/**
* Test for PMA_getWithClauseForAddUserAndUpdatePrivs
*
* @return void
*/
public function testPMAGetWithClauseForAddUserAndUpdatePrivs()
{
$_POST['Grant_priv'] = 'Y';
$_POST['max_questions'] = 10;
$_POST['max_connections'] = 20;
$_POST['max_updates'] = 30;
$_POST['max_user_connections'] = 40;
$sql_query = PMA_getWithClauseForAddUserAndUpdatePrivs();
$expect = "WITH GRANT OPTION MAX_QUERIES_PER_HOUR 10 " . "MAX_CONNECTIONS_PER_HOUR 20" . " MAX_UPDATES_PER_HOUR 30 MAX_USER_CONNECTIONS 40";
$this->assertContains($expect, $sql_query);
}
/**
* Get SQL queries for Display and Add user
*
* @param string $username username
* @param string $hostname host name
* @param string $password password
*
* @return array ($create_user_real, $create_user_show,$real_sql_query, $sql_query)
*/
function PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password)
{
$create_user_real = 'CREATE USER \'' . PMA_Util::sqlAddSlashes($username) . '\'@\'' . PMA_Util::sqlAddSlashes($hostname) . '\'';
$real_sql_query = 'GRANT ' . join(', ', PMA_extractPrivInfo()) . ' ON *.* TO \'' . PMA_Util::sqlAddSlashes($username) . '\'@\'' . PMA_Util::sqlAddSlashes($hostname) . '\'';
if ($_POST['pred_password'] != 'none' && $_POST['pred_password'] != 'keep') {
$sql_query = $real_sql_query;
// Requires SELECT privilege on mysql database
// for using this with GRANT queries. It can be skipped.
if ($GLOBALS['is_superuser']) {
$sql_query .= ' IDENTIFIED BY \'***\'';
$real_sql_query .= ' IDENTIFIED BY \'' . PMA_Util::sqlAddSlashes($_POST['pma_pw']) . '\'';
}
if (isset($create_user_real)) {
$create_user_show = $create_user_real . ' IDENTIFIED BY \'***\'';
$create_user_real .= ' IDENTIFIED BY \'' . PMA_Util::sqlAddSlashes($_POST['pma_pw']) . '\'';
}
} else {
if ($_POST['pred_password'] == 'keep' && !empty($password)) {
$real_sql_query .= ' IDENTIFIED BY PASSWORD \'' . $password . '\'';
if (isset($create_user_real)) {
$create_user_real .= ' IDENTIFIED BY PASSWORD \'' . $password . '\'';
}
}
$sql_query = $real_sql_query;
if (isset($create_user_real)) {
$create_user_show = $create_user_real;
}
}
// add REQUIRE clause
$require_clause = PMA_getRequireClause();
$real_sql_query .= $require_clause;
$sql_query .= $require_clause;
if (isset($_POST['Grant_priv']) && $_POST['Grant_priv'] == 'Y' || (isset($_POST['max_questions']) || isset($_POST['max_connections']) || isset($_POST['max_updates']) || isset($_POST['max_user_connections']))) {
$with_clause = PMA_getWithClauseForAddUserAndUpdatePrivs();
$real_sql_query .= $with_clause;
$sql_query .= $with_clause;
}
if (isset($create_user_real)) {
$create_user_real .= ';';
$create_user_show .= ';';
}
$real_sql_query .= ';';
$sql_query .= ';';
// No Global GRANT_OPTION privilege
if (!$GLOBALS['is_grantuser']) {
$real_sql_query = '';
$sql_query = '';
}
return array($create_user_real, $create_user_show, $real_sql_query, $sql_query);
}
/**
* Get SQL queries for Display and Add user
*
* @param string $username usernam
* @param string $hostname host name
* @param string $password password
*
* @return array ($create_user_real, $create_user_show,$real_sql_query, $sql_query)
*/
function PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password)
{
$sql_query = '';
$create_user_real = 'CREATE USER \'' . PMA_Util::sqlAddSlashes($username) . '\'@\'' . PMA_Util::sqlAddSlashes($hostname) . '\'';
$real_sql_query = 'GRANT ' . join(', ', PMA_extractPrivInfo()) . ' ON *.* TO \'' . PMA_Util::sqlAddSlashes($username) . '\'@\'' . PMA_Util::sqlAddSlashes($hostname) . '\'';
if ($_POST['pred_password'] != 'none' && $_POST['pred_password'] != 'keep') {
