/** * Test for PMA_getHtmlForChangePassword * * @return void */ public function testPMAGetHtmlForChangePassword() { $username = "******"; $hostname = "pma_hostname"; //Call the test function $html = PMA_getHtmlForChangePassword($username, $hostname); //PMA_PHP_SELF $this->assertContains( $GLOBALS['PMA_PHP_SELF'], $html ); //PMA_URL_getHiddenInputs $this->assertContains( PMA_URL_getHiddenInputs(), $html ); //$username & $hostname $this->assertContains( htmlspecialchars($username), $html ); $this->assertContains( htmlspecialchars($hostname), $html ); //labels $this->assertContains( __('Change password'), $html ); $this->assertContains( __('No Password'), $html ); $this->assertContains( __('Password:'******'Password:'******'Password Hashing:'), $html ); }
/** * Get HTML snippet for display user properties * * @param boolean $dbname_is_wildcard whether database name is wildcard or not * @param string $url_dbname url database name that urlencode() string * @param string $username username * @param string $hostname host name * @param string $dbname database name * @param string $tablename table name * * @return string $html_output */ function PMA_getHtmlForUserProperties($dbname_is_wildcard, $url_dbname, $username, $hostname, $dbname, $tablename) { $html_output = '<div id="edit_user_dialog">'; $html_output .= PMA_getHtmlHeaderForUserProperties($dbname_is_wildcard, $url_dbname, $dbname, $username, $hostname, $tablename); $sql = "SELECT '1' FROM `mysql`.`user`" . " WHERE `User` = '" . PMA_Util::sqlAddSlashes($username) . "'" . " AND `Host` = '" . PMA_Util::sqlAddSlashes($hostname) . "';"; $user_does_not_exists = (bool) (!$GLOBALS['dbi']->fetchValue($sql)); if ($user_does_not_exists) { $html_output .= PMA_Message::error(__('The selected user was not found in the privilege table.'))->getDisplay(); $html_output .= PMA_getHtmlForLoginInformationFields(); //exit; } $_params = array('username' => $username, 'hostname' => $hostname); if (!is_array($dbname) && mb_strlen($dbname)) { $_params['dbname'] = $dbname; if (mb_strlen($tablename)) { $_params['tablename'] = $tablename; } } else { $_params['dbname'] = $dbname; } $html_output .= '<form class="submenu-item" name="usersForm" ' . 'id="addUsersForm" action="server_privileges.php" method="post">' . "\n"; $html_output .= PMA_URL_getHiddenInputs($_params); $html_output .= PMA_getHtmlToDisplayPrivilegesTable(PMA_ifSetOr($dbname, is_array($dbname) ? $dbname[0] : '*', 'length'), PMA_ifSetOr($tablename, '*', 'length')); $html_output .= '</form>' . "\n"; if (!is_array($dbname) && !mb_strlen($tablename) && empty($dbname_is_wildcard)) { // no table name was given, display all table specific rights // but only if $dbname contains no wildcards $html_output .= '<form class="submenu-item" action="server_privileges.php" ' . 'id="db_or_table_specific_priv" method="post">' . "\n"; // unescape wildcards in dbname at table level $unescaped_db = PMA_Util::unescapeMysqlWildcards($dbname); list($html_rightsTable, $found_rows) = PMA_getHtmlForAllTableSpecificRights($username, $hostname, $unescaped_db); $html_output .= $html_rightsTable; if (!mb_strlen($dbname)) { // no database name was given, display select db $html_output .= PMA_getHtmlForSelectDbInEditPrivs($found_rows); } else { $html_output .= PMA_displayTablesInEditPrivs($dbname, $found_rows); } $html_output .= '</fieldset>' . "\n"; $html_output .= '<fieldset class="tblFooters">' . "\n" . ' <input type="submit" value="' . __('Go') . '" />' . '</fieldset>' . "\n" . '</form>' . "\n"; } // Provide a line with links to the relevant database and table if (!is_array($dbname) && mb_strlen($dbname) && empty($dbname_is_wildcard)) { $html_output .= PMA_getLinkToDbAndTable($url_dbname, $dbname, $tablename); } if (!is_array($dbname) && !mb_strlen($dbname) && !$user_does_not_exists) { //change login information $html_output .= PMA_getHtmlForChangePassword($username, $hostname); $html_output .= PMA_getChangeLoginInformationHtmlForm($username, $hostname); } $html_output .= '</div>'; return $html_output; }
