|
|
 |
Join us on FaceBook | |
 |
Submit Your Code | |
 |
Poker Tournaments | |
|
Poker Guide for Developers | |
 |
SEO Monitor | |
 |
UpTime Monitor | |
 |
My Favorite Examples | |
|
My Favorite Articles | |
 |
Update Your Profile |
| More Weber Sites | ||
| PHP Code Search | ||
| Web Development Forums | ||
| Learn MySQL Playing Trivia | ||
| PHPBB2 Templates | ||
| Web Development Resources | ||
| Web Development Content | ||
| Internet Security Software | ||
| Recommended Links | ||
| PHPClasses | ||
| PHP Editor | ||
| PHP Jobs | ||
| Vision.To Design | ||
| Ajax Tutorials | ||
| PHP Programming Help | ||
| PHP/MySQL Programming | ||
| Webmaster Resources | ||
| Webmaster Forum | ||
| XML meta language | ||
| website builder | ||
| Recommended | ||
| פרייסז - הכח לקנות עובר לידיים שלך | ||
| Texas Holdem Poker Evangelists | ||
|
|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Code | ||||||||||
<html> <head> <title>MySQL Administration</title> <h2><center><i>SQL User Administrator</i></center></h2> <body> <p> <? //------------------------------------------------------ // // PHP MySQL Administrator 1.1 // By Jeff Buck // (jeffb@usmicro.com) // // No Rights Reserved, do whatever you want with it. // Just don't blame me for anything that goes wrong. // // // Set up some variables. // Edit these to match your configuration. // //------------------------------------------------------ $server= "your.sql.server.com"; $pagename= "phpadmin.phtml"; $dbdefault= "defaultdb"; $hostdefault= "localhost"; $mysqladmin= "/usr/local/bin/mysqladmin"; //------------------------------------------------------ // // Reload Tables Function. // Asks for username and password. // //------------------------------------------------------ Function Reload_Tables () { global $user, $password, $mysqladmin; exec( "$mysqladmin --user=$user --password=$password reload"); } //------------------------------------------------------ // // Login Function. // Asks for username and password. // //------------------------------------------------------ Function Login () { global $pagename; echo " <b>Please enter your login information:<p> <FORM METHOD=POST ACTION=$pagename> Please enter your login name: <INPUT TYPE=TEXT NAME=user><p> Please enter your password: <INPUT TYPE=PASSWORD NAME=password><p> <INPUT TYPE=HIDDEN NAME=mode VALUE=Menu> <center><INPUT TYPE=SUBMIT VALUE=Login></center>"; } //------------------------------------------------------ // // The Main Menu. // The main screen where all the user information // is entered. This is called from the login // screen with no values set (except defaults) or // from the "update" buttons using the // "autofill" function. // //------------------------------------------------------ Function Menu () { global $password,$user, $SCRIPT_NAME, $dbdefault, $hostdefault, $autofill, $radio_opt, $victim, $host, $database, $Select_priv, $Insert_priv, $Update_priv, $Delete_priv, $Create_priv, $Drop_priv, $Shutdown_priv, $Process_priv, $Reload_priv, $File_priv; $bgcolor= "#ddddff"; $bgadmin= "#bbbbbb"; $tbcolor= "#000080"; if ( "$autofill" == "Y" ) { if ( "$Select_priv" == "Y" ) { $Select_priv= "checked"; } else { $Select_priv= ""; } if ( "$Insert_priv" == "Y" ) { $Insert_priv= "checked"; } else { $Insert_priv= ""; } if ( "$Update_priv" == "Y" ) { $Update_priv= "checked"; } else { $Update_priv= ""; } if ( "$Delete_priv" == "Y" ) { $Delete_priv= "checked"; } else { $Delete_priv= ""; } if ( "$Create_priv" == "Y" ) { $Create_priv= "checked"; } else { $Create_priv= ""; } if ( "$Drop_priv" == "Y" ) { $Drop_priv= "checked"; } else { $Drop_priv= ""; } if ( "$Reload_priv" == "Y" ) { $Reload_priv= "checked"; } else { $Reload_priv= ""; } if ( "$Shutdown_priv" == "Y" ) { $Shutdown_priv= "checked"; } else { $Shutdown_priv= ""; } if ( "$Process_priv" == "Y" ) { $Process_priv= "checked"; } else { $Process_priv= ""; } if ( "$File_priv" == "Y" ) { $File_priv= "checked"; } else { $File_priv= ""; } if ( "$radio_opt" == "user" ) { $radio_opt_2= "checked"; } if ( "$radio_opt" == "db" ) { $radio_opt_3= "checked"; } $hostdefault=$host; $dbdefault=$database; } else { $radio_opt_1= "checked"; $Select_priv= "checked"; $Insert_priv= "checked"; $Update_priv= "checked"; $Delete_priv= ""; $Create_priv= ""; $Drop_priv= ""; $Reload_priv= ""; $Shutdown_priv= ""; $Process_priv= ""; $File_priv= ""; } echo " <FORM ACTION=\"$SCRIPT_NAME\" METHOD=POST> <INPUT TYPE=HIDDEN NAME=password VALUE=\"$password\"> <INPUT TYPE=HIDDEN NAME=user VALUE=\"$user\"> <p><center> <table border=0 cellspacing=0 width=535> <tr><td bgcolor=$tbcolor><font color=#ffffff><b>User Commands</font></td><td bgcolor=#009900><INPUT TYPE=RADIO NAME=mode VALUE=add $radio_opt_1><b><i>QUICK ADD USER</td></tr> <tr><td bgcolor=#009900><INPUT TYPE=RADIO NAME=mode VALUE=g-add><b><i>ADD GLOBALLY</td> <td bgcolor=#009900><INPUT TYPE=RADIO NAME=mode VALUE=d-add><b><i>ADD TO DATABASE</td></tr> <tr><td bgcolor=#eeee00><INPUT TYPE=RADIO NAME=mode VALUE=g-modify $radio_opt_2><b><i> MODIFY GLOBALLY</td> <td bgcolor=#eeee00><INPUT TYPE=RADIO NAME=mode VALUE=d-modify $radio_opt_3><b><i> MODIFY FOR DATABASE</td></tr> <tr><td bgcolor=#dd0000><INPUT TYPE=RADIO NAME=mode VALUE=g-delete><b><i>DELETE GLOBALLY</td> <td bgcolor=#dd0000><INPUT TYPE=RADIO NAME=mode VALUE=d-delete><b><i>DELETE FROM DATABASE</td></tr> </b></i></table> <table border=1 cellspacing=0 width=535><tr><td colspan=2 bgcolor=$tbcolor><font color=#ffffff><b>User Definition</b></font></td></tr></table> <table border=2 cellspacing=2 width=535> <tr><td colspan=2 bgcolor=$bgcolor align=right>USER: <INPUT TYPE=text NAME=victim value=\"$victim\"></td> <td colspan=2 bgcolor=$bgcolor align=right>PASS: <input type=password name=pw1></td></tr> <tr><td colspan=2 bgcolor=$bgcolor align=right>HOST: <INPUT TYPE=TEXT NAME=host VALUE=\"$hostdefault\"></td> <td colspan=2 bgcolor=$bgcolor align=right>CONFIRM: <input type=password name=pw2></td></tr> <tr><td colspan=2 bgcolor=$bgcolor align=right>DB: <INPUT TYPE=TEXT NAME=database VALUE=\"$dbdefault\"></td><td colspan=2 bgcolor=$bgcolor align=right><i>For old password leave blank</td</tr> </table> <table border=1 cellspacing=0 width=535><tr><td colspan=2 bgcolor=$tbcolor><font color=#ffffff><b>Basic User Settings</b></font></td></tr></table> <table border=2 cellspacing=2 width=535> <tr><td colspan=2 bgcolor=$bgcolor><table border=0 cellspacing=0><tr><td>Select:</td><td width=5%><input type=checkbox name=Select_priv value=Y $Select_priv></td></tr></table></td> <td colspan=2 bgcolor=$bgcolor><table border=0 cellspacing=0><tr><td>Delete:</td><td width=5%><input type=checkbox name=Delete_priv value=Y $Delete_priv></td></tr></table></td></tr> <tr><td colspan=2 bgcolor=$bgcolor><table border=0 cellspacing=0><tr><td>Insert:</td><td width=5%><input type=checkbox name=Insert_priv value=Y $Insert_priv></td></tr></table></td> <td colspan=2 bgcolor=$bgcolor><table border=0 cellspacing=0><tr><td>Create:</td><td width=5%><input type=checkbox name=Create_priv value=Y $Create_priv></td></tr></table></td></tr> <tr><td colspan=2 bgcolor=$bgcolor><table border=0 cellspacing=0><tr><td>Update:</td><td width=5%><input type=checkbox name=Update_priv value=Y $Update_priv></td></tr></table></td> <td colspan=2 bgcolor=$bgcolor><table border=0 cellspacing=0><tr><td>Drop:</td><td width=5%><input type=checkbox name=Drop_priv value=Y $Drop_priv></td></tr></table></td></tr> </table> <table border=1 cellspacing=0 width=535><tr><td colspan=2 bgcolor=$tbcolor><font color=#ffffff><b>Administrative User Settings</b></font></td></tr></table> <table border=2 cellspacing=2 width=535> <tr><td colspan=2 bgcolor=$bgadmin><table border=0 cellspacing=0><tr><td>Reload:</td><td width=5%><input type=checkbox name=Reload_priv value=Y $Reload_priv></td></tr></table></td> <td colspan=2 bgcolor=$bgadmin><table border=0 cellspacing=0><tr><td>Shutdown:</td><td width=5%><input type=checkbox name=Shutdown_priv value=Y $Shutdown_priv></td></tr></table></td></tr> <tr><td colspan=2 bgcolor=$bgadmin><table border=0 cellspacing=0><tr><td>Process:</td><td