/**
* Test for PMA_getSqlQueriesForDisplayAndAddUser
*
* @return void
*/
public function testPMAGetSqlQueriesForDisplayAndAddUser()
{
$username = "******";
$hostname = "PMA_hostname";
$password = "******";
$_POST['pred_password'] = '******';
$_REQUEST['authentication_plugin'] = 'mysql_native_password';
$dbname = "PMA_db";
list($create_user_real, $create_user_show, $real_sql_query, $sql_query) = PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password);
//validate 1: $create_user_real
$this->assertEquals("CREATE USER 'PMA_username'@'PMA_hostname' IDENTIFIED " . "WITH mysql_native_password AS 'pma_password';", $create_user_real);
//validate 2: $create_user_show
$this->assertEquals("CREATE USER 'PMA_username'@'PMA_hostname' IDENTIFIED " . "WITH mysql_native_password AS '***';", $create_user_show);
//validate 3:$real_sql_query
$this->assertEquals("GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;", $real_sql_query);
//validate 4:$sql_query
$this->assertEquals("GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;", $sql_query);
//test for PMA_addUserAndCreateDatabase
list($sql_query, $message) = PMA_addUserAndCreateDatabase(false, $real_sql_query, $sql_query, $username, $hostname, $dbname);
//validate 5: $sql_query
$this->assertEquals("GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;", $sql_query);
//validate 6: $message
$this->assertEquals("You have added a new user.", $message->getMessage());
}
/**
* update Data for information: Adds a user
*
* @param string $dbname db name
* @param string $username user name
* @param string $hostname host name
* @param string $password password
* @param bool $is_menuwork is_menuwork set?
*
* @return array
*/
function PMA_addUser($dbname, $username, $hostname, $password, $is_menuwork)
{
$_add_user_error = false;
$message = null;
$queries = null;
$queries_for_display = null;
$sql_query = null;
if (isset($_REQUEST['adduser_submit']) || isset($_REQUEST['change_copy'])) {
$sql_query = '';
if ($_POST['pred_username'] == 'any') {
$username = '';
}
switch ($_POST['pred_hostname']) {
case 'any':
$hostname = '%';
break;
case 'localhost':
$hostname = 'localhost';
break;
case 'hosttable':
$hostname = '';
break;
case 'thishost':
$_user_name = $GLOBALS['dbi']->fetchValue('SELECT USER()');
$hostname = mb_substr($_user_name, mb_strrpos($_user_name, '@') + 1);
unset($_user_name);
break;
}
$sql = "SELECT '1' FROM `mysql`.`user`" . " WHERE `User` = '" . PMA_Util::sqlAddSlashes($username) . "'" . " AND `Host` = '" . PMA_Util::sqlAddSlashes($hostname) . "';";
if ($GLOBALS['dbi']->fetchValue($sql) == 1) {
$message = PMA_Message::error(__('The user %s already exists!'));
$message->addParam('[em]\'' . $username . '\'@\'' . $hostname . '\'[/em]');
$_REQUEST['adduser'] = true;
$_add_user_error = true;
} else {
list($create_user_real, $create_user_show, $real_sql_query, $sql_query) = PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, isset($password) ? $password : '');
if (empty($_REQUEST['change_copy'])) {
$_error = false;
if (isset($create_user_real)) {
if (!$GLOBALS['dbi']->tryQuery($create_user_real)) {
$_error = true;
}
$sql_query = $create_user_show . $sql_query;
}
list($sql_query, $message) = PMA_addUserAndCreateDatabase($_error, $real_sql_query, $sql_query, $username, $hostname, isset($dbname) ? $dbname : null);
if (!empty($_REQUEST['userGroup']) && $is_menuwork) {
PMA_setUserGroup($GLOBALS['username'], $_REQUEST['userGroup']);
}
} else {
if (isset($create_user_real)) {
$queries[] = $create_user_real;
}
$queries[] = $real_sql_query;
// we put the query containing the hidden password in
// $queries_for_display, at the same position occupied
// by the real query in $queries
$tmp_count = count($queries);
if (isset($create_user_real)) {
$queries_for_display[$tmp_count - 2] = $create_user_show;
}
$queries_for_display[$tmp_count - 1] = $sql_query;
}
unset($real_sql_query);
}
}
return array($message, $queries, $queries_for_display, $sql_query, $_add_user_error);
}
/**
* Test for PMA_getSqlQueriesForDisplayAndAddUser
*
* @return void
*/
public function testPMAGetSqlQueriesForDisplayAndAddUser()
{
$username = "******";
$hostname = "PMA_hostname";
$password = "******";
$dbname = "PMA_db";
list($create_user_real, $create_user_show, $real_sql_query, $sql_query) = PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password);
//validate 1: $create_user_real
$this->assertEquals("CREATE USER 'PMA_username'@'PMA_hostname';", $create_user_real);
//validate 2: $create_user_show
$this->assertEquals("CREATE USER 'PMA_username'@'PMA_hostname';", $create_user_show);
//validate 3:$real_sql_query
$this->assertEquals("GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;", $real_sql_query);
//validate 4:$sql_query
$this->assertEquals("GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;", $sql_query);
//test for PMA_addUserAndCreateDatabase
list($sql_query, $message) = PMA_addUserAndCreateDatabase(false, $real_sql_query, $sql_query, $username, $hostname, $dbname);
//validate 5: $sql_query
$this->assertEquals("GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;", $sql_query);
//validate 6: $message
$this->assertEquals("You have added a new user.", $message->getMessage());