$sql_query = $real_sql_query . ' IDENTIFIED BY \'***\'';
$real_sql_query .= ' IDENTIFIED BY \'' . PMA_Util::sqlAddSlashes($_POST['pma_pw']) . '\'';
if (isset($create_user_real)) {
$create_user_show = $create_user_real . ' IDENTIFIED BY \'***\'';
$create_user_real .= ' IDENTIFIED BY \'' . PMA_Util::sqlAddSlashes($_POST['pma_pw']) . '\'';
}
} else {
if ($_POST['pred_password'] == 'keep' && !empty($password)) {
$real_sql_query .= ' IDENTIFIED BY PASSWORD \'' . $password . '\'';
if (isset($create_user_real)) {
$create_user_real .= ' IDENTIFIED BY PASSWORD \'' . $password . '\'';
}
}
$sql_query = $real_sql_query;
if (isset($create_user_real)) {
$create_user_show = $create_user_real;
}
}
if (isset($_POST['Grant_priv']) && $_POST['Grant_priv'] == 'Y' || (isset($_POST['max_questions']) || isset($_POST['max_connections']) || isset($_POST['max_updates']) || isset($_POST['max_user_connections']))) {
$with_clause = PMA_getWithClauseForAddUserAndUpdatePrivs();
$real_sql_query .= ' ' . $with_clause;
$sql_query .= ' ' . $with_clause;
}
if (isset($create_user_real)) {
$create_user_real .= ';';
$create_user_show .= ';';
}
$real_sql_query .= ';';
$sql_query .= ';';
return array($create_user_real, $create_user_show, $real_sql_query, $sql_query);
}
/**
* Get SQL queries for Display and Add user
*
* @param string $username username
* @param string $hostname host name
* @param string $password password
*
* @return array ($create_user_real, $create_user_show,$real_sql_query, $sql_query
* $password_set_real, $password_set_show)
*/
function PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password)
{
$slashedUsername = PMA_Util::sqlAddSlashes($username);
$slashedHostname = PMA_Util::sqlAddSlashes($hostname);
$slashedPassword = PMA_Util::sqlAddSlashes($password);
$create_user_stmt = sprintf('CREATE USER \'%s\'@\'%s\'', $slashedUsername, $slashedHostname);
if (PMA_MYSQL_INT_VERSION >= 50507 && isset($_REQUEST['authentication_plugin'])) {
$create_user_stmt .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'];
}
if (PMA_MYSQL_INT_VERSION >= 50707 && strpos($create_user_stmt, '%') !== false) {
$create_user_stmt = str_replace('%', '%%', $create_user_stmt);
}
$create_user_real = $create_user_show = $create_user_stmt;
$password_set_stmt = 'SET PASSWORD FOR \'%s\'@\'%s\' = PASSWORD(\'%s\')';
$password_set_show = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, '***');
$sql_query_stmt = sprintf('GRANT %s ON *.* TO \'%s\'@\'%s\'', join(', ', PMA_extractPrivInfo()), $slashedUsername, $slashedHostname);
$real_sql_query = $sql_query = $sql_query_stmt;
if (PMA_MYSQL_INT_VERSION < 50707) {
if ($_POST['pred_password'] == 'keep') {
$password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, $slashedPassword);
} else {
if ($_POST['pred_password'] == 'none') {
$password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, null);
} else {
$password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, $_POST['pma_pw']);
}
}
} else {
$password_set_real = null;
$create_user_stmt .= ' BY \'%s\'';
if ($_POST['pred_password'] == 'keep') {
$create_user_real = sprintf($create_user_stmt, $password);
$create_user_show = sprintf($create_user_stmt, '***');
} else {
if ($_POST['pred_password'] == 'none') {
$create_user_real = sprintf($create_user_stmt, null);
$create_user_show = sprintf($create_user_stmt, '***');
} else {
$create_user_real = sprintf($create_user_stmt, $_POST['pma_pw']);
$create_user_show = sprintf($create_user_stmt, '***');
}
}
}
// add REQUIRE clause
$require_clause = PMA_getRequireClause();
$real_sql_query .= $require_clause;