width=5%><input type=checkbox name=Process_priv value=Y $Process_priv></td></tr></table></td> <td colspan=2 bgcolor=$bgadmin><table border=0 cellspacing=0><tr><td>File:</td><td width=5%><input type=checkbox name=File_priv value=Y $File_priv></td></tr></table></td></tr> </table> <input type=submit value=\"UPDATE THIS USER NOW\" width=535 color=#ffffff> </center></form>"; } //------------------------------------------------------ // // Basic error checking. the "pw" variable is set // before the functions are run to let this // function know if it needs to verify password // information or not. If a null is entered for // something that has a default, the default is // set again (user removed it from form). // //------------------------------------------------------ Function checknclean () { global $victim, $pw1, $pw2, $host, $database, $pw, $hostdefault, $dbdefault, $Select_priv, $Insert_priv, $Update_priv, $Delete_priv, $Create_priv, $Drop_priv, $Reload_priv, $Shutdown_priv, $Process_priv, $File_priv; if ( "$victim" == "" ) { die ( "Casper doesn't need an update!"); } if ( "$database" == "" ) { $database = "$dbdefault"; } if ( "$host" == "" ) { $host = "$hostdefault"; } if ( "$pw" == "1" ) { if ( "$pw1" != "$pw2" ) { die ( "Passwords don't match, try again"); } if ( "$pw1" == "" ) { die ( "If you don't want passwords, change the source code.<p> Otherwise come back when you've got one!"); } } if ( "$Select_priv" != "Y" ) { $Select_priv = "N"; } if ( "$Insert_priv" != "Y" ) { $Insert_priv = "N"; } if ( "$Update_priv" != "Y" ) { $Update_priv = "N"; } if ( "$Delete_priv" != "Y" ) { $Delete_priv = "N"; } if ( "$Create_priv" != "Y" ) { $Create_priv = "N"; } if ( "$Drop_priv" != "Y" ) { $Drop_priv = "N"; } if ( "$Reload_priv" != "Y" ) { $Reload_priv = "N"; } if ( "$Shutdown_priv" != "Y" ) { $Shutdown_priv = "N"; } if ( "$Process_priv" != "Y" ) { $Process_priv = "N"; } if ( "$File_priv" != "Y" ) { $File_priv = "N"; } } //------------------------------------------------------ // // Displays the mysql user table with // buttons for update and delete. // When feeding it user information for it's // query, use "%" for a wildcard. // //------------------------------------------------------ Function show_user ($victim, $host) { global $user, $password, $pagename; @mysql_select_db( "mysql"); // Determine what query to run. if ( "$victim" == "%" ) { if ( "$host" == "%" ) { $result=mysql_query( "select * from user"); } else { $result=mysql_query( "select * from user where host = \"$host\" "); } } elseif ( "$host" == "%" ) { $result=mysql_query( "select * from user where user = \"$vitcim\" "); } else { $result=mysql_query( "select * from user where user = \"$victim\" and host = \"$host\" "); } // Print out the resulting information. echo " <table border=1><tr><th></th><th></th> <th width=60>Host</th><th width=60>User</th><th>Password</th> <th width=25>Sel</th><th width=25>Ins</th><th width=25>Upd</th> <th width=25>Del</th><th width=25>Crt</th><th width=25>Drp</th> <th width=25>Rld</th><th width=25>Sht</th><th width=25>Ps</th><th>File</th></tr>"; $counter=0; while (@mysql_data_seek($result,$counter)) { $row=mysql_fetch_object($result); $counter++; //-------------------------------- // The Update Button //-------------------------------- echo "<tr> <td><form method=post action=$pagename> <input type=hidden name=mode value=\"Menu\"> <input type=hidden name=autofill value=\"Y\"> <input type=hidden name=user value=\"$user\"> <input type=hidden name=password value=\"$password\"> <input type=hidden name=host value=\"$row->Host\"> <input type=hidden name=Select_priv value=\"$row->Select_priv\"> <input type=hidden name=Insert_priv value=\"$row->Insert_priv\"> <input type=hidden name=Update_priv value=\"$row->Update_priv\"> <input type=hidden name=Delete_priv value=\"$row->Delete_priv\"> <input type=hidden name=Create_priv value=\"$row->Create_priv\"> <input type=hidden name=Drop_priv value=\"$row->Drop_priv\"> <input type=hidden name=Reload_priv value=\"$row->Reload_priv\"> <input