/**
* Get HTML snippet for display user properties
*
* @param boolean $dbname_is_wildcard whether database name is wildcard or not
* @param string $url_dbname url database name that urlencode() string
* @param string $username username
* @param string $hostname host name
* @param string $dbname database name
* @param string $tablename table name
*
* @return string $html_output
*/
function PMA_getHtmlForUserProperties($dbname_is_wildcard, $url_dbname, $username, $hostname, $dbname, $tablename)
{
$html_output = '<div id="edit_user_dialog">';
$html_output .= PMA_getHtmlHeaderForUserProperties($dbname_is_wildcard, $url_dbname, $dbname, $username, $hostname, $tablename);
$sql = "SELECT '1' FROM `mysql`.`user`" . " WHERE `User` = '" . PMA_Util::sqlAddSlashes($username) . "'" . " AND `Host` = '" . PMA_Util::sqlAddSlashes($hostname) . "';";
$user_does_not_exists = (bool) (!$GLOBALS['dbi']->fetchValue($sql));
if ($user_does_not_exists) {
$html_output .= PMA_Message::error(__('The selected user was not found in the privilege table.'))->getDisplay();
$html_output .= PMA_getHtmlForLoginInformationFields();
//exit;
}
$_params = array('username' => $username, 'hostname' => $hostname);
if (!is_array($dbname) && mb_strlen($dbname)) {
$_params['dbname'] = $dbname;
if (mb_strlen($tablename)) {
$_params['tablename'] = $tablename;
}
} else {
$_params['dbname'] = $dbname;
}
$html_output .= '<form class="submenu-item" name="usersForm" ' . 'id="addUsersForm" action="server_privileges.php" method="post">' . "\n";
$html_output .= PMA_URL_getHiddenInputs($_params);
$html_output .= PMA_getHtmlToDisplayPrivilegesTable(PMA_ifSetOr($dbname, is_array($dbname) ? $dbname[0] : '*', 'length'), PMA_ifSetOr($tablename, '*', 'length'));
$html_output .= '</form>' . "\n";
if (!is_array($dbname) && !mb_strlen($tablename) && empty($dbname_is_wildcard)) {
// no table name was given, display all table specific rights
// but only if $dbname contains no wildcards
$html_output .= '<form class="submenu-item" action="server_privileges.php" ' . 'id="db_or_table_specific_priv" method="post">' . "\n";
// unescape wildcards in dbname at table level
$unescaped_db = PMA_Util::unescapeMysqlWildcards($dbname);
list($html_rightsTable, $found_rows) = PMA_getHtmlForAllTableSpecificRights($username, $hostname, $unescaped_db);
$html_output .= $html_rightsTable;
if (!mb_strlen($dbname)) {
// no database name was given, display select db
$html_output .= PMA_getHtmlForSelectDbInEditPrivs($found_rows);
} else {
$html_output .= PMA_displayTablesInEditPrivs($dbname, $found_rows);
}
$html_output .= '</fieldset>' . "\n";
$html_output .= '<fieldset class="tblFooters">' . "\n" . ' <input type="submit" value="' . __('Go') . '" />' . '</fieldset>' . "\n" . '</form>' . "\n";
}
// Provide a line with links to the relevant database and table
if (!is_array($dbname) && mb_strlen($dbname) && empty($dbname_is_wildcard)) {
$html_output .= PMA_getLinkToDbAndTable($url_dbname, $dbname, $tablename);
}
if (!is_array($dbname) && !mb_strlen($dbname) && !$user_does_not_exists) {
//change login information
$html_output .= PMA_getHtmlForChangePassword($username, $hostname);
$html_output .= PMA_getChangeLoginInformationHtmlForm($username, $hostname);
}
$html_output .= '</div>';
return $html_output;
}
/**
* Test for PMA_getChangeLoginInformationHtmlForm
*
* @return void
*/
