diff options
Diffstat (limited to 'hugo/libraries/List_Database.class.php')
| -rw-r--r-- | hugo/libraries/List_Database.class.php | 319 |
1 files changed, 319 insertions, 0 deletions
diff --git a/hugo/libraries/List_Database.class.php b/hugo/libraries/List_Database.class.php new file mode 100644 index 0000000..fe8dcfc --- /dev/null +++ b/hugo/libraries/List_Database.class.php @@ -0,0 +1,319 @@ +<?php +/* vim: set expandtab sw=4 ts=4 sts=4: */ +/** + * holds the PMA_List_Database class + * + * @package PhpMyAdmin + */ + +if (! defined('PHPMYADMIN')) { + exit; +} + +/** + * the list base class + */ +require_once './libraries/List.class.php'; + +/** + * handles database lists + * + * <code> + * $PMA_List_Database = new PMA_List_Database($userlink, $controllink); + * </code> + * + * @todo this object should be attached to the PMA_Server object + * @todo ? make use of INFORMATION_SCHEMA + * @todo ? support --skip-showdatabases and user has only global rights + * + * @package PhpMyAdmin + * @since phpMyAdmin 2.9.10 + */ +class PMA_List_Database extends PMA_List +{ + /** + * @var mixed database link resource|object to be used + * @access protected + */ + protected $db_link = null; + + /** + * @var mixed user database link resource|object + * @access protected + */ + protected $db_link_user = null; + + /** + * @var mixed controluser database link resource|object + * @access protected + */ + protected $db_link_control = null; + + /** + * @var boolean whether SHOW DATABASES is disabled or not + * @access protected + */ + protected $show_databases_disabled = false; + + /** + * @var string command to retrieve databases from server + * @access protected + */ + protected $command = null; + + /** + * Constructor + * + * @param mixed $db_link_user user database link resource|object + * @param mixed $db_link_control control database link resource|object + * + * @return void + */ + public function __construct($db_link_user = null, $db_link_control = null) + { + $this->db_link = $db_link_user; + $this->db_link_user = $db_link_user; + $this->db_link_control = $db_link_control; + + parent::__construct(); + $this->build(); + } + + /** + * checks if the configuration wants to hide some databases + * + * @return void + */ + protected function checkHideDatabase() + { + if (empty($GLOBALS['cfg']['Server']['hide_db'])) { + return; + } + + foreach ($this->getArrayCopy() as $key => $db) { + if (preg_match('/' . $GLOBALS['cfg']['Server']['hide_db'] . '/', $db)) { + $this->offsetUnset($key); + } + } + } + + /** + * retrieves database list from server + * + * @param string $like_db_name usally a db_name containing wildcards + * + * @return array + * @todo we could also search mysql tables if all fail? + */ + protected function retrieve($like_db_name = null) + { + if ($this->show_databases_disabled) { + return array(); + } + + if (null !== $like_db_name) { + $command = "SHOW DATABASES LIKE '" . $like_db_name . "'"; + } elseif (null === $this->command) { + $command = str_replace( + '#user#', $GLOBALS['cfg']['Server']['user'], + $GLOBALS['cfg']['Server']['ShowDatabasesCommand'] + ); + $this->command = $command; + } else { + $command = $this->command; + } + + $database_list = PMA_DBI_fetch_result($command, null, null, $this->db_link); + PMA_DBI_getError(); + + if ($GLOBALS['errno'] !== 0) { + // failed to get database list, try the control user + // (hopefully there is one and he has SHOW DATABASES right) + $this->db_link = $this->db_link_control; + $database_list = PMA_DBI_fetch_result( + $command, null, null, $this->db_link + ); + + PMA_DBI_getError(); + + if ($GLOBALS['errno'] !