type=hidden name=Shutdown_priv value=\"$row->Shutdown_priv\"> <input type=hidden name=Process_priv value=\"$row->Process_priv\"> <input type=hidden name=File_priv value=\"$row->File_priv\"> <input type=hidden name=victim value=\"$row->User\"> <input type=hidden name=radio_opt value=\"user\"> <input type=submit value=UPDATE></form></td> "; //-------------------------------- // The Delete Button //-------------------------------- echo " <td><form method=post action=$pagename> <input type=hidden name=mode value=\"g-delete\"> <input type=hidden name=user value=\"$user\"> <input type=hidden name=password value=\"$password\"> <input type=hidden name=host value=\"$row->Host\"> <input type=hidden name=victim value=\"$row->User\"> <input type=submit value=DELETE></form></td> "; //-------------------------------- // Print table values //-------------------------------- for ($i=0; $i<mysql_num_fields($result); $i++) { echo "<td><center>"; echo "$row[$i]"; echo "</center></td>"; } echo "</tr>"; } echo "</table>"; } //------------------------------------------------------ // // Displays the mysql DB table with // buttons for update and delete. // When feeding it user information for it's // query, use "%" for a wildcard. // //------------------------------------------------------ Function show_db ($victim, $host) { global $user, $password, $pagename; @mysql_select_db( "mysql"); // Determine what query to run. if ( "$victim" == "%") { if ( "$host" == "%") { $result=mysql_query( "select * from db"); } else { $result=mysql_query( "select * from db where host = \"$host\" "); } } elseif ( "$host" == "%") { $result=mysql_query( "select * from db where user = \"$vitcim\" "); } else { $result = mysql_query( "select * from db where user = \"$victim\" and host = \"$host\" "); } // Print out the resulting information. echo " <table border=1><tr><th></th><th></th> <th width=60>Host</th><th width=60>Db</th><th width=130>User</th> <th width=25>Sel</th><th width=25>Ins</th><th width=25>Upd</th> <th width=25>Del</th><th width=25>Crt</th><th width=25>Drp</th></tr>"; $counter=0; while (@mysql_data_seek($result,$counter)){ $row=mysql_fetch_object($result); $counter++; //-------------------------------- // The Update Button //-------------------------------- echo " <tr> <td><form method=post action=$pagename> <input type=hidden name=mode value=\"Menu\"> <input type=hidden name=autofill value=\"Y\"> <input type=hidden name=user value=\"$user\"> <input type=hidden name=password value=\"$password\"> <input type=hidden name=host value=\"$row[0]\"> <input type=hidden name=Select_priv value=\"$row->Select_priv\"> <input type=hidden name=Insert_priv value=\"$row->Insert_priv\"> <input type=hidden name=Update_priv value=\"$row->Update_priv\"> <input type=hidden name=Delete_priv value=\"$row->Delete_priv\"> <input type=hidden name=Create_priv value=\"$row-Create_priv\"> <input type=hidden name=Drop_priv value=\"$row->Drop_priv\"> <input type=hidden name=victim value=\"$row->User\"> <input type=hidden name=database value=\"$row->Db\"> <input type=hidden name=radio_opt value=\"db\"> <input type=submit value=UPDATE></form></td> "; //-------------------------------- // The Delete Button //-------------------------------- echo " <td><form method=post action=$pagename> <input type=hidden name=mode value=\"d-delete\"> <input type=hidden name=user value=\"$user\"> <input type=hidden name=password value=\"$password\"> <input type=hidden name=host value=\"$row->Host\"> <input type=hidden name=victim value=\"$row->User\"> <input type=hidden name=database value=\"$row->Db\"> <input type=submit value=DELETE></form></td> "; //-------------------------------- // Print table values //-------------------------------- echo " <td><center>$row->Host</center></td> <td><center>$row->Db</center></td> <td><center>$row->User</center></td> <td><center>$row->Select_priv</center></td> <td><center>$row->Insert_priv</center></td> <td><center>$row->Update_priv</center></td> <td><center>$row->Delete_priv</center></td> <td><center>$row->Create_priv</center></td> <td><center>$row->Drop_priv</center></td> </tr> "; // for ($i=0; $i<mysql_num_fields($result); $i++) { // echo "<td><center>"; // echo "$row[$i]"; // echo "</center></td>"; // } // echo "</tr>\n"; } echo "</table>"; } //------------------------------------------------------ // // This function is the main add function (the // quick add option). It puts user information into // the main user table (password etc), but gives // the user no global rights. It then gives the // user rights for the specified database. // This is just for convenience, you could do the // same thing with g_add and then a d_add. // //------------------------------------------------------ Function add () { checknclean (); global $user, $password, $server, $victim, $pw1, $host, $database, $Select_priv, $Insert_priv, $Update_priv, $Delete_priv, $Create_priv, $Drop_priv; mysql_connect($server,$user,$password); mysql( "mysql", "insert into user ( user, host, password, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv ) values ('$victim', '$host', password(\"$pw1\"), 'N','N','N','N','N','N')"); mysql( "mysql", "insert into db ( user, host, db, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv ) values ('$victim', '$host', '$database', '$Select_priv','$Insert_priv','$Update_priv', '$Delete_priv','$Create_priv','$Drop_priv')"); Reload_Tables(); echo "<h3><b><i><center>New Global User Settings</h3></i></b></center><p>"; show_user ( "%", "%"); echo "<p><center><h3><i><b>New Database Access Table</b></i></h3></center><p>"; show_db ( "%", "%"); echo "That user has been added!"; } //------------------------------------------------------ // // Delete a user/host from every table // //------------------------------------------------------ Function g_delete () { global $user, $password, $server, $victim, $host, $database; checknclean (); mysql_connect($server,$user,$password); mysql( "mysql", "delete from user where user = \"$victim\" and host = \"$host\" "); mysql( "mysql", "delete from db where user = \"$victim\" and host = \"$host\" "); Reload_Tables(); echo "<h3><b><i><center>New Global User Settings</h3></i></b></center><p>"; show_user( "%", "%"); echo "<p><center><h3><i><b>New Database Access Table</b></i></h3></center><p>"; show_db( "%", "%"); echo "The user $victim@$host has been deleted the user"; } //------------------------------------------------------ // // Delete a user/host from a particular database. // //------------------------------------------------------ Function d_delete () { global $user, $password, $server, $victim, $host, $database; checknclean (); mysql_connect($server,$user,$password); mysql( "mysql", "delete from db where user = \"$victim\" and host = \"$host\" "); Reload_Tables(); echo "<h3><b><i><center>New Global User Settings</h3></i></b></center><p>"; show_user( "%", "%"); echo "<p><center><h3><i><b>New Database Access Table</b></i></h3></center><p>"; show_db( "%", "%"); echo "The user $victim@$host has been deleted the user"; } //------------------------------------------------------ // // Add a global user. (user table only) // //------------------------------------------------------ Function g_add () { global $user, $password, $server, $victim, $pw1, $host, $Select_priv, $Insert_priv, $Update_priv, $Delete_priv, $Create_priv, $Drop_priv, $Reload_priv, $Shutdown_priv, $Process_priv, $File_priv; checknclean (); mysql_connect($server,$user,$password); mysql( "mysql", "insert into user ( user, host, password, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv, File_priv ) values ('$victim', '$host', password(\"$pw1\"), '$Select_priv','$Insert_priv','$Update_priv', '$Delete_priv','$Create_priv','$Drop_priv', '$Reload_priv','$Shutdown_priv', '$Process_priv','$File_priv')"); Reload_Tables(); echo "<h3><b><i><center>New Global User Settings</h3></i></b></center><p>"; show_user ( "%", "%", "user"); echo "<p><center><h3><i><b>New Database Access Table</b></i></h3></center><p>"; show_db ( "%", "%", "db"); echo "That user has been