static function getRandomPassword()
{
$minpasswordlength = ctrl_options::GetSystemOption('password_minlength');
$trylength = 9;
if ($trylength < $minpasswordlength) {
$uselength = $minpasswordlength;
} else {
$uselength = $trylength;
}
$password = fs_director::GenerateRandomPassword($uselength, 4);
return $password;
}
static function ExecuteCreateUser($uid, $username, $database, $access)
{
global $zdbh;
global $controller;
$currentuser = ctrl_users::GetUserDetail($uid);
// Check for spaces and remove if found...
$username = strtolower(str_replace(' ', '', $username));
// If errors are found, then exit before creating user...
if (fs_director::CheckForEmptyValue(self::CheckCreateForErrors($username, $database, $access))) {
return false;
}
runtime_hook::Execute('OnBeforeCreateDatabaseUser');
$password = fs_director::GenerateRandomPassword(9, 4);
// Create user in MySQL
$sql = $zdbh->prepare("CREATE USER :username@:access;");
$sql->bindParam(':username', $username);
$sql->bindParam(':access', $access);
$sql->execute();
// Set MySQL password for new user...
$sql = $zdbh->prepare("SET PASSWORD FOR :username@:access=PASSWORD(:password)");
$sql->bindParam(':username', $username);
$sql->bindParam(':access', $access);
$sql->bindParam(':password', $password);
$sql->execute();
// Get the database name from the ID...
$numrows = $zdbh->prepare("SELECT * FROM x_mysql_databases WHERE my_id_pk=:database AND my_deleted_ts IS NULL");
$numrows->bindParam(':database', $database);
$numrows->execute();
$rowdb = $numrows->fetch();
// Remove all priveledges to all databases
$sql = $zdbh->prepare("GRANT USAGE ON *.* TO :username@:access");
$sql->bindParam(':username', $username);
$sql->bindParam(':access', $access);
$sql->execute();
// Grant privileges for new user to the assigned database...
$usernameClean = $zdbh->mysqlRealEscapeString($username);
$accessClean = $zdbh->mysqlRealEscapeString($access);
$my_name_vc = $zdbh->mysqlRealEscapeString($rowdb['my_name_vc']);
$sql = $zdbh->prepare("GRANT ALL PRIVILEGES ON `{$my_name_vc}`.* TO `{$usernameClean}`@`{$accessClean}`");
//$sql->bindParam(':username', $username, PDO::PARAM_STR);
//$sql->bindParam(':access', $access, PDO::PARAM_STR);
//$sql->bindParam(':name', $rowdb['my_name_vc'], PDO::PARAM_STR);
$sql->execute();
$sql = $zdbh->prepare("FLUSH PRIVILEGES");
$sql->execute();
// Add user to zpanel database...
$sql = $zdbh->prepare("INSERT INTO x_mysql_users (\n\t\t\t\t\t\t\t\tmu_acc_fk,\n\t\t\t\t\t\t\t\tmu_name_vc,\n\t\t\t\t\t\t\t\tmu_database_fk,\n\t\t\t\t\t\t\t\tmu_pass_vc,\n\t\t\t\t\t\t\t\tmu_access_vc,\n\t\t\t\t\t\t\t\tmu_created_ts) VALUES (\n\t\t\t\t\t\t\t\t:userid,\n\t\t\t\t\t\t\t\t:username,\n\t\t\t\t\t\t\t\t:database,\n\t\t\t\t\t\t\t\t:password,\n\t\t\t\t\t\t\t\t:access,\n\t\t\t\t\t\t\t\t:time)");
$sql->bindParam(':userid', $uid);
$sql->bindParam(':username', $username);
$sql->bindParam(':database', $database);
$sql->bindParam(':password', $password);
$sql->bindParam(':access', $access);
$time = time();
$sql->bindParam(':time', $time);
$sql->execute();
// Get the new users id...
//$rowuser = $zdbh->query("SELECT * FROM x_mysql_users WHERE mu_name_vc='" . $username . "' AND mu_acc_fk=" . $uid . " AND mu_deleted_ts IS NULL")->fetch();
$numrows = $zdbh->prepare("SELECT * FROM x_mysql_users WHERE mu_name_vc=:username AND mu_acc_fk=:userid AND mu_deleted_ts IS NULL");
$numrows->bindParam(':username', $username);
$numrows->bindParam(':userid', $uid);
$numrows->execute();
$rowuser = $numrows->fetch();
// Add database to zpanel user account...
self::ExecuteAddDB($uid, $rowuser['mu_id_pk'], $database);
runtime_hook::Execute('OnAfterCreateDatabaseUser');
self::$ok = true;
return true;
}