/** * Get HTML snippet for display user properties * * @param boolean $dbname_is_wildcard whether database name is wildcard or not * @param type $url_dbname url database name that urlencode() string * @param string $username username * @param string $hostname host name * @param string $link_edit standard link to edit privileges * @param string $link_revoke standard link to revoke * @param string $dbname database name * @param string $tablename table name * * @return string $html_output */ function PMA_getHtmlForDisplayUserProperties($dbname_is_wildcard, $url_dbname, $username, $hostname, $link_edit, $link_revoke, $dbname, $tablename) { $html_output = PMA_getHtmlHeaderForDisplayUserProperties($dbname_is_wildcard, $url_dbname, $dbname, $username, $hostname, $tablename); $sql = "SELECT '1' FROM `mysql`.`user`" . " WHERE `User` = '" . PMA_Util::sqlAddSlashes($username) . "'" . " AND `Host` = '" . PMA_Util::sqlAddSlashes($hostname) . "';"; $user_does_not_exists = (bool) (!PMA_DBI_fetch_value($sql)); if ($user_does_not_exists) { $html_output .= PMA_Message::error(__('The selected user was not found in the privilege table.'))->getDisplay(); $html_output .= PMA_getHtmlForDisplayLoginInformationFields(); //exit; } $class = ' class="ajax"'; $html_output .= '<form' . $class . ' name="usersForm" id="addUsersForm"' . ' action="server_privileges.php" method="post">' . "\n"; $_params = array('username' => $username, 'hostname' => $hostname); if (strlen($dbname)) { $_params['dbname'] = $dbname; if (strlen($tablename)) { $_params['tablename'] = $tablename; } } $html_output .= PMA_generate_common_hidden_inputs($_params); $html_output .= PMA_getHtmlToDisplayPrivilegesTable(PMA_ifSetOr($dbname, '*', 'length'), PMA_ifSetOr($tablename, '*', 'length')); $html_output .= '</form>' . "\n"; if (!strlen($tablename) && empty($dbname_is_wildcard)) { // no table name was given, display all table specific rights // but only if $dbname contains no wildcards $html_output .= '<form action="server_privileges.php" ' . 'id="db_or_table_specific_priv" method="post">' . "\n"; list($html_rightsTable, $found_rows) = PMA_getTableForDisplayAllTableSpecificRights($username, $hostname, $link_edit, $link_revoke, $dbname); $html_output .= $html_rightsTable; if (!strlen($dbname)) { // no database name was given, display select db $html_output .= PMA_getHtmlForDisplaySelectDbInEditPrivs($found_rows); } else { $html_output .= PMA_displayTablesInEditPrivs($dbname, $found_rows); } $html_output .= '</fieldset>' . "\n"; $html_output .= '<fieldset class="tblFooters">' . "\n" . ' <input type="submit" value="' . __('Go') . '" />' . '</fieldset>' . "\n" . '</form>' . "\n"; } // Provide a line with links to the relevant database and table if (strlen($dbname) && empty($dbname_is_wildcard)) { $html_output .= PMA_getLinkToDbAndTable($url_dbname, $dbname, $tablename); } if (!strlen($dbname) && !$user_does_not_exists) { //change login information $html_output .= PMA_getHtmlForChangePassword($username, $hostname); $html_output .= PMA_getChangeLoginInformationHtmlForm($username, $hostname); } return $html_output; }
PMA_changePassword($password, $msg, $change_password_message); } else { PMA_getChangePassMessage($change_password_message); } } /** * If the "change password" form hasn't been submitted or the values submitted * aren't valid -> displays the form */ // Displays an error message if required if (isset($msg)) { $msg->display(); unset($msg); } require_once './libraries/display_change_password.lib.php'; echo PMA_getHtmlForChangePassword('change_pw', $username, $hostname); exit; /** * Send the message as an ajax request * * @param array $change_password_message Message to display * @param string $sql_query SQL query executed * * @return void */ function PMA_getChangePassMessage($change_password_message, $sql_query = '') { if ($GLOBALS['is_ajax_request'] == true) { /** * If in an Ajax request, we don't need to show the rest of the page */