public function testPMAGetChangeLoginInformationHtmlForm()
{
$username = "******";
$hostname = "pma_hostname";
$dbi_old = $GLOBALS['dbi'];
$dbi = $this->getMockBuilder('PMA\\libraries\\DatabaseInterface')->disableOriginalConstructor()->getMock();
$fields_info = array(array('COLUMN_NAME' => 'Host', 'CHARACTER_MAXIMUM_LENGTH' => 80), array('COLUMN_NAME' => 'User', 'CHARACTER_MAXIMUM_LENGTH' => 40));
$dbi->expects($this->any())->method('fetchResult')->will($this->returnValue($fields_info));
$GLOBALS['dbi'] = $dbi;
//PMA_getChangeLoginInformationHtmlForm
$html = PMA_getChangeLoginInformationHtmlForm($username, $hostname);
//PMA_URL_getHiddenInputs
$this->assertContains(PMA_URL_getHiddenInputs('', ''), $html);
//$username & $hostname
$this->assertContains(htmlspecialchars($username), $html);
$this->assertContains(htmlspecialchars($hostname), $html);
//PMA_getHtmlForLoginInformationFields
$this->assertContains(PMA_getHtmlForLoginInformationFields('change', $username, $hostname), $html);
//Create a new user with the same privileges
$this->assertContains("Create a new user account with the same privileges", $html);
$GLOBALS['dbi'] = $dbi_old;
}
/**
* Get HTML snippet for display user properties
*
* @param boolean $dbname_is_wildcard whether database name is wildcard or not
* @param type $url_dbname url database name that urlencode() string
* @param string $username username
* @param string $hostname host name
* @param string $link_edit standard link to edit privileges
* @param string $link_revoke standard link to revoke
* @param string $dbname database name
* @param string $tablename table name
*
* @return string $html_output
*/
function PMA_getHtmlForDisplayUserProperties($dbname_is_wildcard, $url_dbname, $username, $hostname, $link_edit, $link_revoke, $dbname, $tablename)
{
$html_output = PMA_getHtmlHeaderForDisplayUserProperties($dbname_is_wildcard, $url_dbname, $dbname, $username, $hostname, $tablename);
$sql = "SELECT '1' FROM `mysql`.`user`" . " WHERE `User` = '" . PMA_Util::sqlAddSlashes($username) . "'" . " AND `Host` = '" . PMA_Util::sqlAddSlashes($hostname) . "';";
$user_does_not_exists = (bool) (!PMA_DBI_fetch_value($sql));
if ($user_does_not_exists) {
$html_output .= PMA_Message::error(__('The selected user was not found in the privilege table.'))->getDisplay();
$html_output .= PMA_getHtmlForDisplayLoginInformationFields();
//exit;
}
$class = ' class="ajax"';
$html_output .= '<form' . $class . ' name="usersForm" id="addUsersForm"' . ' action="server_privileges.php" method="post">' . "\n";
$_params = array('username' => $username, 'hostname' => $hostname);
if (strlen($dbname)) {
$_params['dbname'] = $dbname;
if (strlen($tablename)) {
$_params['tablename'] = $tablename;
}
}
$html_output .= PMA_generate_common_hidden_inputs($_params);
$html_output .= PMA_getHtmlToDisplayPrivilegesTable(PMA_ifSetOr($dbname, '*', 'length'), PMA_ifSetOr($tablename, '*', 'length'));
$html_output .= '</form>' . "\n";
if (!strlen($tablename) && empty($dbname_is_wildcard)) {
// no table name was given, display all table specific rights
// but only if $dbname contains no wildcards
$html_output .= '<form action="server_privileges.php" ' . 'id="db_or_table_specific_priv" method="post">' . "\n";
list($html_rightsTable, $found_rows) = PMA_getTableForDisplayAllTableSpecificRights($username, $hostname, $link_edit, $link_revoke, $dbname);
