static function getRandomPassword() { $minpasswordlength = ctrl_options::GetSystemOption('password_minlength'); $trylength = 9; if ($trylength < $minpasswordlength) { $uselength = $minpasswordlength; } else { $uselength = $trylength; } $password = fs_director::GenerateRandomPassword($uselength, 4); return $password; }
static function ExecuteCreateUser($uid, $username, $database, $access) { global $zdbh; global $controller; $currentuser = ctrl_users::GetUserDetail($uid); // Check for spaces and remove if found... $username = strtolower(str_replace(' ', '', $username)); // If errors are found, then exit before creating user... if (fs_director::CheckForEmptyValue(self::CheckCreateForErrors($username, $database, $access))) { return false; } runtime_hook::Execute('OnBeforeCreateDatabaseUser'); $password = fs_director::GenerateRandomPassword(9, 4); // Create user in MySQL $sql = $zdbh->prepare("CREATE USER :username@:access;"); $sql->bindParam(':username', $username); $sql->bindParam(':access', $access); $sql->execute(); // Set MySQL password for new user... $sql = $zdbh->prepare("SET PASSWORD FOR :username@:access=PASSWORD(:password)"); $sql->bindParam(':username', $username); $sql->bindParam(':access', $access); $sql->bindParam(':password', $password); $sql->execute(); // Get the database name from the ID... $numrows = $zdbh->prepare("SELECT * FROM x_mysql_databases WHERE my_id_pk=:database AND my_deleted_ts IS NULL"); $numrows->bindParam(':database', $database); $numrows->execute(); $rowdb = $numrows->fetch(); // Remove all priveledges to all databases $sql = $zdbh->prepare("GRANT USAGE ON *.* TO :username@:access"); $sql->bindParam(':username', $username); $sql->bindParam(':access', $access); $sql->execute(); // Grant privileges for new user to the assigned database... $usernameClean = $zdbh->mysqlRealEscapeString($username); $accessClean = $zdbh->mysqlRealEscapeString($access); $my_name_vc = $zdbh->mysqlRealEscapeString($rowdb['my_name_vc']); $sql = $zdbh->prepare("GRANT ALL PRIVILEGES ON `{$my_name_vc}`.* TO `{$usernameClean}`@`{$accessClean}`"); //$sql->bindParam(':username', $username, PDO::PARAM_STR); //$sql->bindParam(':access', $access, PDO::PARAM_STR); //$sql->bindParam(':name', $rowdb['my_name_vc'], PDO::PARAM_STR); $sql->execute(); $sql = $zdbh->prepare("FLUSH PRIVILEGES"); $sql->execute(); // Add user to zpanel database... $sql = $zdbh->prepare("INSERT INTO x_mysql_users (\n\t\t\t\t\t\t\t\tmu_acc_fk,\n\t\t\t\t\t\t\t\tmu_name_vc,\n\t\t\t\t\t\t\t\tmu_database_fk,\n\t\t\t\t\t\t\t\tmu_pass_vc,\n\t\t\t\t\t\t\t\tmu_access_vc,\n\t\t\t\t\t\t\t\tmu_created_ts) VALUES (\n\t\t\t\t\t\t\t\t:userid,\n\t\t\t\t\t\t\t\t:username,\n\t\t\t\t\t\t\t\t:database,\n\t\t\t\t\t\t\t\t:password,\n\t\t\t\t\t\t\t\t:access,\n\t\t\t\t\t\t\t\t:time)"); $sql->bindParam(':userid', $uid); $sql->bindParam(':username', $username); $sql->bindParam(':database', $database); $sql->bindParam(':password', $password); $sql->bindParam(':access', $access); $time = time(); $sql->bindParam(':time', $time); $sql->execute(); // Get the new users id... //$rowuser = $zdbh->query("SELECT * FROM x_mysql_users WHERE mu_name_vc='" . $username . "' AND mu_acc_fk=" . $uid . " AND mu_deleted_ts IS NULL")->fetch(); $numrows = $zdbh->prepare("SELECT * FROM x_mysql_users WHERE mu_name_vc=:username AND mu_acc_fk=:userid AND mu_deleted_ts IS NULL"); $numrows->bindParam(':username', $username); $numrows->bindParam(':userid', $uid); $numrows->execute(); $rowuser = $numrows->fetch(); // Add database to zpanel user account... self::ExecuteAddDB($uid, $rowuser['mu_id_pk'], $database); runtime_hook::Execute('OnAfterCreateDatabaseUser'); self::$ok = true; return true; }