER'), $this->getConfigKey('DB_SERVER_USERNAME'), $this->getConfigKey('DB_SERVER_PASSWORD'), $this->getConfigKey('DB_DATABASE'), true); }
} //read the configure.php file and look for hints that it's just a copy of dist-configure.php $lines = file('../includes/configure.php'); foreach ($lines as $line) { if (substr_count($line, 'dist-configure.php') > 0) { $zen_cart_previous_version_installed = false; } } //end foreach $zdb_type = zen_read_config_value('DB_TYPE'); $zdb_prefix = zen_read_config_value('DB_PREFIX'); $zdb_server = zen_read_config_value('DB_SERVER'); $zdb_user = zen_read_config_value('DB_SERVER_USERNAME'); $zdb_pwd = zen_read_config_value('DB_SERVER_PASSWORD'); $zdb_name = zen_read_config_value('DB_DATABASE'); $zdb_sql_cache = zen_read_config_value('DIR_FS_SQL_CACHE'); if (strpos($zdb_sql_cache, '/path/to/') > 0) { $zdb_sql_cache = ''; } // /path/to/ comes from dist-configure.php. Invalid, thus make null. if (ZC_UPG_DEBUG == true) { echo $zdb_type . '<br>'; echo $zdb_prefix . '<br>'; echo $zdb_server . '<br>'; echo $zdb_user . '<br>'; echo $zdb_sql_cache . '<br>'; } if ($zdb_type != '' && $zdb_name != '') { // now check database connectivity require '../includes/' . 'classes/db/' . $zdb_type . '/query_factory.php'; $zc_install->functionExists($zdb_type, '', '');
} } if ($is_upgrade) { // read previous settings from configure.php $zdb_type = zen_read_config_value('DB_TYPE', FALSE); $zdb_coll = zen_read_config_value('DB_CHARSET', FALSE); if ($zdb_coll != 'latin1') { $zdb_coll = 'utf8'; } $zdb_prefix = zen_read_config_value('DB_PREFIX', FALSE); $zdb_server = zen_read_config_value('DB_SERVER', FALSE); $zdb_user = zen_read_config_value('DB_SERVER_USERNAME', FALSE); $zdb_pwd = zen_read_config_value('DB_SERVER_PASSWORD', FALSE); $zdb_name = zen_read_config_value('DB_DATABASE', FALSE); $zdb_sql_cache = $zc_install->getConfigKey('DIR_FS_SQL_CACHE') == '' ? zen_read_config_value('DIR_FS_SQL_CACHE', FALSE) : $zc_install->getConfigKey('DIR_FS_SQL_CACHE'); $zdb_cache_type = zen_read_config_value('SQL_CACHE_METHOD', FALSE); } else { // set defaults: $zdb_type = 'MySQL'; $zdb_coll = 'utf8'; $zdb_prefix = ''; $zdb_server = 'localhost'; $zdb_user = ''; $zdb_name = 'zencart'; $zdb_sql_cache = $zc_install->getConfigKey('DIR_FS_SQL_CACHE'); $zdb_cache_type = 'none'; } //endif $is_upgrade if (!isset($dir_fs_www_root) || $dir_fs_www_root == '') { $dir_fs_www_root = $zc_install->detectDocumentRoot(); }