$html_output .= $html_rightsTable;
if (!strlen($dbname)) {
// no database name was given, display select db
$html_output .= PMA_getHtmlForDisplaySelectDbInEditPrivs($found_rows);
} else {
$html_output .= PMA_displayTablesInEditPrivs($dbname, $found_rows);
}
$html_output .= '</fieldset>' . "\n";
$html_output .= '<fieldset class="tblFooters">' . "\n" . ' <input type="submit" value="' . __('Go') . '" />' . '</fieldset>' . "\n" . '</form>' . "\n";
}
// Provide a line with links to the relevant database and table
if (strlen($dbname) && empty($dbname_is_wildcard)) {
$html_output .= PMA_getLinkToDbAndTable($url_dbname, $dbname, $tablename);
}
if (!strlen($dbname) && !$user_does_not_exists) {
//change login information
$html_output .= PMA_getHtmlForChangePassword($username, $hostname);
$html_output .= PMA_getChangeLoginInformationHtmlForm($username, $hostname);
}
return $html_output;
}
/**
* Test for PMA_getChangeLoginInformationHtmlForm
*
* @return void
*/
public function testPMAGetChangeLoginInformationHtmlForm()
{
$username = "******";
$hostname = "pma_hostname";
$GLOBALS['cfgRelation']['menuswork'] = true;
$dbi_old = $GLOBALS['dbi'];
$dbi = $this->getMockBuilder('PMA\libraries\DatabaseInterface')
->disableOriginalConstructor()
->getMock();
$fields_info = array(
array('COLUMN_NAME' => 'Host', 'CHARACTER_MAXIMUM_LENGTH' => 80),
array('COLUMN_NAME' => 'User', 'CHARACTER_MAXIMUM_LENGTH' => 40),
);
$dbi->expects($this->any())->method('fetchResult')
->will($this->returnValue($fields_info));
$expected_userGroup = "pma_usergroup";
$dbi->expects($this->any())->method('fetchValue')
->will($this->returnValue($expected_userGroup));
$dbi->expects($this->any())
->method('escapeString')
->will($this->returnArgument(0));
$GLOBALS['dbi'] = $dbi;
//PMA_getChangeLoginInformationHtmlForm
$html = PMA_getChangeLoginInformationHtmlForm($username, $hostname);
//URL::getHiddenInputs
$this->assertContains(
URL::getHiddenInputs('', ''),
$html
);
//$username & $hostname
$this->assertContains(
htmlspecialchars($username),
$html
);
$this->assertContains(
htmlspecialchars($hostname),
$html
);
//PMA_getHtmlForLoginInformationFields
$this->assertContains(
PMA_getHtmlForLoginInformationFields('change', $username, $hostname),
$html
);
$this->assertContains(
'<input type="hidden" name="old_usergroup" value="'
. $expected_userGroup . '" />',
$html
);
//Create a new user with the same privileges
$this->assertContains(
"Create a new user account with the same privileges",
$html
);
$GLOBALS['dbi'] = $dbi_old;
}
/**
* Get HTML snippet for display user properties
*
* @param boolean $dbname_is_wildcard whether database name is wildcard or not
* @param string $url_dbname url database name that urlencode() string
* @param string $username username
* @param string $hostname host name
* @param string $dbname database name
* @param string $tablename table name
*
* @return string $html_output
*/
function PMA_getHtmlForUserProperties($dbname_is_wildcard, $url_dbname, $username, $hostname, $dbname, $tablename)
{
$html_output = '<div id="edit_user_dialog">';
$html_output .= PMA_getHtmlHeaderForUserProperties($dbname_is_wildcard, $url_dbname, $dbname, $username, $hostname, $tablename, 'table');
$sql = "SELECT '1' FROM `mysql`.`user`" . " WHERE `User` = '" . $GLOBALS['dbi']->escapeString($username) . "'" . " AND `Host` = '" . $GLOBALS['dbi']->escapeString($hostname) . "';";