added!"; } //------------------------------------------------------ // // Add a user to a database. (db table only) // //------------------------------------------------------ Function d_add () { checknclean (); global $user, $password, $server, $victim, $host, $database, $Select_priv, $Insert_priv, $Update_priv, $Delete_priv, $Create_priv, $Drop_priv; mysql_connect($server,$user,$password); mysql( "mysql", "insert into db ( user, host, db, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv ) values ('$victim', '$host', '$database', '$Select_priv','$Insert_priv','$Update_priv', '$Delete_priv','$Create_priv','$Drop_priv')"); Reload_Tables(); echo "<h3><b><i><center>New Global User Settings</h3></i></b></center><p>"; show_user ( "%", "%"); echo "<p><center><h3><i><b>New Database Access Table</b></i></h3></center><p>"; show_db ( "%", "%"); echo "That user has been added!"; } //------------------------------------------------------ // // Modify a user's global settings (user table only). // //------------------------------------------------------ Function g_modify () { global $user, $password, $server, $victim, $pw1, $pw2, $host, $Select_priv, $Insert_priv, $Update_priv, $Delete_priv, $Create_priv, $Drop_priv, $Reload_priv, $Shutdown_priv, $Process_priv, $File_priv; checknclean (); if ( "$pw1" != "$pw2" ) { die ( "Passwords don't match, try again"); } mysql_connect($server,$user,$password); if ( "$pw1" == "" ) { mysql( "mysql", "update user set user = '$victim', host = '$host', Select_priv = '$Select_priv', Insert_priv = '$Insert_priv', Update_priv = '$Update_priv', Delete_priv = '$Delete_priv', Create_priv = '$Create_priv', Drop_priv = '$Drop_priv', Reload_priv = '$Reload_priv', Shutdown_priv = '$Shutdown_priv', Process_priv = '$Process_priv', File_priv = '$File_priv' where user = '$victim' and host = '$host'"); } else { mysql( "mysql", "update user set user = '$victim', host = '$host', password = '$pw1', Select_priv = '$Select_priv', Insert_priv = '$Insert_priv', Update_priv = '$Update_priv', Delete_priv = '$Delete_priv', Create_priv = '$Create_priv', Drop_priv = '$drop_priv' where user = '$victim' and host = '$host'"); } Reload_Tables(); echo "<h3><b><i><center>New Global User Settings</h3></i></b></center><p>"; show_user ( "%", "%"); echo "<p><center><h3><i><b>New Database Access Table</b></i></h3></center><p>"; show_db ( "%", "%"); } //------------------------------------------------------ // // Modify a user's database settings (db table only). // //------------------------------------------------------ Function d_modify () { global $user, $password, $server, $victim, $host, $database, $Select_priv, $Insert_priv, $Update_priv, $Delete_priv, $Create_priv, $Drop_priv; checknclean (); mysql_connect($server,$user,$password); mysql( "mysql", "update db set user = '$victim', host = '$host', db = '$database', Select_priv = '$Select_priv', Insert_priv = '$Insert_priv', Update_priv = '$Update_priv', Delete_priv = '$Delete_priv', Create_priv = '$Create_priv', Drop_priv = '$Drop_priv' where user = '$victim' and host = '$host'"); Reload_Tables(); echo "<h3><b><i><center>New Global User Settings</h3></i></b></center><p>"; show_user ( "%", "%"); echo "<p><center><h3><i><b>New Database Access Table</b></i></h3></center><p>"; show_db ( "%", "%"); } //------------------------------------------------------ // // Global Display Function: // Display full user and db tables. // //------------------------------------------------------ Function g_display () { global $user, $password, $server; mysql_connect($server,$user,$password); show_user ( "%", "%"); show_db ( "%", "%"); } //------------------------------------------------------ // // The footer printed at the bottem of the page // //------------------------------------------------------ Function footer() { global $password, $user, $pagename; echo " <hr> <center> <table border=1 cellspacing=2 bgcolor=#e0e0cc> <tr> <td><a href=\"$pagename?mode=help\">HELP</a></td> <td><a href=\"$pagename?mode=g-display&user=$user&password=$password\">SHOW PERMISSION TABLES</a></td> <td><a href=\"$pagename?mode=Menu&user=$user&password=$password\">Main Menu</a></td> </tr></table> </center> "; } //------------------------------------------------------ // // This is the help information page. // //------------------------------------------------------ Function help () { echo " <center> <h2><b><i>Administration Help Page</h2></b></i> </center> <p> <ul><li><i> Note: This page is not a substitute for knowing how mysql permissions work.