/** * Displays the privileges form table * * @param string $db the database * @param string $table the table * @param boolean $submit wheather to display the submit button or not * * @global array $cfg the phpMyAdmin configuration * @global ressource $user_link the database connection * * @return void */ function PMA_displayPrivTable($db = '*', $table = '*', $submit = true) { global $random_n; if ($db == '*') { $table = '*'; } if (isset($GLOBALS['username'])) { $username = $GLOBALS['username']; $hostname = $GLOBALS['hostname']; if ($db == '*') { $sql_query = "SELECT * FROM `mysql`.`user`" . " WHERE `User` = '" . PMA_sqlAddSlashes($username) . "'" . " AND `Host` = '" . PMA_sqlAddSlashes($hostname) . "';"; } elseif ($table == '*') { $sql_query = "SELECT * FROM `mysql`.`db`" . " WHERE `User` = '" . PMA_sqlAddSlashes($username) . "'" . " AND `Host` = '" . PMA_sqlAddSlashes($hostname) . "'" . " AND '" . PMA_unescape_mysql_wildcards($db) . "'" . " LIKE `Db`;"; } else { $sql_query = "SELECT `Table_priv`" . " FROM `mysql`.`tables_priv`" . " WHERE `User` = '" . PMA_sqlAddSlashes($username) . "'" . " AND `Host` = '" . PMA_sqlAddSlashes($hostname) . "'" . " AND `Db` = '" . PMA_unescape_mysql_wildcards($db) . "'" . " AND `Table_name` = '" . PMA_sqlAddSlashes($table) . "';"; } $row = PMA_DBI_fetch_single_row($sql_query); } if (empty($row)) { if ($table == '*') { if ($db == '*') { $sql_query = 'SHOW COLUMNS FROM `mysql`.`user`;'; } elseif ($table == '*') { $sql_query = 'SHOW COLUMNS FROM `mysql`.`db`;'; } $res = PMA_DBI_query($sql_query); while ($row1 = PMA_DBI_fetch_row($res)) { if (substr($row1[0], 0, 4) == 'max_') { $row[$row1[0]] = 0; } else { $row[$row1[0]] = 'N'; } } PMA_DBI_free_result($res); } else { $row = array('Table_priv' => ''); } } if (isset($row['Table_priv'])) { $row1 = PMA_DBI_fetch_single_row('SHOW COLUMNS FROM `mysql`.`tables_priv` LIKE \'Table_priv\';', 'ASSOC', $GLOBALS['userlink']); // note: in MySQL 5.0.3 we get "Create View', 'Show view'; // the View for Create is spelled with uppercase V // the view for Show is spelled with lowercase v // and there is a space between the words $av_grants = explode('\',\'', substr($row1['Type'], strpos($row1['Type'], '(') + 2, strpos($row1['Type'], ')') - strpos($row1['Type'], '(') - 3)); unset($row1); $users_grants = explode(',', $row['Table_priv']); foreach ($av_grants as $current_grant) { $row[$current_grant . '_priv'] = in_array($current_grant, $users_grants) ? 'Y' : 'N'; } unset($row['Table_priv'], $current_grant, $av_grants, $users_grants); // get collumns $res = PMA_DBI_try_query('SHOW COLUMNS FROM ' . PMA_backquote(PMA_unescape_mysql_wildcards($db)) . '.' . PMA_backquote($table) . ';'); $columns = array(); if ($res) { while ($row1 = PMA_DBI_fetch_row($res)) { $columns[$row1[0]] = array('Select' => false, 'Insert' => false, 'Update' => false, 'References' => false); } PMA_DBI_free_result($res); } unset($res, $row1); } // t a b l e - s p e c i f i c p r i v i l e g e s if (!empty($columns)) { $res = PMA_DBI_query('SELECT `Column_name`, `Column_priv`' . ' FROM `mysql`.`columns_priv`' . ' WHERE `User`' . ' = \'' . PMA_sqlAddSlashes($username) . "'" . ' AND `Host`' . ' = \'' . PMA_sqlAddSlashes($hostname) . "'" . ' AND `Db`' . ' = \'' . PMA_sqlAddSlashes(PMA_unescape_mysql_wildcards($db)) . "'" . ' AND `Table_name`' . ' = \'' . PMA_sqlAddSlashes($table) . '\';'); while ($row1 = PMA_DBI_fetch_row($res)) { $row1[1] = explode(',', $row1[1]); foreach ($row1[1] as $current) { $columns[$row1[0]][$current] = true; } } PMA_DBI_free_result($res); unset($res, $row1, $current); echo '<input type="hidden" name="grant_count" value="' . count($row) . '" />' . "\n" . '<input type="hidden" name="column_count" value="' . count($columns) . '" />' . "\n" . '<fieldset