$sql_query .= $require_clause;
if (isset($_POST['Grant_priv']) && $_POST['Grant_priv'] == 'Y' || (isset($_POST['max_questions']) || isset($_POST['max_connections']) || isset($_POST['max_updates']) || isset($_POST['max_user_connections']))) {
$with_clause = PMA_getWithClauseForAddUserAndUpdatePrivs();
$real_sql_query .= $with_clause;
$sql_query .= $with_clause;
}
if (isset($create_user_real)) {
$create_user_real .= ';';
$create_user_show .= ';';
}
$real_sql_query .= ';';
$sql_query .= ';';
// No Global GRANT_OPTION privilege
if (!$GLOBALS['is_grantuser']) {
$real_sql_query = '';
$sql_query = '';
}
if (PMA_Util::getServerType() == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50700) {
$password_set_real = null;
$password_set_show = null;
} else {
$password_set_real .= ";";
$password_set_show .= ";";
}
return array($create_user_real, $create_user_show, $real_sql_query, $sql_query, $password_set_real, $password_set_show);
}
/**
* Get SQL queries for Display and Add user
*
* @param string $username username
* @param string $hostname host name
* @param string $password password
*
* @return array ($create_user_real, $create_user_show,$real_sql_query, $sql_query
* $password_set_real, $password_set_show)
*/
function PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password)
{
$slashedUsername = Util::sqlAddSlashes($username);
$slashedHostname = Util::sqlAddSlashes($hostname);
$slashedPassword = Util::sqlAddSlashes($password);
$serverType = Util::getServerType();
$create_user_stmt = sprintf('CREATE USER \'%s\'@\'%s\'', $slashedUsername, $slashedHostname);
// See https://github.com/phpmyadmin/phpmyadmin/pull/11560#issuecomment-147158219
// for details regarding details of syntax usage for various versions
// 'IDENTIFIED WITH auth_plugin'
// is supported by MySQL 5.5.7+
if (($serverType == 'MySQL' || $serverType == 'Percona Server') && PMA_MYSQL_INT_VERSION >= 50507 && isset($_REQUEST['authentication_plugin'])) {
$create_user_stmt .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'];
}
// 'IDENTIFIED VIA auth_plugin'
// is supported by MariaDB 5.2+
if ($serverType == 'MariaDB' && PMA_MYSQL_INT_VERSION >= 50200 && isset($_REQUEST['authentication_plugin'])) {
$create_user_stmt .= ' IDENTIFIED VIA ' . $_REQUEST['authentication_plugin'];
}
$create_user_real = $create_user_show = $create_user_stmt;
$password_set_stmt = 'SET PASSWORD FOR \'%s\'@\'%s\' = \'%s\'';
$password_set_show = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, '***');
$sql_query_stmt = sprintf('GRANT %s ON *.* TO \'%s\'@\'%s\'', join(', ', PMA_extractPrivInfo()), $slashedUsername, $slashedHostname);
$real_sql_query = $sql_query = $sql_query_stmt;
// Set the proper hashing method
if (isset($_REQUEST['authentication_plugin'])) {
PMA_setProperPasswordHashing($_REQUEST['authentication_plugin']);
}
// Use 'CREATE USER ... WITH ... AS ..' syntax for
// newer MySQL versions
// and 'CREATE USER ... USING .. VIA ..' syntax for
// newer MariaDB versions
if (($serverType == 'MySQL' || $serverType == 'Percona Server') && PMA_MYSQL_INT_VERSION >= 50706 || $serverType == 'MariaDB' && PMA_MYSQL_INT_VERSION >= 50200) {
$password_set_real = null;
// Required for binding '%' with '%s'
$create_user_stmt = str_replace('%', '%%', $create_user_stmt);
// MariaDB uses 'USING' whereas MySQL uses 'AS'
if ($serverType == 'MariaDB') {
$create_user_stmt .= ' USING \'%s\'';
} else {
$create_user_stmt .= ' AS \'%s\'';
}
if ($_POST['pred_password'] == 'keep') {
$create_user_real = sprintf($create_user_stmt, $slashedPassword);
$create_user_show = sprintf($create_user_stmt, '***');
} else {