}
/**
* Test for PMA_getSqlQueriesForDisplayAndAddUser
*
* @return void
*/
public function testPMAGetSqlQueriesForDisplayAndAddUser()
{
$restoreMySQLVersion = "PMANORESTORE";
if (! PMA_HAS_RUNKIT) {
$this->markTestSkipped(
'Cannot redefine constant. Missing runkit extension'
);
} else {
$restoreMySQLVersion = PMA_MYSQL_INT_VERSION;
runkit_constant_redefine('PMA_MYSQL_INT_VERSION', 50706);
}
$username = "******";
$hostname = "PMA_hostname";
$password = "******";
$_POST['pred_password'] = '******';
$_REQUEST['authentication_plugin'] = 'mysql_native_password';
$dbname = "PMA_db";
list($create_user_real, $create_user_show, $real_sql_query, $sql_query)
= PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password);
//validate 1: $create_user_real
$this->assertEquals(
"CREATE USER 'PMA_username'@'PMA_hostname' IDENTIFIED "
. "WITH mysql_native_password AS 'pma_password';",
$create_user_real
);
//validate 2: $create_user_show
$this->assertEquals(
"CREATE USER 'PMA_username'@'PMA_hostname' IDENTIFIED "
. "WITH mysql_native_password AS '***';",
$create_user_show
);
//validate 3:$real_sql_query
$this->assertEquals(
"GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;",
$real_sql_query
);
//validate 4:$sql_query
$this->assertEquals(
"GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;",
$sql_query
);
//test for PMA_addUserAndCreateDatabase
list($sql_query, $message) = PMA_addUserAndCreateDatabase(
false, $real_sql_query, $sql_query, $username, $hostname, $dbname
);
//validate 5: $sql_query
$this->assertEquals(
"GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;",
$sql_query
);
//validate 6: $message
$this->assertEquals(
"You have added a new user.",
$message->getMessage()
);
if ($restoreMySQLVersion !== "PMANORESTORE") {
runkit_constant_redefine('PMA_MYSQL_INT_VERSION', $restoreMySQLVersion);
}
}
$hostname = '';
break;
case 'thishost':
$_user_name = PMA_DBI_fetch_value('SELECT USER()');
$hostname = substr($_user_name, strrpos($_user_name, '@') + 1);
unset($_user_name);
break;
}
$sql = "SELECT '1' FROM `mysql`.`user`" . " WHERE `User` = '" . PMA_Util::sqlAddSlashes($username) . "'" . " AND `Host` = '" . PMA_Util::sqlAddSlashes($hostname) . "';";
if (PMA_DBI_fetch_value($sql) == 1) {
$message = PMA_Message::error(__('The user %s already exists!'));
$message->addParam('[em]\'' . $username . '\'@\'' . $hostname . '\'[/em]');
$_REQUEST['adduser'] = true;
$_add_user_error = true;
} else {
list($create_user_real, $create_user_show, $real_sql_query, $sql_query) = PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, isset($password) ? $password : '');
if (empty($_REQUEST['change_copy'])) {
$_error = false;
if (isset($create_user_real)) {
if (!PMA_DBI_try_query($create_user_real)) {
$_error = true;
}
$sql_query = $create_user_show . $sql_query;
}
list($sql_query, $message) = PMA_addUserAndCreateDatabase($_error, $real_sql_query, $sql_query, $username, $hostname, isset($dbname) ? $dbname : null);
} else {
if (isset($create_user_real)) {
$queries[] = $create_user_real;
}
$queries[] = $real_sql_query;
// we put the query containing the hidden password in
$_user_name = PMA_DBI_fetch_value('SELECT USER()');
$hostname = substr($_user_name, (strrpos($_user_name, '@') + 1));
unset($_user_name);
break;
}
$sql = "SELECT '1' FROM `mysql`.`user`"
. " WHERE `User` = '" . $common_functions->sqlAddSlashes($username) . "'"
. " AND `Host` = '" . $common_functions->sqlAddSlashes($hostname) . "';";
if (PMA_DBI_fetch_value($sql) == 1) {
$message = PMA_Message::error(__('The user %s already exists!'));
$message->addParam('[i]\'' . $username . '\'@\'' . $hostname . '\'[/i]');
$_REQUEST['adduser'] = true;
$_add_user_error = true;
} else {
list($create_user_real, $create_user_show, $real_sql_query, $sql_query)
= PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password);
if (empty($_REQUEST['change_copy'])) {
$_error = false;
if (isset($create_user_real)) {
if (! PMA_DBI_try_query($create_user_real)) {
$_error = true;
}
$sql_query = $create_user_show . $sql_query;
}
list($sql_query, $message) = PMA_addUserAndCreateDatabase(
$_error, $real_sql_query, $sql_query, $username, $hostname
);
} else {
$hostname = substr($_user_name, (strrpos($_user_name, '@') + 1));
unset($_user_name);
break;
}
$sql = "SELECT '1' FROM `mysql`.`user`"
. " WHERE `User` = '" . PMA_Util::sqlAddSlashes($username) . "'"
. " AND `Host` = '" . PMA_Util::sqlAddSlashes($hostname) . "';";
if (PMA_DBI_fetch_value($sql) == 1) {
$message = PMA_Message::error(__('The user %s already exists!'));
$message->addParam('[em]\'' . $username . '\'@\'' . $hostname . '\'[/em]');
$_REQUEST['adduser'] = true;
$_add_user_error = true;
} else {
list($create_user_real, $create_user_show, $real_sql_query, $sql_query)
= PMA_getSqlQueriesForDisplayAndAddUser(
$username, $hostname, (isset ($password) ? $password : '')
);
if (empty($_REQUEST['change_copy'])) {
$_error = false;
if (isset($create_user_real)) {
if (! PMA_DBI_try_query($create_user_real)) {
$_error = true;
}
$sql_query = $create_user_show . $sql_query;
}
list($sql_query, $message) = PMA_addUserAndCreateDatabase(
$_error, $real_sql_query, $sql_query, $username, $hostname
);