id="fieldset_user_priv">' . "\n" . ' <legend>' . __('Table-specific privileges') . PMA_showHint(__('Note: MySQL privilege names are expressed in English')) . '</legend>' . "\n"; // privs that are attached to a specific column PMA_display_column_privs($columns, $row, 'Select_priv', 'SELECT', 'select', __('Allows reading data.'), 'Select'); PMA_display_column_privs($columns, $row, 'Insert_priv', 'INSERT', 'insert', __('Allows inserting and replacing data.'), 'Insert'); PMA_display_column_privs($columns, $row, 'Update_priv', 'UPDATE', 'update', __('Allows changing data.'), 'Update'); PMA_display_column_privs($columns, $row, 'References_priv', 'REFERENCES', 'references', __('Has no effect in this MySQL version.'), 'References'); // privs that are not attached to a specific column echo ' <div class="item">' . "\n"; foreach ($row as $current_grant => $current_grant_value) { if (in_array(substr($current_grant, 0, strlen($current_grant) - 5), array('Select', 'Insert', 'Update', 'References'))) { continue; } // make a substitution to match the messages variables; // also we must substitute the grant we get, because we can't generate // a form variable containing blanks (those would get changed to // an underscore when receiving the POST) if ($current_grant == 'Create View_priv') { $tmp_current_grant = 'CreateView_priv'; $current_grant = 'Create_view_priv'; } elseif ($current_grant == 'Show view_priv') { $tmp_current_grant = 'ShowView_priv'; $current_grant = 'Show_view_priv'; } else { $tmp_current_grant = $current_grant; } echo ' <div class="item">' . "\n" . ' <input type="checkbox"' . (empty($GLOBALS['checkall']) ? '' : ' checked="checked"') . ' name="' . $current_grant . '" id="checkbox_' . $current_grant . '" value="Y" ' . ($current_grant_value == 'Y' ? 'checked="checked" ' : '') . 'title="'; echo (isset($GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, strlen($tmp_current_grant) - 5)]) ? $GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, strlen($tmp_current_grant) - 5)] : $GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, strlen($tmp_current_grant) - 5) . 'Tbl']) . '"/>' . "\n"; echo ' <label for="checkbox_' . $current_grant . '"><tt><dfn title="' . (isset($GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, strlen($tmp_current_grant) - 5)]) ? $GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, strlen($tmp_current_grant) - 5)] : $GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, strlen($tmp_current_grant) - 5) . 'Tbl']) . '">' . strtoupper(substr($current_grant, 0, strlen($current_grant) - 5)) . '</dfn></tt></label>' . "\n" . ' </div>' . "\n"; } // end foreach () echo ' </div>' . "\n"; // for Safari 2.0.2 echo ' <div class="clearfloat"></div>' . "\n"; } else { // g l o b a l o r d b - s p e c i f i c // $privTable_names = array(0 => __('Data'), 1 => __('Structure'), 2 => __('Administration')); // d a t a $privTable[0] = array(array('Select', 'SELECT', __('Allows reading data.')), array('Insert', 'INSERT', __('Allows inserting and replacing data.')), array('Update', 'UPDATE', __('Allows changing data.')), array('Delete', 'DELETE', __('Allows deleting data.'))); if ($db == '*') { $privTable[0][] = array('File', 'FILE', __('Allows importing data from and exporting data into files.')); } // s t r u c t u r e $privTable[1] = array(array('Create', 'CREATE', $table == '*' ? __('Allows creating new databases and tables.') : __('Allows creating new tables.')), array('Alter', 'ALTER', __('Allows altering the structure of existing tables.')), array('Index', 'INDEX', __('Allows creating and dropping indexes.')), array('Drop', 'DROP', $table == '*' ? __('Allows dropping databases and tables.') : __('Allows dropping tables.')), array('Create_tmp_table', 'CREATE TEMPORARY