if ($_POST['pred_password'] == 'none') {
$create_user_real = sprintf($create_user_stmt, null);
$create_user_show = sprintf($create_user_stmt, '***');
} else {
$hashedPassword = PMA_getHashedPassword($_POST['pma_pw']);
$create_user_real = sprintf($create_user_stmt, $hashedPassword);
$create_user_show = sprintf($create_user_stmt, '***');
}
}
} else {
// Use 'SET PASSWORD' syntax for pre-5.7.6 MySQL versions
// and pre-5.2.0 MariaDB versions
if ($_POST['pred_password'] == 'keep') {
$password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, $slashedPassword);
} else {
if ($_POST['pred_password'] == 'none') {
$password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, null);
} else {
$hashedPassword = PMA_getHashedPassword($_POST['pma_pw']);
$password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, $hashedPassword);
}
}
}
// add REQUIRE clause
$require_clause = PMA_getRequireClause();
$real_sql_query .= $require_clause;
$sql_query .= $require_clause;
if (isset($_POST['Grant_priv']) && $_POST['Grant_priv'] == 'Y' || (isset($_POST['max_questions']) || isset($_POST['max_connections']) || isset($_POST['max_updates']) || isset($_POST['max_user_connections']))) {
$with_clause = PMA_getWithClauseForAddUserAndUpdatePrivs();
$real_sql_query .= $with_clause;
$sql_query .= $with_clause;
}
if (isset($create_user_real)) {
$create_user_real .= ';';
$create_user_show .= ';';
}
$real_sql_query .= ';';
$sql_query .= ';';
// No Global GRANT_OPTION privilege
if (!$GLOBALS['is_grantuser']) {
$real_sql_query = '';
$sql_query = '';
}
// Use 'SET PASSWORD' for pre-5.7.6 MySQL versions
// and pre-5.2.0 MariaDB
if ($serverType == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50706 || $serverType == 'MariaDB' && PMA_MYSQL_INT_VERSION >= 50200) {
$password_set_real = null;
$password_set_show = null;
} else {
$password_set_real .= ";";
$password_set_show .= ";";
}
return array($create_user_real, $create_user_show, $real_sql_query, $sql_query, $password_set_real, $password_set_show);
}
/**
* Get SQL queries for Display and Add user
*
* @param string $username username
* @param string $hostname host name
* @param string $password password
*
* @return array ($create_user_real, $create_user_show,$real_sql_query, $sql_query
* $password_set_real, $password_set_show)
*/
function PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password)
{
$slashedUsername = PMA_Util::sqlAddSlashes($username);
$slashedHostname = PMA_Util::sqlAddSlashes($hostname);
// '%' character causes binding problems with sprintf
// and therefore has to be escaped using an extra '%'
$escapedHostname = $hostname;
$escapedUsername = $username;
if (strpos($hostname, '%') !== false) {
$escapedHostname = str_replace('%', '%%', $hostname);
}
if (strpos($username, '%') !== false) {
$escapedUsername = str_replace('%', '%%', $username);
}
$slashedEscapedUsername = PMA_Util::sqlAddSlashes($escapedUsername);
$slashedEscapedHostname = PMA_Util::sqlAddSlashes($escapedHostname);
$create_user_stmt = sprintf('CREATE USER \'%s\'@\'%s\'', $slashedEscapedUsername, $slashedEscapedHostname);
$create_user_real = $create_user_show = $create_user_stmt;
$password_set_stmt = 'SET PASSWORD FOR \'%s\'@\'%s\' = PASSWORD(\'%s\')';
$password_set_show = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, '***');
$password_set_real = null;
$sql_query_stmt = sprintf('GRANT %s ON *.* TO \'%s\'@\'%s\'', join(', ', PMA_extractPrivInfo()), $slashedUsername, $slashedHostname);
$real_sql_query = $sql_query = $sql_query_stmt;
//@todo Following blocks should be delegated to another function and factorized.
