/** * update Data for information: Adds a user * * @param string $dbname db name * @param string $username user name * @param string $hostname host name * @param string $password password * @param bool $is_menuwork is_menuwork set? * * @return array */ function PMA_addUser($dbname, $username, $hostname, $password, $is_menuwork) { $_add_user_error = false; $message = null; $queries = null; $queries_for_display = null; $sql_query = null; if (isset($_REQUEST['adduser_submit']) || isset($_REQUEST['change_copy'])) { $sql_query = ''; if ($_POST['pred_username'] == 'any') { $username = ''; } switch ($_POST['pred_hostname']) { case 'any': $hostname = '%'; break; case 'localhost': $hostname = 'localhost'; break; case 'hosttable': $hostname = ''; break; case 'thishost': $_user_name = $GLOBALS['dbi']->fetchValue('SELECT USER()'); $hostname = mb_substr($_user_name, mb_strrpos($_user_name, '@') + 1); unset($_user_name); break; } $sql = "SELECT '1' FROM `mysql`.`user`" . " WHERE `User` = '" . PMA_Util::sqlAddSlashes($username) . "'" . " AND `Host` = '" . PMA_Util::sqlAddSlashes($hostname) . "';"; if ($GLOBALS['dbi']->fetchValue($sql) == 1) { $message = PMA_Message::error(__('The user %s already exists!')); $message->addParam('[em]\'' . $username . '\'@\'' . $hostname . '\'[/em]'); $_REQUEST['adduser'] = true; $_add_user_error = true; } else { list($create_user_real, $create_user_show, $real_sql_query, $sql_query) = PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, isset($password) ? $password : ''); if (empty($_REQUEST['change_copy'])) { $_error = false; if (isset($create_user_real)) { if (!$GLOBALS['dbi']->tryQuery($create_user_real)) { $_error = true; } $sql_query = $create_user_show . $sql_query; } list($sql_query, $message) = PMA_addUserAndCreateDatabase($_error, $real_sql_query, $sql_query, $username, $hostname, isset($dbname) ? $dbname : null); if (!empty($_REQUEST['userGroup']) && $is_menuwork) { PMA_setUserGroup($GLOBALS['username'], $_REQUEST['userGroup']); } } else { if (isset($create_user_real)) { $queries[] = $create_user_real; } $queries[] = $real_sql_query; // we put the query containing the hidden password in // $queries_for_display, at the same position occupied // by the real query in $queries $tmp_count = count($queries); if (isset($create_user_real)) { $queries_for_display[$tmp_count - 2] = $create_user_show; } $queries_for_display[$tmp_count - 1] = $sql_query; } unset($real_sql_query); } } return array($message, $queries, $queries_for_display, $sql_query, $_add_user_error); }
/** * Test for PMA_getSqlQueriesForDisplayAndAddUser * * @return void */ public function testPMAGetSqlQueriesForDisplayAndAddUser() { $username = "******"; $hostname = "PMA_hostname"; $password = "******"; $_POST['pred_password'] = '******'; $_REQUEST['authentication_plugin'] = 'mysql_native_password'; $dbname = "PMA_db"; list($create_user_real, $create_user_show, $real_sql_query, $sql_query) = PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password); //validate 1: $create_user_real $this->assertEquals("CREATE USER 'PMA_username'@'PMA_hostname' IDENTIFIED " . "WITH mysql_native_password AS 'pma_password';", $create_user_real); //validate 2: $create_user_show $this->assertEquals("CREATE USER 'PMA_username'@'PMA_hostname' IDENTIFIED " . "WITH mysql_native_password AS '***';", $create_user_show); //validate 3:$real_sql_query $this->assertEquals("GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;", $real_sql_query); //validate 4:$sql_query $this->assertEquals("GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;", $sql_query); //test for PMA_addUserAndCreateDatabase list($sql_query, $message) = PMA_addUserAndCreateDatabase(false, $real_sql_query, $sql_query, $username, $hostname, $dbname); //validate 5: $sql_query $this->assertEquals("GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;", $sql_query); //validate 6: $message $this->assertEquals("You have added a new user.", $message->getMessage()); }
