*/ include "functions.php"; loginCheck(); function removeAdminPrivs($priv) { if ($priv == "FILE" || $priv == "PROCESS" || $priv == "RELOAD" || $priv == "SHUTDOWN" || $priv == "SUPER") return false; else return true; } if ($_POST) { if (isset($_POST['NEWHOST'])) $newHost = $_POST['NEWHOST']; else $newHost = "localhost"; if (isset($_POST['NEWNAME'])) $newName = $_POST['NEWNAME']; if (isset($_POST['NEWPASS'])) $newPass = $_POST['NEWPASS']; if (isset($_POST['ACCESSLEVEL'])) $accessLevel = $_POST['ACCESSLEVEL']; else $accessLevel = "GLOBAL"; if ($accessLevel != "LIMITED") $accessLevel = "GLOBAL"; if (isset($_POST['DBLIST'])) $dbList = $_POST['DBLIST']; else $dbList = array(); if (isset($_POST['NEWCHOICE'])) $newChoice = $_POST['NEWCHOICE']; if (isset($_POST['NEWPRIVILEGES'])) $newPrivileges = $_POST['NEWPRIVILEGES']; if (isset($newName) && ($accessLevel == "GLOBAL" || ($accessLevel == "LIMITED" && sizeof($dbList) > 0))) { if ($newChoice == "ALL") { $privList = "ALL"; } else { if (sizeof($newPrivileges) > 0) { if ($accessLevel == "LIMITED") { $newPrivileges = array_filter($newPrivileges, "removeAdminPrivs"); } $privList = implode(", ", $newPrivileges); } else { $privList = "USAGE"; } } if ($accessLevel == "LIMITED") { foreach ($dbList as $theDb) { $newQuery = "GRANT " . $privList; $newQuery .= " ON `$theDb`.*"; $newQuery .= " TO '" . $newName . "'@'" . $newHost . "'"; if ($newPass) $newQuery .= " IDENTIFIED BY '" . $newPass . "'"; if (isset($_POST['GRANTOPTION'])) $newQuery .= " WITH GRANT OPTION"; $conn->query($newQuery) or ($dbError = $conn->error()); } } else { $newQuery = "GRANT " . $privList; $newQuery .= " ON *.*"; $newQuery .= " TO '" . $newName . "'@'" . $newHost . "'"; if ($newPass) $newQuery .= " IDENTIFIED BY '" . $newPass . "'"; if (isset($_POST['GRANTOPTION'])) $newQuery .= " WITH GRANT OPTION"; $conn->query($newQuery) or ($dbError = $conn->error()); } $conn->query("FLUSH PRIVILEGES") or ($dbError = $conn->error()); } } $connected = $conn->selectDB("mysql"); // delete users if (isset($_POST['deleteUsers']) && $connected) { $deleteUsers = $_POST['deleteUsers']; // boom! $userList = explode(";", $deleteUsers); foreach ($userList as $each) { $split = explode("@", $each, 2); if (isset($split[0])) $user = trim($split[0]); if (isset($split[1])) $host = trim($split[1]); if (isset($user) && isset($host)) { $conn->query("REVOKE ALL PRIVILEGES ON *.* FROM '$user'@'$host'"); $conn->query("REVOKE GRANT OPTION ON *.* FROM '$user'@'$host'"); $conn->query("DELETE FROM `user` WHERE `User`='$user' AND `Host`='$host'"); $conn->query("DELETE FROM `db` WHERE `User`='$user' AND `Host`='$host'"); $conn->query("DELETE FROM `tables_priv` WHERE `User`='$user' AND `Host`='$host'"); $conn->query("DELETE FROM `columns_priv` WHERE `User`='$user' AND `Host`='$host'"); } } $conn->query("FLUSH PRIVILEGES"); } if (isset($dbError)) { echo '
'; echo '' . __("Error performing operation") . '

' . $dbError . '

'; echo '
'; } ?>
query("SELECT * FROM `user`"); if ($conn->isResultSet($userSql)) { ?>
' . __("All") . '  ' . __("None") . ''; echo '     ' . __("With selected") . ':  ' . __("Edit") . '  ' . __("Delete") . ''; ?>
'; echo '
 
'; echo '
'; echo '
'; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo ''; echo '
' . __("Host") . '
' . __("User") . '
'; echo '
'; echo '
'; echo '
'; $m = 0; while ($userRow = $conn->fetchAssoc($userSql)) { $queryBuilder = $userRow['User'] . "@" . $userRow['Host']; echo '
'; } echo '
'; $userSql = $conn->query("SELECT * FROM `user`"); echo '
'; if ($conn->isResultSet($userSql)) { $m = 0; while ($userRow = $conn->fetchAssoc($userSql)) { echo '
'; echo ''; echo ''; echo ''; echo ''; echo ''; echo '
' . $userRow['Host'] . '
' . $userRow['User'] . '
'; echo '
'; $m++; } } echo '
'; echo '
'; } $hasPermissions = false; // check to see if this user has proper permissions to manage users $checkSql = $conn->query("SELECT `Grant_priv` FROM `user` WHERE `Host`='" . $conn->getOptionValue("host") . "' AND `User`='" . $_SESSION['SB_LOGIN_USER'] . "' LIMIT 1"); if ($conn->isResultSet($checkSql)) { $grantValue = $conn->result($checkSql, 0, "Grant_priv"); if ($grantValue == "Y") { $hasPermissions = true; } } if ($hasPermissions) { ?>

listDatabases(); if ($conn->isResultSet($dbList)) { ?>
:
:
:
:
:
:
" />