TABLES', __('Allows creating temporary tables.')), array('Show_view', 'SHOW VIEW', __('Allows performing SHOW CREATE VIEW queries.')), array('Create_routine', 'CREATE ROUTINE', __('Allows creating stored routines.')), array('Alter_routine', 'ALTER ROUTINE', __('Allows altering and dropping stored routines.')), array('Execute', 'EXECUTE', __('Allows executing stored routines.'))); // this one is for a db-specific priv: Create_view_priv if (isset($row['Create_view_priv'])) { $privTable[1][] = array('Create_view', 'CREATE VIEW', __('Allows creating new views.')); } // this one is for a table-specific priv: Create View_priv if (isset($row['Create View_priv'])) { $privTable[1][] = array('Create View', 'CREATE VIEW', __('Allows creating new views.')); } if (isset($row['Event_priv'])) { // MySQL 5.1.6 $privTable[1][] = array('Event', 'EVENT', __('Allows to set up events for the event scheduler')); $privTable[1][] = array('Trigger', 'TRIGGER', __('Allows creating and dropping triggers')); } // a d m i n i s t r a t i o n $privTable[2] = array(array('Grant', 'GRANT', __('Allows adding users and privileges without reloading the privilege tables.'))); if ($db == '*') { $privTable[2][] = array('Super', 'SUPER', __('Allows connecting, even if maximum number of connections is reached; required for most administrative operations like setting global variables or killing threads of other users.')); $privTable[2][] = array('Process', 'PROCESS', __('Allows viewing processes of all users')); $privTable[2][] = array('Reload', 'RELOAD', __('Allows reloading server settings and flushing the server\'s caches.')); $privTable[2][] = array('Shutdown', 'SHUTDOWN', __('Allows shutting down the server.')); $privTable[2][] = array('Show_db', 'SHOW DATABASES', __('Gives access to the complete list of databases.')); } $privTable[2][] = array('Lock_tables', 'LOCK TABLES', __('Allows locking tables for the current thread.')); $privTable[2][] = array('References', 'REFERENCES', __('Has no effect in this MySQL version.')); if ($db == '*') { $privTable[2][] = array('Repl_client', 'REPLICATION CLIENT', __('Allows the user to ask where the slaves / masters are.')); $privTable[2][] = array('Repl_slave', 'REPLICATION SLAVE', __('Needed for the replication slaves.')); $privTable[2][] = array('Create_user', 'CREATE USER', __('Allows creating, dropping and renaming user accounts.')); } echo '<input type="hidden" name="grant_count" value="' . (count($privTable[0]) + count($privTable[1]) + count($privTable[2]) - (isset($row['Grant_priv']) ? 1 : 0)) . '" />' . "\n" . '<fieldset id="fieldset_user_global_rights">' . "\n" . ' <legend>' . "\n" . ' ' . ($db == '*' ? __('Global privileges') : ($table == '*' ? __('Database-specific privileges') : __('Table-specific privileges'))) . "\n" . ' (<a href="server_privileges.php?' . $GLOBALS['url_query'] . '&checkall=1" onclick="setCheckboxes(\'addUsersForm_' . $random_n . '\', true); return false;">' . __('Check All') . '</a> /' . "\n" . ' <a href="server_privileges.php?' . $GLOBALS['url_query'] . '" onclick="setCheckboxes(\'addUsersForm_' . $random_n . '\', false); return false;">' . __('Uncheck All') . '</a>)' . "\n" . ' </legend>' . "\n" . ' <p><small><i>' . __('Note: MySQL privilege names are expressed in English') . '</i></small></p>' . "\n"; // Output the Global privilege tables with checkboxes foreach ($privTable as $i => $table) { echo ' <fieldset>' . "\n" . ' <legend>' . __($privTable_names[$i]) . '</legend>' . "\n"; foreach ($table as $priv) { echo ' <div class="item">' . "\n" . ' <input type="checkbox"' . ' name="' . $priv[0] . '_priv" id="checkbox_' . $priv[0] . '_priv"' . ' value="Y" title="' . $priv[2] . '"' . (!empty($GLOBALS['checkall']) || $row[$priv[0] . '_priv'] == 