<p><b>Warning: The admin utility doesn't include any \"Are you sure?\" prompts. Be sure of what you are doing before you click to submit. This utility was written with administrators in mind, and wasn't meant to be used by the average user.</b> </ul></li></i><p> <hr> <h2>User Commands:</h2><p> <li>Quick Add User</li><p> <ul><ul><i>This option adds a user to both the USER table and the DATABASE (db) table. In the USER table, they are given absolutely no permissions by default, and the permissions that were checked on the user information page, are applied only to the database specified. If no database was specified, then the default database is used.</ul></ul></i><p> <li>Add Globally</li><p> <ul><ul><i>This option adds the user to the USER table only. Any permissions granted here are good for *all* databases. Additional rights for any given database can be given with the Add for Database option. Every user/host pair *must* have a listing here since password information for the paris is stored here.</i></ul></ul><p> <li>Add to Database</li><p> <ul><ul><i>This will add permissions for a user/host pair to a particular database.</i></ul></ul><p> <li>Modify Globally</li><p> <ul><ul><i>Modifies a user's global (user table) settings. Leave the password boxes both blank to retain the user's previous password.</i></ul></ul><p> <li>Modify for Database</li><p> <ul><ul>Modifies a user's permissions for a particular database.</ul></ul><p> <li>Delete Globally</li><p> <ul><ul><i>Deletes the user/host pair from both the USER and DATABASE tables. </i></ul></ul><p> <li>Username</li><p> <ul><ul><i>This is the username of the user to be added or modified</ul></ul></i><p> <li>Password/Confirm</li><p> <ul><ul><i>This is the password and the confirmation for the user. If you are modifying the user, but don't want to change their password, then just leave both of these blank.</ul></ul></i><p> <li>Host</li><p> <ul><ul><i>This is the host that the user is allowed to connect from. If you set this to \"%\" it is a wildcard. Use only \"localhost\" if you don't want users to be able to connect direclty to the sql server from elseware. This will allow scripts/programs running on the mysql server to access it but nothing else.</ul></ul></i><p> <li>Database</li><p> <ul><ul><i>This is the database that the rights are given for. Note: Global rights are good for *any* database, so it may be easiest to set up global accounts for passwords but with no rights configured, and then add users to individual databases as needed.</ul></ul></i><p> <li>*_priv</li><p> <ul><ul><i>These are the sql operations allowed for the database or globally for that user.</ul></ul></i><p> "; } // // Main Loop // // if pw is set to 1, then the function will // know to perform password matching verification // and test to make sure it's not null. switch ($mode) { case ""; Login ();break; case "Menu"; Menu (); footer(); break; case "g-add"; $pw = "1"; g_add (); footer(); break; case "d-add"; d_add (); footer(); break; case "g-delete"; g_delete (); footer(); break; case "d-delete"; d_delete (); footer(); break; case "g-modify"; g_modify (); footer(); break; case "d-modify"; d_modify (); footer(); break; case "add"; $pw = "1"; add (); footer(); break; case "help"; help (); footer(); break; case "delete"; delete (); footer(); break; case "g-display"; g_display (); footer(); break; default; echo "Admin utility internal error: Unknown mode: $mode"; } ?> </body> </html> | ||||||||||
| Related Code Examples | ||||||||||
|
| ||||||||||
