archive
/
utd-control-panel
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Unsupported scripts and control panel web app for a hosting company
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
utd-control-panel/www/test.php

test.php 6.3KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160 
  1. <?PHP

  2. 

  3.  require_once('lib/dashboard.php');

  4.  require_once('lib/common.php');

  5.  require_once('lib/account.php');

  6. 

  7.  if (isset($_POST['action'])) {

  8.   if ($_POST['action'] == 'adduser' && isset($_POST['dbuser']) && isset($_POST['dbpass'])) {

  9.    $sql = 'INSERT INTO db_users (user_id, dbuser_name) VALUES ('.UID.', \'';

  10.    $sql .= USER.'_'.m($_POST['dbuser']).'\')';

  11.    $res = mysql_query($sql) or mf(__FILE__, __LINE__, $sql);

  12.    if (mysql_affected_rows() > 0) {

  13.     //GRANT USAGE ON * . * TO 'test'@'localhost' IDENTIFIED BY '***' WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0 MAX_UPDATES_PER_HOUR 0 ;

  14.     logger::log('Database user created: '.$_POST['dbuser'],logger::info);

  15.     $sql = 'GRANT USAGE ON *.* to \''.USER.'_';

  16.     $sql .= m($_POST['dbuser']).'\'@\'localhost\'';

  17.     $sql .= ' IDENTIFIED BY \''.m($_POST['dbpass']).'\'';

  18.     $sql .= ' WITH MAX_QUERIES_PER_HOUR 0 MAX_CONNECTIONS_PER_HOUR 0';

  19.     $sql .= ' MAX_UPDATES_PER_HOUR 0';

  20.     $l = mysql_connect('localhost', 'root', 'mysql32159');;

  21.     mysql_select_db('admin', $l);

  22.     mysql_query($sql,$l) or mf(__FILE__, __LINE__, $sql);

  23.     mysql_close($l);

  24.     $_redodb = true; require('lib/database.php'); unset($_redodb);

  25.    } else {

  26.     define('MESSAGE', 'Unable to add. Please raise a ticket.');

  27.    }

  28.   } elseif ($_POST['action'] == 'adddb' && isset($_POST['newdb'])) {

  29.    $sql = 'INSERT INTO db_dbs (user_id, db_name) VALUES ('.UID.', \'';

  30.    $sql .= USER.'_'.m($_POST['newdb']).'\')';

  31.    $res = mysql_query($sql) or mf(__FILE__, __LINE__, $sql);

  32.    if (mysql_affected_rows() > 0) {

  33.     //GRANT ALL PRIVILEGES ON `admin` . * TO 'md87'@'localhost' WITH GRANT OPTION ;

  34.     logger::log('Database created: '.$_POST['newdb'], logger::info);

  35.     $sql = 'CREATE DATABASE `'.USER.'_'.m($_POST['newdb']).'`';

  36.     $l = mysql_connect('localhost', 'root', 'mysql32159');;

  37.     mysql_select_db('admin', $l);

  38.     mysql_query($sql,$l) or mf(__FILE__, __LINE__, $sql);

  39.     $sql = 'GRANT ALL PRIVILEGES ON `'.USER.'_'.m($_POST['newdb']).'`.* TO \''.USER.'\'@\'localhost\'';

  40.     mysql_query($sql,$l) or mf(__FILE__, __LINE__, $sql);

  41.     mysql_close($l);

  42.     $_redodb = true; require('lib/database.php'); unset($_redodb);

  43.    } else {

  44.     define('MESSAGE', 'Unable to add. Please raise a ticket.');

  45.    }

  46.   } elseif ($_POST['action'] == 'perms') {

  47.    $sql = 'SELECT dbuser_id, dbuser_name FROM db_users WHERE user_id = '.UID;

  48.    $res = mysql_query($sql) or mf(__FILE__, __LINE__, $sql);

  49.    $users = array();

  50.    while ($row = mysql_fetch_array($res)) {

  51.     $users[($row[0])] = $row[1];

  52.    }

  53.    $sql = 'SELECT db_id, db_name FROM db_dbs WHERE user_id = '.UID;

  54.    $res = mysql_query($sql) or mf(__FILE__, __LINE__, $sql);

  55.    $dbs = array();

  56.    while ($row = mysql_fetch_array($res)) {

  57.     $dbs[($row[0])] = str_replace('_','\_',$row[1]);

  58.    }

  59.    $sql = 'SELECT db_perms.dbuser_id, db_id FROM db_perms NATURAL JOIN db_users WHERE user_id = '.UID;

  60.    $res = mysql_query($sql) or mf(__FILE__, __LINE__, $sql);

  61.    $perms = array();

  62.    while ($row = mysql_fetch_array($res)) {

  63.     if (!isset($perms[($row[0])])) { $perms[($row[0])] = array(); }

  64.     $perms[($row[0])][($row[1])] = true;

  65.    }

  66.    $remove = $perms; $add = array();