//There are too much duplication here.
if ($_POST['pred_password'] != 'none' && $_POST['pred_password'] != 'keep') {
$slashedPassword = PMA_Util::sqlAddSlashes($_POST['pma_pw']);
if (isset($_REQUEST['authentication_plugin']) && $_REQUEST['authentication_plugin']) {
if (PMA_MYSQL_INT_VERSION >= 50700) {
$create_user_stmt .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'] . ' BY \'%s\'';
$create_user_show = sprintf($create_user_stmt, '***');
$create_user_real = sprintf($create_user_stmt, $slashedPassword);
} else {
$create_user_stmt .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'];
$create_user_show = $create_user_real = $create_user_stmt;
}
} else {
$sql_query_stmt .= ' IDENTIFIED BY \'%s\' ';
$sql_query = sprintf($sql_query_stmt, '***');
$real_sql_query = sprintf($sql_query_stmt, $slashedPassword);
}
$password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, $slashedPassword);
} else {
$slashedPassword = PMA_Util::sqlAddSlashes($password);
if ($_POST['pred_password'] == 'keep' && !empty($password)) {
if (isset($_REQUEST['authentication_plugin']) && $_REQUEST['authentication_plugin']) {
if (PMA_MYSQL_INT_VERSION >= 50700) {
$create_user_stmt .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'] . ' BY \'%s\'';
$create_user_show = sprintf($create_user_stmt, '***');
$create_user_real = sprintf($create_user_stmt, $slashedPassword);
} else {
$create_user_stmt .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'];
$create_user_show = $create_user_real = $create_user_stmt;
}
$password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, $slashedPassword);
} else {
$sql_query_stmt .= ' IDENTIFIED BY \'%s\' ';
$sql_query = sprintf($sql_query_stmt, '***');
$real_sql_query = sprintf($sql_query_stmt, $slashedPassword);
$password_set_real = null;
}
} elseif ($_POST['pred_password'] == 'keep' && empty($password)) {
if (isset($_REQUEST['authentication_plugin']) && $_REQUEST['authentication_plugin']) {
if (PMA_MYSQL_INT_VERSION >= 50700) {
$create_user_stmt .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'] . ' BY \'%s\'';
$create_user_show = sprintf($create_user_stmt, '***');
$create_user_real = sprintf($create_user_stmt, null);
} else {
$create_user_stmt .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'];
$create_user_show = $create_user_real = $create_user_stmt;
}
$password_set_real = sprintf($password_set_stmt, $slashedUsername, $slashedHostname, null);
} else {
$sql_query_stmt .= ' IDENTIFIED BY \'%s\' ';
$sql_query = sprintf($sql_query_stmt, '***');
$real_sql_query = sprintf($sql_query_stmt, null);
$password_set_real = null;
}
}
}
// add REQUIRE clause
$require_clause = PMA_getRequireClause();
$real_sql_query .= $require_clause;
$sql_query .= $require_clause;
if (isset($_POST['Grant_priv']) && $_POST['Grant_priv'] == 'Y' || (isset($_POST['max_questions']) || isset($_POST['max_connections']) || isset($_POST['max_updates']) || isset($_POST['max_user_connections']))) {
$with_clause = PMA_getWithClauseForAddUserAndUpdatePrivs();
$real_sql_query .= $with_clause;
$sql_query .= $with_clause;
}
if (isset($create_user_real)) {
$create_user_real .= ';';
$create_user_show .= ';';
}
$real_sql_query .= ';';
$sql_query .= ';';
// No Global GRANT_OPTION privilege
if (!$GLOBALS['is_grantuser']) {
$real_sql_query = '';
$sql_query = '';
}
if (PMA_Util::getServerType() == 'MySQL' && PMA_MYSQL_INT_VERSION >= 50700) {
$password_set_real = null;
$password_set_show = null;
} else {
$password_set_real .= ";";
$password_set_show .= ";";
}
return array($create_user_real, $create_user_show, $real_sql_query, $sql_query, $password_set_real, $password_set_show);
}
/**
* Get SQL queries for Display and Add user
*