'Y' ? ' checked="checked"' : '') . '/>' . "\n" . ' <label for="checkbox_' . $priv[0] . '_priv"><tt><dfn title="' . $priv[2] . '">' . $priv[1] . '</dfn></tt></label>' . "\n" . ' </div>' . "\n"; } echo ' </fieldset>' . "\n"; } // The "Resource limits" box is not displayed for db-specific privs if ($db == '*') { echo ' <fieldset>' . "\n" . ' <legend>' . __('Resource limits') . '</legend>' . "\n" . ' <p><small><i>' . __('Note: Setting these options to 0 (zero) removes the limit.') . '</i></small></p>' . "\n" . ' <div class="item">' . "\n" . ' <label for="text_max_questions"><tt><dfn title="' . __('Limits the number of queries the user may send to the server per hour.') . '">MAX QUERIES PER HOUR</dfn></tt></label>' . "\n" . ' <input type="text" name="max_questions" id="text_max_questions" value="' . $row['max_questions'] . '" size="11" maxlength="11" title="' . __('Limits the number of queries the user may send to the server per hour.') . '" />' . "\n" . ' </div>' . "\n" . ' <div class="item">' . "\n" . ' <label for="text_max_updates"><tt><dfn title="' . __('Limits the number of commands that change any table or database the user may execute per hour.') . '">MAX UPDATES PER HOUR</dfn></tt></label>' . "\n" . ' <input type="text" name="max_updates" id="text_max_updates" value="' . $row['max_updates'] . '" size="11" maxlength="11" title="' . __('Limits the number of commands that change any table or database the user may execute per hour.') . '" />' . "\n" . ' </div>' . "\n" . ' <div class="item">' . "\n" . ' <label for="text_max_connections"><tt><dfn title="' . __('Limits the number of new connections the user may open per hour.') . '">MAX CONNECTIONS PER HOUR</dfn></tt></label>' . "\n" . ' <input type="text" name="max_connections" id="text_max_connections" value="' . $row['max_connections'] . '" size="11" maxlength="11" title="' . __('Limits the number of new connections the user may open per hour.') . '" />' . "\n" . ' </div>' . "\n" . ' <div class="item">' . "\n" . ' <label for="text_max_user_connections"><tt><dfn title="' . __('Limits the number of simultaneous connections the user may have.') . '">MAX USER_CONNECTIONS</dfn></tt></label>' . "\n" . ' <input type="text" name="max_user_connections" id="text_max_user_connections" value="' . $row['max_user_connections'] . '" size="11" maxlength="11" title="' . __('Limits the number of simultaneous connections the user may have.') . '" />' . "\n" . ' </div>' . "\n" . ' </fieldset>' . "\n"; } // for Safari 2.0.2 echo ' <div class="clearfloat"></div>' . "\n"; } echo '</fieldset>' . "\n"; if ($submit) { echo '<fieldset id="fieldset_user_privtable_footer" class="tblFooters">' . "\n" . ' <input type="submit" name="update_privs" value="' . __('Go') . '" />' . "\n" . '</fieldset>' . "\n"; } }
/** * Displays the privileges form table * * @param string $db the database * @param string $table the table * @param boolean $submit wheather to display the submit button or not * @param int $indent the indenting level of the code * * @global array $cfg the phpMyAdmin configuration * @global ressource $user_link the database connection * * @return void */ function PMA_displayPrivTable($db = '*', $table = '*', $submit = TRUE, $indent = 0) { if ($db == '*') { $table = '*'; } $spaces = str_repeat(' ', $indent); if (isset($GLOBALS['username'])) { $username = $GLOBALS['username']; $hostname = $GLOBALS['hostname']; if ($db == '*') { $sql_query = 'SELECT * FROM `mysql`.`user`' . ' WHERE ' . PMA_convert_using('User') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' . PMA_convert_using('Host') . ' = ' . PMA_convert_using($hostname, 'quoted') . ';'; } elseif ($table == '*') { $sql_query = 'SELECT * FROM `mysql`.