  67.    foreach ($_POST as $k => $v) {

  68.     if ($v != 'on' && $v != 'checked') { continue; }

  69.     $bits = explode('_', $k);

  70.     if ($bits[0] != 'dbp') { continue; }

  71.     if (!isset($dbs[($bits[1])])) { continue; }

  72.     if (!isset($users[($bits[2])])) { continue; }

  73.     if (isset($remove[($bits[2])][($bits[1])])) {

  74.      unset($remove[($bits[2])][($bits[1])]);

  75.     } else {

  76.      if (!isset($add[($bits[2])])) { $add[($bits[2])] = array(); }

  77.      $add[($bits[2])][($bits[1])] = true;

  78.     }

  79.    }

  80.    $l = mysql_connect('localhost', 'root', 'mysql32159');;

  81.    mysql_select_db('admin', $l);

  82.    mysql_query($sql,$l) or mf(__FILE__, __LINE__, $sql);

  83. 

  84.    foreach ($remove as $user => $dat) {

  85.     foreach ($dat as $db => $true) {

  86.      $sql = 'DELETE FROM db_perms WHERE dbuser_id = '.$user.' AND db_id = '.$db;

  87.      mysql_query($sql) or mf(__FILE__, __LINE__, $sql);

  88.      $sql = 'REVOKE ALL PRIVILEGES ON `'.$dbs[$db].'`.* FROM \''.$users[$user].'\'@\'localhost\'';

  89.      mysql_query($sql) or mf(__FILE__, __LINE__, $sql);

  90.      logger::log('Revoked db permission: '.$users[$user].' on '.$dbs[$db],logger::info);

  91.     }

  92.    }

  93. 

  94.    foreach ($add as $user => $dat) {

  95.     foreach ($dat as $db => $true) {

  96.      $sql = 'INSERT INTO db_perms (dbuser_id, db_id) VALUES ('.$user.', '.$db.')';

  97.      mysql_query($sql) or mf(__FILE__, __LINE__, $sql);

  98.      $sql = 'GRANT ALL PRIVILEGES ON `'.$dbs[$db].'`.* TO \''.$users[$user].'\'@\'localhost\'';

  99.      mysql_query($sql) or mf(__FILE__, __LINE__, $sql);

  100.      logger::log('Added db permission: '.$users[$user].' on '.$dbs[$db], logger::info);

  101.     }

  102.    } 

  103. 

  104.    mysql_close($l);

  105.    $_redodb = true; require('lib/database.php'); unset($_redodb);

  106.    header('Location: '.CP_PATH.'database');

  107.    exit;

  108.   }

  109.  }

  110. 

  111.  if (isset($_POST['delete'])) {

  112.   if (isset($_POST['confirm'])) {

  113.    $sql = 'SELECT db_id, db_name FROM db_dbs WHERE user_id = '.UID.' AND (0';

  114.    foreach ($_POST as $k => $v) {

  115.     if (substr($k,0,2) == 'db' && ctype_digit(substr($k,2))) {

  116.      $sql .= ' OR db_id = '.m(substr($k,2));

  117.     }

  118.    }

  119.    $sql .= ')';

  120.    $res = mysql_query($sql) or mf(__FILE__, __LINE__, $sql);

  121.    $targets = array();

  122.    while ($row = mysql_fetch_array($res)) {

  123.     $sql = 'DELETE FROM db_perms WHERE db_id = '.$row['db_id'];

  124.     mysql_query($sql) or mf(__FILE__, __LINE__, $sql);

  125.     $sql = 'DELETE FROM db_dbs WHERE db_id = '.$row['db_id'];

  126.     mysql_query($sql) or mf(__FILE__, __LINE__, $sql);

  127.     logger::log('Deleted MySQL database: '.$row['db_name'], logger::info);

  128.     $targets[] = $row['db_name'];

  129.    }

  130.    $l = mysql_connect('localhost', 'root', 'mysql32159');;

  131.    mysql_select_db('admin', $l);

  132.    foreach ($targets as $db) {

  133.     $sql = 'DROP DATABASE `'.m($db).'`';

  134.     mysql_query($sql,$l) or mf(__FILE__, __LINE__, $sql);

  135.    }

  136.    mysql_close($l);

  137.    $_redodb = true; require('lib/database.php'); unset($_redodb);

  138.    header('Location: '.CP_PATH.'database');

  139.    exit;

  140.   } else {

  141.    define('MESSAGE', 'Please confirm database deletion');

  142.   }

  143.  }

  144.  

  145.  define('TITLE', 'Databases');

  146.  

  147.  addDashboardItem('Useful links', 'phpMyAdmin', 'phpMyAdmin');

  148. 

  149.  require_once('lib/header.php');

  150.  

  151.  require_once('pages/dbusers.php');

  152.  require_once('pages/dbdbs.php');

  153.  require_once('pages/dbperms.php');

  154. 

  155.  require_once('pages/tuttest.php');

  156.  

  157.  require_once('lib/footer.php');

  158. 

  159. 

  160. ?>