PMA_changePassword($password, $msg, $change_password_message); } else { PMA_getChangePassMessage($change_password_message); } } /** * If the "change password" form hasn't been submitted or the values submitted * aren't valid -> displays the form */ // Displays an error message if required if (isset($msg)) { $msg->display(); unset($msg); } require_once './libraries/display_change_password.lib.php'; echo PMA_getHtmlForChangePassword($username, $hostname); exit; /** * Send the message as an ajax request * * @param array $change_password_message Message to display * @param string $sql_query SQL query executed * * @return void */ function PMA_getChangePassMessage($change_password_message, $sql_query = '') { if ($GLOBALS['is_ajax_request'] == true) { /** * If in an Ajax request, we don't need to show the rest of the page */
/** * Get HTML snippet for display user properties * * @param boolean $dbname_is_wildcard whether database name is wildcard or not * @param string $url_dbname url database name that urlencode() string * @param string $username username * @param string $hostname host name * @param string $dbname database name * @param string $tablename table name * * @return string $html_output */ function PMA_getHtmlForUserProperties($dbname_is_wildcard, $url_dbname, $username, $hostname, $dbname, $tablename) { $html_output = '<div id="edit_user_dialog">'; $html_output .= PMA_getHtmlHeaderForUserProperties($dbname_is_wildcard, $url_dbname, $dbname, $username, $hostname, $tablename, 'table'); $sql = "SELECT '1' FROM `mysql`.`user`" . " WHERE `User` = '" . $GLOBALS['dbi']->escapeString($username) . "'" . " AND `Host` = '" . $GLOBALS['dbi']->escapeString($hostname) . "';"; $user_does_not_exists = (bool) (!$GLOBALS['dbi']->fetchValue($sql)); if ($user_does_not_exists) { $html_output .= Message::error(__('The selected user was not found in the privilege table.'))->getDisplay(); $html_output .= PMA_getHtmlForLoginInformationFields(); } $_params = array('username' => $username, 'hostname' => $hostname); if (!is_array($dbname) && strlen($dbname) > 0) { $_params['dbname'] = $dbname; if (strlen($tablename) > 0) { $_params['tablename'] = $tablename; } } else { $_params['dbname'] = $dbname; } $html_output .= '<form class="submenu-item" name="usersForm" ' . 'id="addUsersForm" action="server_privileges.php" method="post">' . "\n"; $html_output .= URL::getHiddenInputs($_params); $html_output .= PMA_getHtmlToDisplayPrivilegesTable(PMA_ifSetOr($dbname, is_array($dbname) ? $dbname[0] : '*', 'length'), PMA_ifSetOr($tablename, '*', 'length')); $html_output .= '</form>' . "\n"; if (!is_array($dbname) && strlen($tablename) === 0 && empty($dbname_is_wildcard)) { // no table name was given, display all table specific rights // but only if $dbname contains no wildcards if (strlen($dbname) === 0) { $html_output .= PMA_getHtmlForAllTableSpecificRights($username, $hostname, 'database'); } else { // unescape wildcards in dbname at table level $unescaped_db = Util::unescapeMysqlWildcards($dbname); $html_output .= PMA_getHtmlForAllTableSpecificRights($username, $hostname, 'table', $unescaped_db); $html_output .= PMA_getHtmlForAllTableSpecificRights($username, $hostname, 'routine', $unescaped_db); } } // Provide a line with links to the relevant database and table if (!is_array($dbname) && strlen($dbname) > 0 && empty($dbname_is_wildcard)) { $html_output .= PMA_getLinkToDbAndTable($url_dbname, $dbname, $tablename); } if (!is_array($dbname) && strlen($dbname) === 0 && !$user_does_not_exists) { //change login information $html_output .= PMA_getHtmlForChangePassword('edit_other', $username, $hostname); $html_output .= PMA_getChangeLoginInformationHtmlForm($username, $hostname); } $html_output .= '</div>'; return $html_output; }