`db`' . ' WHERE ' . PMA_convert_using('`User`') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' . PMA_convert_using('`Host`') . ' = ' . PMA_convert_using($hostname, 'quoted') . ' AND ' . PMA_convert_using(PMA_unescape_mysql_wildcards($db), 'quoted') . ' LIKE ' . PMA_convert_using('`Db`') . ';'; } else { $sql_query = 'SELECT `Table_priv`' . ' FROM `mysql`.`tables_priv`' . ' WHERE ' . PMA_convert_using('`User`') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' . PMA_convert_using('`Host`') . ' = ' . PMA_convert_using($hostname, 'quoted') . ' AND ' . PMA_convert_using('`Db`') . ' = ' . PMA_convert_using(PMA_unescape_mysql_wildcards($db), 'quoted') . ' AND ' . PMA_convert_using('`Table_name`') . ' = ' . PMA_convert_using($table, 'quoted') . ';'; } $res = PMA_DBI_query($sql_query); $row = PMA_DBI_fetch_assoc($res); PMA_DBI_free_result($res); } if (empty($row)) { if ($table == '*') { if ($db == '*') { $sql_query = 'SHOW COLUMNS FROM `mysql`.`user`;'; } else { if ($table == '*') { $sql_query = 'SHOW COLUMNS FROM `mysql`.`db`;'; } } $res = PMA_DBI_query($sql_query); while ($row1 = PMA_DBI_fetch_row($res)) { if (substr($row1[0], 0, 4) == 'max_') { $row[$row1[0]] = 0; } else { $row[$row1[0]] = 'N'; } } PMA_DBI_free_result($res); } else { $row = array('Table_priv' => ''); } } if (isset($row['Table_priv'])) { $res = PMA_DBI_query('SHOW COLUMNS FROM `mysql`.`tables_priv` LIKE \'Table_priv\';', $GLOBALS['userlink']); // note: in MySQL 5.0.3 we get "Create View', 'Show view'; // the View for Create is spelled with uppercase V // the view for Show is spelled with lowercase v // and there is a space between the words $row1 = PMA_DBI_fetch_assoc($res); PMA_DBI_free_result($res); $av_grants = explode('\',\'', substr($row1['Type'], strpos($row1['Type'], '(') + 2, strpos($row1['Type'], ')') - strpos($row1['Type'], '(') - 3)); unset($res, $row1); $users_grants = explode(',', $row['Table_priv']); foreach ($av_grants as $current_grant) { $row[$current_grant . '_priv'] = in_array($current_grant, $users_grants) ? 'Y' : 'N'; } unset($row['Table_priv'], $current_grant, $av_grants, $users_grants); // get collumns $res = PMA_DBI_try_query('SHOW COLUMNS FROM `' . PMA_unescape_mysql_wildcards($db) . '`.`' . $table . '`;'); $columns = array(); if ($res) { while ($row1 = PMA_DBI_fetch_row($res)) { $columns[$row1[0]] = array('Select' => FALSE, 'Insert' => FALSE, 'Update' => FALSE, 'References' => FALSE); } PMA_DBI_free_result($res); } unset($res, $row1); } // t a b l e - s p e c i f i c p r i v i l e g e s if (!empty($columns)) { $res = PMA_DBI_query('SELECT `Column_name`, `Column_priv`' . ' FROM `mysql`.`columns_priv`' . ' WHERE ' . PMA_convert_using('`User`') . ' = ' . PMA_convert_using(PMA_sqlAddslashes($username), 'quoted') . ' AND ' . PMA_convert_using('`Host`') . ' = ' . PMA_convert_using($hostname, 'quoted') . ' AND ' . PMA_convert_using('`Db`') . ' = ' . PMA_convert_using(PMA_unescape_mysql_wildcards($db), 'quoted') . ' AND ' . PMA_convert_using('`Table_name`') . ' = ' . PMA_convert_using($table, 'quoted') . ';'); while ($row1 = PMA_DBI_fetch_row($res)) { $row1[1] = explode(',', $row1[1]); foreach ($row1[1] as $current) { $columns[$row1[0]][$current] = TRUE; } } PMA_DBI_free_result($res); unset($res, $row1, $current); echo $spaces . '<input type="hidden" name="grant_count" value="' . count($row) . '" />' . "\n" . $spaces . '<input type="hidden" name="column_count" value="' . count($columns) . '" />' . "\n" . $spaces . '<fieldset id="fieldset_user_priv">' . "\n" . $spaces . ' <legend>' . $GLOBALS['strTblPrivileges'] . '</legend>' . "\n" . $spaces . ' <p><small><i>' . $GLOBALS['strEnglishPrivileges'] . '</i></small></p>' . "\n"; // privs that are attached to a specific column PMA_display_column_privs($spaces, $columns, $row, 'Select_priv', 'SELECT', 'select', $GLOBALS['strPrivDescSelect'], 