== 0) { + // failed! we will display a warning that phpMyAdmin could not safely + // retrieve database list, the admin has to setup a control user or + // allow SHOW DATABASES + $GLOBALS['error_showdatabases'] = true; + $this->show_databases_disabled = true; + } + } + + if ($GLOBALS['cfg']['NaturalOrder']) { + natsort($database_list); + } else { + // need to sort anyway, otherwise information_schema + // goes at the top + sort($database_list); + } + + return $database_list; + } + + /** + * builds up the list + * + * @return void + */ + public function build() + { + if (! $this->checkOnlyDatabase()) { + $items = $this->retrieve(); + $this->exchangeArray($items); + } + + $this->checkHideDatabase(); + } + + /** + * checks the only_db configuration + * + * @return boolean false if there is no only_db, otherwise true + */ + protected function checkOnlyDatabase() + { + if (is_string($GLOBALS['cfg']['Server']['only_db']) + && strlen($GLOBALS['cfg']['Server']['only_db']) + ) { + $GLOBALS['cfg']['Server']['only_db'] = array( + $GLOBALS['cfg']['Server']['only_db'] + ); + } + + if (! is_array($GLOBALS['cfg']['Server']['only_db'])) { + return false; + } + + $items = array(); + + foreach ($GLOBALS['cfg']['Server']['only_db'] as $each_only_db) { + + // check if the db name contains wildcard, + // thus containing not escaped _ or % + if (! preg_match('/(^|[^\\\\])(_|%)/', $each_only_db)) { + // ... not contains wildcard + $items[] = PMA_Util::unescapeMysqlWildcards($each_only_db); + continue; + } + + if (! $this->show_databases_disabled) { + $items = array_merge($items, $this->retrieve($each_only_db)); + continue; + } + + // @todo induce error, about not using wildcards + // with SHOW DATABASE disabled? + } + + $this->exchangeArray($items); + + return true; + } + + /** + * returns default item + * + * @return string default item + */ + public function getDefault() + { + if (strlen($GLOBALS['db'])) { + return $GLOBALS['db']; + } + + return $this->getEmpty(); + } + + /** + * this is just a backup, if all is fine this can be deleted later + * + * @deprecated + * @return void + */ + protected function checkAgainstPrivTables() + { + // 1. get allowed dbs from the "mysql.db" table + // User can be blank (anonymous user) + $local_query = " + SELECT DISTINCT `Db` FROM `mysql`.`db` + WHERE `Select_priv` = 'Y' + AND `User` + IN ('" . PMA_Util::sqlAddSlashes($GLOBALS['cfg']['Server']['user']) . "', '')"; + $tmp_mydbs = PMA_DBI_fetch_result( + $local_query, null, null, $GLOBALS['controllink'] + ); + if ($tmp_mydbs) { + // Will use as associative array of the following 2 code + // lines: + // the 1st is the only line intact from before + // correction, + // the 2nd replaces $dblist[] = $row['Db']; + + // Code following those 2 lines in correction continues + // populating $dblist[], as previous code did. But it is + // now populated with actual database names instead of + // with regular expressions. + $tmp_alldbs = PMA_DBI_query('SHOW DATABASES;', $GLOBALS['controllink']); + // all databases cases - part 2 + if (isset($tmp_mydbs['%'])) { + while ($tmp_row = PMA_DBI_fetch_row($tmp_alldbs)) { + $dblist[] = $tmp_row[0]; + } // end while + } else { + while ($tmp_row = PMA_DBI_fetch_row($tmp_alldbs)) { + $tmp_db = $tmp_row[0]; + if (isset($tmp_mydbs[$tmp_db]) && $tmp_mydbs[$tmp_db] == 1) { + $dblist[] = $tmp_db; + $tmp_mydbs[$tmp_db] = 0; + } elseif (! isset($dblist[$tmp_db])) { + foreach ($tmp_mydbs as $tmp_matchpattern => $tmp_value) { + // fixed bad regexp + // TODO: db names may contain characters + // that are regexp instructions + $re = '(^|(\\\\\\\\)+|[^\])'; + $tmp_regex = preg_replace( + '/' . addcslashes($re, '/') . '%/', + '\\1.*', + preg_replace( + '/' . addcslashes($re, '/') . '_/', + '\\1.{1}', + $tmp_matchpattern + ) + ); + // Fixed db name matching + // 2000-08-28 -- Benjamin Gandon + if (preg_match('/^' . addcslashes($tmp_regex, '/') . '$/', $tmp_db)) { + $dblist[] = $tmp_db; + break; + } + } // end while + } // end if ... elseif ... + } // end while + } // end else + PMA_DBI_free_result($tmp_alldbs); + unset($tmp_mydbs); + } // end if + + // 2. get allowed dbs from the "mysql.tables_priv" table + $local_query = 'SELECT DISTINCT `Db` FROM `mysql`.`tables_priv`'; + $local_query .= ' WHERE `Table_priv` LIKE \'%Select%\''; + $local_query .= ' AND `User` = \''; + $local_query .= PMA_Util::sqlAddSlashes($GLOBALS['cfg']['Server']['user']) . '\''; + $rs = PMA_DBI_try_query($local_query, $GLOBALS['controllink']); + if ($rs && @PMA_DBI_num_rows($rs)) { + while ($row = PMA_DBI_fetch_assoc($rs)) { + if (!in_array($row['Db'], $dblist)) { + $dblist[] = $row['Db']; + } + } // end while + PMA_DBI_free_result($rs); + } // end if + } +} +?> |