0) { // robbat2: Use the verbose name of the server instead of the hostname // if a value is set if(!empty($cfg['Server']['verbose'])) { $server_info = $cfg['Server']['verbose']; } else { $server_info = $cfg['Server']['host']; } $server_info .= (empty($cfg['Server']['port']) ? '' : ':' . $cfg['Server']['port']); // loic1: skip this because it's not a so good idea to display sockets // used to everybody // if (!empty($cfg['Server']['socket']) && PMA_PHP_INT_VERSION >= 30010) { // $server_info .= ':' . $cfg['Server']['socket']; // } $local_query = 'SELECT VERSION() as version, USER() as user'; $res = PMA_mysql_query($local_query) or PMA_mysqlDie('', $local_query, FALSE, ''); $mysql_cur_user_and_host = PMA_mysql_result($res, 0, 'user'); $mysql_cur_user = substr($mysql_cur_user_and_host, 0, strrpos($mysql_cur_user_and_host, '@')); $full_string = str_replace('%pma_s1%', PMA_mysql_result($res, 0, 'version'), $strMySQLServerProcess); $full_string = str_replace('%pma_s2%', $server_info, $full_string); $full_string = str_replace('%pma_s3%', $mysql_cur_user_and_host, $full_string); echo '

' . $full_string . '


' . "\n"; } // end if /** * Reload mysql (flush privileges) */ if (($server > 0) && isset($mode) && ($mode == 'reload')) { $result = PMA_mysql_query('FLUSH PRIVILEGES'); // Debug: or PMA_mysqlDie('', 'FLUSH PRIVILEGES', FALSE, 'main.php?' . PMA_generate_common_url()); echo '

'; if ($result != 0) { echo $strMySQLReloaded; } else { echo $strReloadFailed; } echo '

' . "\n\n"; } /** * Displays the MySQL servers choice form */ if ($server == 0 || count($cfg['Servers']) > 1) { ?>