'Select'); PMA_display_column_privs($spaces, $columns, $row, 'Insert_priv', 'INSERT', 'insert', $GLOBALS['strPrivDescInsert'], 'Insert'); PMA_display_column_privs($spaces, $columns, $row, 'Update_priv', 'UPDATE', 'update', $GLOBALS['strPrivDescUpdate'], 'Update'); PMA_display_column_privs($spaces, $columns, $row, 'References_priv', 'REFERENCES', 'references', $GLOBALS['strPrivDescReferences'], 'References'); // privs that are not attached to a specific column echo $spaces . ' <div class="item">' . "\n"; foreach ($row as $current_grant => $current_grant_value) { if (in_array(substr($current_grant, 0, strlen($current_grant) - 5), array('Select', 'Insert', 'Update', 'References'))) { continue; } // make a substitution to match the messages variables; // also we must substitute the grant we get, because we can't generate // a form variable containing blanks (those would get changed to // an underscore when receiving the POST) if ($current_grant == 'Create View_priv') { $tmp_current_grant = 'CreateView_priv'; $current_grant = 'Create_view_priv'; } elseif ($current_grant == 'Show view_priv') { $tmp_current_grant = 'ShowView_priv'; $current_grant = 'Show_view_priv'; } else { $tmp_current_grant = $current_grant; } echo $spaces . ' <div class="item">' . "\n" . $spaces . ' <input type="checkbox"' . (empty($GLOBALS['checkall']) ? '' : ' checked="checked"') . ' name="' . $current_grant . '" id="checkbox_' . $current_grant . '" value="Y" ' . ($current_grant_value == 'Y' ? 'checked="checked" ' : '') . 'title="'; echo (isset($GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, strlen($tmp_current_grant) - 5)]) ? $GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, strlen($tmp_current_grant) - 5)] : $GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, strlen($tmp_current_grant) - 5) . 'Tbl']) . '"/>' . "\n"; echo $spaces . ' <label for="checkbox_' . $current_grant . '"><tt><dfn title="' . (isset($GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, strlen($tmp_current_grant) - 5)]) ? $GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, strlen($tmp_current_grant) - 5)] : $GLOBALS['strPrivDesc' . substr($tmp_current_grant, 0, strlen($tmp_current_grant) - 5) . 'Tbl']) . '">' . strtoupper(substr($current_grant, 0, strlen($current_grant) - 5)) . '</dfn></tt></label>' . "\n" . $spaces . ' </div>' . "\n"; } // end foreach() echo $spaces . ' </div>' . "\n"; } else { // g l o b a l o r d b - s p e c i f i c // // d a t a $privTable[0] = array(array('Select', 'SELECT', $GLOBALS['strPrivDescSelect']), array('Insert', 'INSERT', $GLOBALS['strPrivDescInsert']), array('Update', 'UPDATE', $GLOBALS['strPrivDescUpdate']), array('Delete', 'DELETE', $GLOBALS['strPrivDescDelete'])); if ($db == '*') { $privTable[0][] = array('File', 'FILE', $GLOBALS['strPrivDescFile']); } // s t r u c t u r e $privTable[1] = array(array('Create', 'CREATE', $table == '*' ? $GLOBALS['strPrivDescCreateDb'] : $GLOBALS['strPrivDescCreateTbl']), array('Alter', 'ALTER', $GLOBALS['strPrivDescAlter']), array('Index', 'INDEX', $GLOBALS['strPrivDescIndex']), array('Drop', 'DROP', $table == '*' ? $GLOBALS['strPrivDescDropDb'] : $GLOBALS['strPrivDescDropTbl'])); if (isset($row['Create_tmp_table_priv'])) { $privTable[1][] = array('Create_tmp_table', 'CREATE TEMPORARY TABLES', $GLOBALS['strPrivDescCreateTmpTable']); } // this one is for a db-specific priv: Create_view_priv if (isset($row['Create_view_priv'])) { $privTable[1][] = array('Create_view', 'CREATE VIEW', $GLOBALS['strPrivDescCreateView']); } // this one is for a table-specific priv: Create View_priv if (isset($row['Create View_priv'])) { $privTable[1][] = array('Create View', 'CREATE VIEW', $GLOBALS['strPrivDescCreateView']); } if (isset($row['Show_view_priv'])) { $privTable[1][] = array('Show_view', 