$user_does_not_exists = (bool) (!$GLOBALS['dbi']->fetchValue($sql));
if ($user_does_not_exists) {
$html_output .= Message::error(__('The selected user was not found in the privilege table.'))->getDisplay();
$html_output .= PMA_getHtmlForLoginInformationFields();
}
$_params = array('username' => $username, 'hostname' => $hostname);
if (!is_array($dbname) && strlen($dbname) > 0) {
$_params['dbname'] = $dbname;
if (strlen($tablename) > 0) {
$_params['tablename'] = $tablename;
}
} else {
$_params['dbname'] = $dbname;
}
$html_output .= '<form class="submenu-item" name="usersForm" ' . 'id="addUsersForm" action="server_privileges.php" method="post">' . "\n";
$html_output .= URL::getHiddenInputs($_params);
$html_output .= PMA_getHtmlToDisplayPrivilegesTable(PMA_ifSetOr($dbname, is_array($dbname) ? $dbname[0] : '*', 'length'), PMA_ifSetOr($tablename, '*', 'length'));
$html_output .= '</form>' . "\n";
if (!is_array($dbname) && strlen($tablename) === 0 && empty($dbname_is_wildcard)) {
// no table name was given, display all table specific rights
// but only if $dbname contains no wildcards
if (strlen($dbname) === 0) {
$html_output .= PMA_getHtmlForAllTableSpecificRights($username, $hostname, 'database');
} else {
// unescape wildcards in dbname at table level
$unescaped_db = Util::unescapeMysqlWildcards($dbname);
$html_output .= PMA_getHtmlForAllTableSpecificRights($username, $hostname, 'table', $unescaped_db);
$html_output .= PMA_getHtmlForAllTableSpecificRights($username, $hostname, 'routine', $unescaped_db);
}
}
// Provide a line with links to the relevant database and table
if (!is_array($dbname) && strlen($dbname) > 0 && empty($dbname_is_wildcard)) {
$html_output .= PMA_getLinkToDbAndTable($url_dbname, $dbname, $tablename);
}
if (!is_array($dbname) && strlen($dbname) === 0 && !$user_does_not_exists) {
//change login information
$html_output .= PMA_getHtmlForChangePassword('edit_other', $username, $hostname);
$html_output .= PMA_getChangeLoginInformationHtmlForm($username, $hostname);
}
$html_output .= '</div>';
return $html_output;
}
/**
* Test for PMA_getChangeLoginInformationHtmlForm
*
* @return void
*/
public function testPMAGetChangeLoginInformationHtmlForm()
{
$username = "******";
$hostname = "pma_hostname";
$dbi_old = $GLOBALS['dbi'];
$dbi = $this->getMockBuilder('PMA_DatabaseInterface')
->disableOriginalConstructor()
->getMock();
$fields_info = array(
"Host" => array(
"Field" => "host",
"Type" => "char(60)",
"Null" => "NO",
)
);
$dbi->expects($this->any())->method('getColumns')
->will($this->returnValue($fields_info));
$fetchValue = "fetchValue";
$dbi->expects($this->any())->method('fetchValue')
->will($this->returnValue($fetchValue));
$GLOBALS['dbi'] = $dbi;
//PMA_getChangeLoginInformationHtmlForm
$html = PMA_getChangeLoginInformationHtmlForm($username, $hostname);
//PMA_URL_getHiddenInputs
$this->assertContains(
PMA_URL_getHiddenInputs('', ''),
$html
);
//$username & $username
$this->assertContains(
htmlspecialchars($username),
$html
);
$this->assertContains(
htmlspecialchars($username),
$html
);
//PMA_getHtmlForDisplayLoginInformationFields
$this->assertContains(
PMA_getHtmlForDisplayLoginInformationFields('change'),
$html
);
//Create a new user with the same privileges
$this->assertContains(
"Create a new user with the same privileges",
$html
);
$GLOBALS['dbi'] = $dbi_old;
}