0) { // Get user's global privileges ($dbh and $userlink are links to MySQL // defined in the "common.lib.php" library) // Note: if no controluser is defined, $dbh contains $userlink $is_create_priv = FALSE; $is_process_priv = TRUE; $is_reload_priv = FALSE; // We were checking privileges with 'USE mysql' but users with the global // priv CREATE TEMPORARY TABLES or LOCK TABLES can do a 'USE mysql' // (even if they cannot see the tables) $is_superuser = @PMA_mysql_query('SELECT COUNT(*) FROM mysql.user', $userlink); if ($dbh) { $local_query = 'SELECT Create_priv, Process_priv, Reload_priv FROM mysql.user WHERE User = \'' . PMA_sqlAddslashes($mysql_cur_user) . '\''; $rs_usr = PMA_mysql_query($local_query, $dbh); // Debug: or PMA_mysqlDie('', $local_query, FALSE); if ($rs_usr) { while ($result_usr = PMA_mysql_fetch_array($rs_usr)) { if (!$is_create_priv) { $is_create_priv = ($result_usr['Create_priv'] == 'Y'); } /* 02-12-09 rabus: Every user has access to the process list - at least to its own :-) if (!$is_process_priv) { $is_process_priv = ($result_usr['Process_priv'] == 'Y'); } */ if (!$is_reload_priv) { $is_reload_priv = ($result_usr['Reload_priv'] == 'Y'); } } // end while mysql_free_result($rs_usr); } // end if } // end if // If the user has Create priv on a inexistant db, show him in the dialog // the first inexistant db name that we find, in most cases it's probably // the one he just dropped :) if (!$is_create_priv) { $local_query = 'SELECT DISTINCT Db FROM mysql.db WHERE Create_priv = \'Y\' AND User = \'' . PMA_sqlAddslashes($mysql_cur_user) . '\''; $rs_usr = PMA_mysql_query($local_query, $dbh); // Debug: or PMA_mysqlDie('', $local_query, FALSE); if ($rs_usr) { $re0 = '(^|(\\\\\\\\)+|[^\])'; // non-escaped wildcards $re1 = '(^|[^\])(\\\)+'; // escaped wildcards while ($row = PMA_mysql_fetch_array($rs_usr)) { if (ereg($re0 . '(%|_)', $row['Db']) || (!PMA_mysql_select_db(ereg_replace($re1 . '(%|_)', '\\1\\3', $row['Db']), $userlink) && @mysql_errno() != 1044)) { $db_to_create = ereg_replace($re0 . '%', '\\1...', ereg_replace($re0 . '_', '\\1?', $row['Db'])); $db_to_create = ereg_replace($re1 . '(%|_)', '\\1\\3', $db_to_create); $is_create_priv = TRUE; break; } // end if } // end while mysql_free_result($rs_usr); } // end if else { // Finally, let's try to get the user's privileges by using SHOW // GRANTS... // Maybe we'll find a little CREATE priv there :) $local_query = 'SHOW GRANTS FOR ' . $mysql_cur_user_and_host; $rs_usr = PMA_mysql_query($local_query, $dbh); if (!$rs_usr) { // OK, now we'd have to guess the user's hostname, but we // only try out the 'username'@'%' case. $local_query = 'SHOW GRANTS FOR ' . $mysql_cur_user; $rs_usr = PMA_mysql_query($local_query, $dbh); } if ($rs_usr) { $re0 = '(^|(\\\\\\\\)+|[^\])'; // non-escaped wildcards $re1 = '(^|[^\])(\\\)+'; // escaped wildcards while ($row = PMA_mysql_fetch_row($rs_usr)) { $show_grants_dbname = substr($row[0], strpos($row[0], ' ON ') + 4,(strpos($row[0], '.', strpos($row[0], ' ON ')) - strpos($row[0], ' ON ') - 4)); $show_grants_str = substr($row[0],6,(strpos($row[0],' ON ')-6)); if (($show_grants_str == 'ALL') || ($show_grants_str == 'ALL PRIVILEGES') || ($show_grants_str == 'CREATE') || strpos($show_grants_str, 'CREATE')) { if ($show_grants_dbname == '*') { $is_create_priv = TRUE; $db_to_create = ''; break; } // end if else if (ereg($re0 . '%|_', $show_grants_dbname) || !PMA_mysql_select_db($show_grants_dbname, $userlink) && @mysql_errno() != 1044) { $db_to_create = ereg_replace($re0 . '%', '\\1...', ereg_replace($re0 . '_', '\\1?', $show_grants_dbname)); $db_to_create = ereg_replace($re1 . '(%|_)', '\\1\\3', $db_to_create); // and remove backquotes $db_to_create = str_replace('`','',$db_to_create); $is_create_priv = TRUE; break; } // end elseif } // end if } // end while unset($show_grants_dbname, $show_grants_str); mysql_free_result($rs_usr); } // end if } // end elseif } // end if else { $db_to_create = ''; } // end else if (!$cfg['SuggestDBName']) { $db_to_create = ''; } $common_url_query = PMA_generate_common_url(); if ($is_superuser) { $cfg['ShowMysqlInfo'] = TRUE; $cfg['ShowMysqlVars'] = TRUE; $cfg['ShowChgPassword'] = TRUE; } if ($cfg['Server']['auth_type'] == 'config') { $cfg['ShowChgPassword'] = FALSE; } // loic1: Displays the MySQL column only if at least one feature has to be // displayed if ($is_superuser || $is_create_priv || $is_process_priv || $is_reload_priv || $cfg['ShowMysqlInfo'] || $cfg['ShowMysqlVars'] || $cfg['ShowChgPassword'] || $cfg['Server']['auth_type'] != 'config') { ?> 0) echo "\n"; /** * Displays the phpMyAdmin related links */ ?>
= 40100) { echo "\n"; ?> (*)' : ''; echo "\n"; ?>
  MySQL
item

item
' . $strNoPrivileges .''; ?>
item
item  
item  
item  
item  
item  
item
item
item
item  
    
  phpMyAdmin
item
Language (*):
item
:
item
item
item
      [ChangeLog]    [CVS]    [Lists]
' . $strPmaUriError . '

' . "\n"; } /** * Warning if using the default MySQL privileged account */ if ($server != 0 && $cfg['Server']['user'] == 'root' && $cfg['Server']['password'] == '') { echo '

' . $strInsecureMySQL . '

' . "\n"; } /** * Warning for PHP 4.2.3 */ if (PMA_PHP_INT_VERSION == 40203 && @extension_loaded('mbstring')) { echo '

' . $strPHP40203 . '

' . "\n"; } /** * Warning for old PHP version */ if (PMA_PHP_INT_VERSION < 40100) { echo '

' . sprintf($strUpgrade, 'PHP', '4.1.0') . '

' . "\n"; } /** * Warning for old MySQL version */ if (PMA_MYSQL_INT_VERSION < 32332) { echo '

' . sprintf($strUpgrade, 'MySQL', '3.23.32') . '

' . "\n"; } /** * Displays the footer */ echo "\n"; require_once('./footer.inc.php'); ?>