'SHOW VIEW', $GLOBALS['strPrivDescShowView']); } if (isset($row['Create_routine_priv'])) { $privTable[1][] = array('Create_routine', 'CREATE ROUTINE', $GLOBALS['strPrivDescCreateRoutine']); } if (isset($row['Alter_routine_priv'])) { $privTable[1][] = array('Alter_routine', 'ALTER ROUTINE', $GLOBALS['strPrivDescAlterRoutine']); } if (isset($row['Execute_priv'])) { if (PMA_MYSQL_INT_VERSION >= 40002 && PMA_MYSQL_INT_VERSION < 50003) { $privTable[1][] = array('Execute', 'EXECUTE', $GLOBALS['strPrivDescExecute']); } else { $privTable[1][] = array('Execute', 'EXECUTE', $GLOBALS['strPrivDescExecute5']); } } // a d m i n i s t r a t i o n $privTable[2] = array(); if (isset($row['Grant_priv'])) { $privTable[2][] = array('Grant', 'GRANT', $GLOBALS['strPrivDescGrant']); } if ($db == '*') { if (isset($row['Super_priv'])) { $privTable[2][] = array('Super', 'SUPER', $GLOBALS['strPrivDescSuper']); $privTable[2][] = array('Process', 'PROCESS', $GLOBALS['strPrivDescProcess4']); } else { $privTable[2][] = array('Process', 'PROCESS', $GLOBALS['strPrivDescProcess3']); } $privTable[2][] = array('Reload', 'RELOAD', $GLOBALS['strPrivDescReload']); $privTable[2][] = array('Shutdown', 'SHUTDOWN', $GLOBALS['strPrivDescShutdown']); if (isset($row['Show_db_priv'])) { $privTable[2][] = array('Show_db', 'SHOW DATABASES', $GLOBALS['strPrivDescShowDb']); } } if (isset($row['Lock_tables_priv'])) { $privTable[2][] = array('Lock_tables', 'LOCK TABLES', $GLOBALS['strPrivDescLockTables']); } $privTable[2][] = array('References', 'REFERENCES', $GLOBALS['strPrivDescReferences']); if ($db == '*') { //if (isset($row['Execute_priv'])) { // $privTable[2][] = array('Execute', 'EXECUTE', $GLOBALS['strPrivDescExecute']); //} if (isset($row['Repl_client_priv'])) { $privTable[2][] = array('Repl_client', 'REPLICATION CLIENT', $GLOBALS['strPrivDescReplClient']); } if (isset($row['Repl_slave_priv'])) { $privTable[2][] = array('Repl_slave', 'REPLICATION SLAVE', $GLOBALS['strPrivDescReplSlave']); } if (isset($row['Create_user_priv'])) { $privTable[2][] = array('Create_user', 'CREATE USER', $GLOBALS['strPrivDescCreateUser']); } } echo $spaces . '<input type="hidden" name="grant_count" value="' . (count($privTable[0]) + count($privTable[1]) + count($privTable[2]) - (isset($row['Grant_priv']) ? 1 : 0)) . '" />' . "\n" . $spaces . '<fieldset id="fieldset_user_global_rights">' . "\n" . $spaces . ' <legend>' . "\n" . $spaces . ' ' . ($db == '*' ? $GLOBALS['strGlobalPrivileges'] : ($table == '*' ? $GLOBALS['strDbPrivileges'] : $GLOBALS['strTblPrivileges'])) . "\n" . $spaces . ' ( <a href="./server_privileges.php?' . $GLOBALS['url_query'] . '&checkall=1" onclick="setCheckboxes(\'usersForm\', true); return false;">' . $GLOBALS['strCheckAll'] . '</a> /' . "\n" . $spaces . ' <a href="./server_privileges.php?' . $GLOBALS['url_query'] . '" onclick="setCheckboxes(\'usersForm\', false); return false;">' . $GLOBALS['strUncheckAll'] . '</a> )' . "\n" . $spaces . ' </legend>' . "\n" . $spaces . ' <p><small><i>' . $GLOBALS['strEnglishPrivileges'] . '</i></small></p>' . "\n" . $spaces . ' <fieldset>' . "\n" . $spaces . ' <legend>' . $GLOBALS['strData'] . '</legend>' . "\n"; foreach ($privTable[0] as $priv) { echo $spaces . ' <div class="item">' . "\n" . $spaces . ' <input type="checkbox"' . (empty($GLOBALS['checkall']) ? '' : ' checked="checked"') . ' name="' . $priv[0] . '_priv" id="checkbox_' . $priv[0] . '_priv" value="Y" ' . ($row[$priv[0] . '_priv'] == 'Y' ? 'checked="checked" ' : '') . 