/** * Test for PMA_getSqlQueriesForDisplayAndAddUser * * @return void */ public function testPMAGetSqlQueriesForDisplayAndAddUser() { $restoreMySQLVersion = "PMANORESTORE"; if (! PMA_HAS_RUNKIT) { $this->markTestSkipped( 'Cannot redefine constant. Missing runkit extension' ); } else { $restoreMySQLVersion = PMA_MYSQL_INT_VERSION; runkit_constant_redefine('PMA_MYSQL_INT_VERSION', 50706); } $username = "******"; $hostname = "PMA_hostname"; $password = "******"; $_POST['pred_password'] = '******'; $_REQUEST['authentication_plugin'] = 'mysql_native_password'; $dbname = "PMA_db"; list($create_user_real, $create_user_show, $real_sql_query, $sql_query) = PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password); //validate 1: $create_user_real $this->assertEquals( "CREATE USER 'PMA_username'@'PMA_hostname' IDENTIFIED " . "WITH mysql_native_password AS 'pma_password';", $create_user_real ); //validate 2: $create_user_show $this->assertEquals( "CREATE USER 'PMA_username'@'PMA_hostname' IDENTIFIED " . "WITH mysql_native_password AS '***';", $create_user_show ); //validate 3:$real_sql_query $this->assertEquals( "GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;", $real_sql_query ); //validate 4:$sql_query $this->assertEquals( "GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;", $sql_query ); //test for PMA_addUserAndCreateDatabase list($sql_query, $message) = PMA_addUserAndCreateDatabase( false, $real_sql_query, $sql_query, $username, $hostname, $dbname ); //validate 5: $sql_query $this->assertEquals( "GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;", $sql_query ); //validate 6: $message $this->assertEquals( "You have added a new user.", $message->getMessage() ); if ($restoreMySQLVersion !== "PMANORESTORE") { runkit_constant_redefine('PMA_MYSQL_INT_VERSION', $restoreMySQLVersion); } }
/** * Test for PMA_getSqlQueriesForDisplayAndAddUser * * @return void */ public function testPMAGetSqlQueriesForDisplayAndAddUser() { $username = "******"; $hostname = "PMA_hostname"; $password = "******"; $dbname = "PMA_db"; list($create_user_real, $create_user_show, $real_sql_query, $sql_query) = PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password); //validate 1: $create_user_real $this->assertEquals("CREATE USER 'PMA_username'@'PMA_hostname';", $create_user_real); //validate 2: $create_user_show $this->assertEquals("CREATE USER 'PMA_username'@'PMA_hostname';", $create_user_show); //validate 3:$real_sql_query $this->assertEquals("GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;", $real_sql_query); //validate 4:$sql_query $this->assertEquals("GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;", $sql_query); //test for PMA_addUserAndCreateDatabase list($sql_query, $message) = PMA_addUserAndCreateDatabase(false, $real_sql_query, $sql_query, $username, $hostname, $dbname); //validate 5: $sql_query $this->assertEquals("GRANT USAGE ON *.* TO 'PMA_username'@'PMA_hostname' REQUIRE NONE;", $sql_query); //validate 6: $message $this->assertEquals("You have added a new user.", $message->getMessage()); }
if (PMA_DBI_fetch_value($sql) == 1) { $message = PMA_Message::error(__('The user %s already exists!')); $message->addParam('[em]\'' . $username . '\'@\'' . $hostname . '\'[/em]'); $_REQUEST['adduser'] = true; $_add_user_error = true; } else { list($create_user_real, $create_user_show, $real_sql_query, $sql_query) = PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, isset($password) ? $password : ''); if (empty($_REQUEST['change_copy'])) { $_error = false; if (isset($create_user_real)) { if (!PMA_DBI_try_query($create_user_real)) { $_error = true; } $sql_query = $create_user_show . $sql_query; } list($sql_query, $message) = PMA_addUserAndCreateDatabase($_error, $real_sql_query, $sql_query, $username, $hostname, isset($dbname) ? $dbname : null); } else { if (isset($create_user_real)) { $queries[] = $create_user_real; } $queries[] = $real_sql_query; // we put the query containing the hidden password in // $queries_for_display, at the same position occupied // by the real query in $queries $tmp_count = count($queries); if (isset($create_user_real)) { $queries_for_display[$tmp_count - 2] = $create_user_show; } $queries_for_display[$tmp_count - 1] = $sql_query; } unset($res, $real_sql_query);