* @param string $username username
* @param string $hostname host name
* @param string $password password
*
* @return array ($create_user_real, $create_user_show,$real_sql_query, $sql_query
* $password_set_real, $password_set_show)
*/
function PMA_getSqlQueriesForDisplayAndAddUser($username, $hostname, $password)
{
$create_user_real = 'CREATE USER \'' . PMA_Util::sqlAddSlashes($username) . '\'@\'' . PMA_Util::sqlAddSlashes($hostname) . '\'';
$password_set_real = 'SET PASSWORD FOR \'' . PMA_Util::sqlAddSlashes($username) . '\'@\'' . PMA_Util::sqlAddSlashes($hostname) . '\' = ' . ' PASSWORD(\'';
$real_sql_query = 'GRANT ' . join(', ', PMA_extractPrivInfo()) . ' ON *.* TO \'' . PMA_Util::sqlAddSlashes($username) . '\'@\'' . PMA_Util::sqlAddSlashes($hostname) . '\'';
$create_user_show = $create_user_real;
$password_set_show = $password_set_real . '***\')';
$sql_query = $real_sql_query;
if ($_POST['pred_password'] != 'none' && $_POST['pred_password'] != 'keep') {
if (isset($create_user_real)) {
if (isset($_REQUEST['authentication_plugin']) && $_REQUEST['authentication_plugin']) {
if (PMA_MYSQL_INT_VERSION >= 50700) {
$create_user_show .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'] . ' BY \'***\'';
$create_user_real .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'] . ' BY \'' . PMA_Util::sqlAddSlashes($_POST['pma_pw']) . '\' ';
} else {
$create_user_show .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'];
$create_user_real .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'];
$password_set_real .= '\'' . PMA_Util::sqlAddSlashes($_POST['pma_pw']) . '\');';
}
} else {
$sql_query .= ' IDENTIFIED BY \'***\'';
$real_sql_query .= ' IDENTIFIED BY \'' . PMA_Util::sqlAddSlashes($_POST['pma_pw']) . '\' ';
$password_set_real .= '\'' . PMA_Util::sqlAddSlashes($_POST['pma_pw']) . '\');';
}
}
} else {
if ($_POST['pred_password'] == 'keep' && !empty($password)) {
if (isset($_REQUEST['authentication_plugin']) && $_REQUEST['authentication_plugin']) {
if (PMA_MYSQL_INT_VERSION >= 50700) {
$create_user_show .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'] . ' BY \'***\'';
$create_user_real .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'] . ' BY \'' . PMA_Util::sqlAddSlashes($_POST['pma_pw']) . '\' ';
} else {
$create_user_show .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'];
$create_user_real .= ' IDENTIFIED WITH ' . $_REQUEST['authentication_plugin'];
$password_set_real .= '\'' . PMA_Util::sqlAddSlashes($_POST['pma_pw']) . '\');';
}
} else {
$sql_query .= ' IDENTIFIED BY \'***\'';
$real_sql_query .= ' IDENTIFIED BY \'' . PMA_Util::sqlAddSlashes($password) . '\' ';
$password_set_real .= '\'' . PMA_Util::sqlAddSlashes($password) . '\');';
}
}
}
// add REQUIRE clause
$require_clause = PMA_getRequireClause();
$real_sql_query .= $require_clause;
$sql_query .= $require_clause;
if (isset($_POST['Grant_priv']) && $_POST['Grant_priv'] == 'Y' || (isset($_POST['max_questions']) || isset($_POST['max_connections']) || isset($_POST['max_updates']) || isset($_POST['max_user_connections']))) {
$with_clause = PMA_getWithClauseForAddUserAndUpdatePrivs();
$real_sql_query .= $with_clause;
$sql_query .= $with_clause;
}
if (isset($create_user_real)) {
$create_user_real .= ';';
$create_user_show .= ';';
}
$real_sql_query .= ';';
$sql_query .= ';';
// No Global GRANT_OPTION privilege
if (!$GLOBALS['is_grantuser']) {
$real_sql_query = '';
$sql_query = '';
}
if (PMA_MYSQL_INT_VERSION >= 50700) {
$password_set_real = null;
$password_set_show = null;
} else {
$password_set_real .= ";";
$password_set_show .= ";";
}
return array($create_user_real, $create_user_show, $real_sql_query, $sql_query, $password_set_real, $password_set_show);
}