'title="' . $priv[2] . '"/>' . "\n" . $spaces . ' <label for="checkbox_' . $priv[0] . '_priv"><tt><dfn title="' . $priv[2] . '">' . $priv[1] . '</dfn></tt></label>' . "\n" . $spaces . ' </div>' . "\n"; } echo $spaces . ' </fieldset>' . "\n" . $spaces . ' <fieldset>' . "\n" . $spaces . ' <legend>' . $GLOBALS['strStructure'] . '</legend>' . "\n"; foreach ($privTable[1] as $priv) { echo $spaces . ' <div class="item">' . "\n" . $spaces . ' <input type="checkbox"' . (empty($GLOBALS['checkall']) ? '' : ' checked="checked"') . ' name="' . $priv[0] . '_priv" id="checkbox_' . $priv[0] . '_priv" value="Y" ' . ($row[$priv[0] . '_priv'] == 'Y' ? 'checked="checked" ' : '') . 'title="' . $priv[2] . '"/>' . "\n" . $spaces . ' <label for="checkbox_' . $priv[0] . '_priv"><tt><dfn title="' . $priv[2] . '">' . $priv[1] . '</dfn></tt></label>' . "\n" . $spaces . ' </div>' . "\n"; } echo $spaces . ' </fieldset>' . "\n" . $spaces . ' <fieldset>' . "\n" . $spaces . ' <legend>' . $GLOBALS['strAdministration'] . '</legend>' . "\n"; foreach ($privTable[2] as $priv) { echo $spaces . ' <div class="item">' . "\n" . $spaces . ' <input type="checkbox"' . (empty($GLOBALS['checkall']) ? '' : ' checked="checked"') . ' name="' . $priv[0] . '_priv" id="checkbox_' . $priv[0] . '_priv" value="Y" ' . ($row[$priv[0] . '_priv'] == 'Y' ? 'checked="checked" ' : '') . 'title="' . $priv[2] . '"/>' . "\n" . $spaces . ' <label for="checkbox_' . $priv[0] . '_priv"><tt><dfn title="' . $priv[2] . '">' . $priv[1] . '</dfn></tt></label>' . "\n" . $spaces . ' </div>' . "\n"; } echo $spaces . ' </fieldset>' . "\n"; // The "Resource limits" box is not displayed for db-specific privs if ($db == '*') { echo $spaces . ' <fieldset>' . "\n" . $spaces . ' <legend>' . $GLOBALS['strResourceLimits'] . '</legend>' . "\n" . $spaces . ' <p><small><i>' . $GLOBALS['strZeroRemovesTheLimit'] . '</i></small></p>' . "\n" . $spaces . ' <div class="item">' . "\n" . $spaces . ' <label for="text_max_questions"><tt><dfn title="' . $GLOBALS['strPrivDescMaxQuestions'] . '">MAX QUERIES PER HOUR</dfn></tt></label>' . "\n" . $spaces . ' <input type="text" name="max_questions" id="text_max_questions" value="' . $row['max_questions'] . '" size="11" maxlength="11" title="' . $GLOBALS['strPrivDescMaxQuestions'] . '" />' . "\n" . $spaces . ' </div>' . "\n" . $spaces . ' <div class="item">' . "\n" . $spaces . ' <label for="text_max_updates"><tt><dfn title="' . $GLOBALS['strPrivDescMaxUpdates'] . '">MAX UPDATES PER HOUR</dfn></tt></label>' . "\n" . $spaces . ' <input type="text" name="max_updates" id="text_max_updates" value="' . $row['max_updates'] . '" size="11" maxlength="11" title="' . $GLOBALS['strPrivDescMaxUpdates'] . '" />' . "\n" . $spaces . ' </div>' . "\n" . $spaces . ' <div class="item">' . "\n" . $spaces . ' <label for="text_max_connections"><tt><dfn title="' . $GLOBALS['strPrivDescMaxConnections'] . '">MAX CONNECTIONS PER HOUR</dfn></tt></label>' . "\n" . $spaces . ' <input type="text" name="max_connections" id="text_max_connections" value="' . $row['max_connections'] . '" size="11" maxlength="11" title="' . $GLOBALS['strPrivDescMaxConnections'] . '" />' . "\n" . $spaces . ' </div>' . "\n"; if (PMA_MYSQL_INT_VERSION >= 50003) { echo $spaces . ' <div class="item">' . "\n" . $spaces . ' <label for="text_max_user_connections"><tt><dfn title="' . $GLOBALS['strPrivDescMaxUserConnections'] . '">MAX USER_CONNECTIONS</dfn></tt></label>' . "\n" . $spaces . ' <input type="text" name="max_user_connections" id="text_max_user_connections" value="' . $row['max_user_connections'] . '" size="11" maxlength="11" title="' . $GLOBALS['strPrivDescMaxUserConnections'] . '" />' . "\n" . $spaces . ' </div>' . "\n"; } echo $spaces . ' </fieldset>' . "\n"; } } echo $spaces . '</fieldset>' . "\n"; if ($submit) { echo $spaces . '<fieldset id="fieldset_user_privtable_footer" class="tblFooters">' . "\n" . $spaces . ' <input type="submit" name="update_privs" value="' . $GLOBALS['strGo'] . '" />' . "\n" . $spaces . '</fieldset>' . "\n"; } }