| Current File : //etc/zpanel/panel/modules/mysql_databases/code/controller.ext.php |
<?php
/**
* @copyright 2014-2015 Sentora Project (http://www.sentora.org/)
* Sentora is a GPL fork of the ZPanel Project whose original header follows:
*
* ZPanel - A Cross-Platform Open-Source Web Hosting Control panel.
*
* @package ZPanel
* @version $Id$
* @author Bobby Allen - ballen@bobbyallen.me
* @copyright (c) 2008-2014 ZPanel Group - http://www.zpanelcp.com/
* @license http://opensource.org/licenses/gpl-3.0.html GNU Public License v3
*
* This program (ZPanel) is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
class module_controller extends ctrl_module
{
static $alreadyexists;
static $blank;
static $badname;
static $deleted_ok;
static $created_ok;
/**
* The 'worker' methods.
*/
static function get_client_ip() {
$ipaddress = '';
if (getenv('HTTP_CLIENT_IP'))
$ipaddress = getenv('HTTP_CLIENT_IP');
else if(getenv('HTTP_X_FORWARDED_FOR'))
$ipaddress = getenv('HTTP_X_FORWARDED_FOR');
else if(getenv('HTTP_X_FORWARDED'))
$ipaddress = getenv('HTTP_X_FORWARDED');
else if(getenv('HTTP_FORWARDED_FOR'))
$ipaddress = getenv('HTTP_FORWARDED_FOR');
else if(getenv('HTTP_FORWARDED'))
$ipaddress = getenv('HTTP_FORWARDED');
else if(getenv('REMOTE_ADDR'))
$ipaddress = getenv('REMOTE_ADDR');
else
$ipaddress = 'UNKNOWN';
return $ipaddress;
}
static function ListDatabases($uid)
{
global $zdbh;
$sql = "SELECT * FROM x_mysql_databases WHERE my_acc_fk=:uid AND my_deleted_ts IS NULL";
$numrows = $zdbh->prepare($sql);
$numrows->bindParam(':uid', $uid);
$numrows->execute();
if ($numrows->fetchColumn() <> 0) {
$sql = $zdbh->prepare($sql);
$sql->bindParam(':uid', $uid);
$res = array();
$sql->execute();
while ($rowmysql = $sql->fetch()) {
$numrowdb = $zdbh->query("SELECT COUNT(*) FROM x_mysql_dbmap WHERE mm_acc_fk=" . $rowmysql['my_acc_fk'] . " AND mm_database_fk=" . $rowmysql['my_id_pk'] . "")->fetch();
$res[] = array('mysqlid' => $rowmysql['my_id_pk'],
'totaldb' => $numrowdb[0],
'mysqlname' => $rowmysql['my_name_vc'],
'mysqlsize' => $rowmysql['my_usedspace_bi'],
'mysqlfriendlysize' => fs_director::ShowHumanFileSize($rowmysql['my_usedspace_bi']));
}
return $res;
} else {
return false;
}
}
static function ListCurrentDatabases($mysqlid)
{
global $zdbh;
$sql = "SELECT * FROM x_mysql_databases WHERE my_id_pk=:mysqlid AND my_deleted_ts IS NULL";
$numrows = $zdbh->prepare($sql);
$numrows->bindParam(':mysqlid', $mysqlid);
$numrows->execute();
if ($numrows->fetchColumn() <> 0) {
$sql = $zdbh->prepare($sql);
$sql->bindParam(':mysqlid', $mysqlid);
$res = array();
$sql->execute();
while ($rowmysql = $sql->fetch()) {
$res[] = array('mysqlid' => $rowmysql['my_id_pk'],
'mysqlname' => $rowmysql['my_name_vc'],
'mysqlsize' => $rowmysql['my_usedspace_bi'],
'mysqlfriendlysize' => fs_director::ShowHumanFileSize($rowmysql['my_usedspace_bi']));
}
return $res;
} else {
return false;
}
}
static function gethelpicon()
{
global $zdbh;
global $controller;
$temp=$controller->GetControllerRequest('URL','module') ;
$val = '/assets/one.txt';
$val1 = '/modules/';
$name=file_get_contents("modules/$temp/assets/helpicon.txt");
return $name;
}
static function ExecuteCreateDatabase($uid, $databasename, $prefix)
{
global $zdbh;
global $controller;
$currentuser = ctrl_users::GetUserDetail($uid);
//$databasename = strtolower(str_replace(' ', '', $prefix.$databasename));
if (fs_director::CheckForEmptyValue(self::CheckCreateForErrors($currentuser['username'], $databasename))) {
return false;
}
$databasename = strtolower(str_replace(' ', '', $prefix.$databasename));
runtime_hook::Execute('OnBeforeCreateDatabase');
try {
$db = $zdbh->mysqlRealEscapeString($databasename);
$sql = $zdbh->prepare("CREATE DATABASE `$db` DEFAULT CHARACTER SET 'utf8' COLLATE 'utf8_general_ci';");
$sql->execute();
$sql = $zdbh->prepare("FLUSH PRIVILEGES");
$sql->execute();
$sql = $zdbh->prepare("INSERT INTO x_mysql_databases (
my_acc_fk,
my_name_vc,
my_created_ts) VALUES (
:userid,
:name,
:time)");
$time = time();
// $name = $prefix . $databasename;
$sql->bindParam(':userid', $currentuser['userid']);
$sql->bindParam(':time', $time);
$sql->bindParam(':name', $databasename);
$sql->execute();
} catch (PDOException $e) {
return false;
}
runtime_hook::Execute('OnAfterCreateDatabase');
self::$created_ok = true;
if(isset($_SESSION['cgs_user']) && isset($_SESSION['cgs_id']) && array_key_exists("cgs_user",$_SESSION) && array_key_exists("cgs_id",$_SESSION) )
{
if($_SESSION['cgs_pk_id'] == $currentuser['userid'])
{
$user_name = $_SESSION['cgs_user'];
$sql2 = $zdbh->prepare("select my_name_vc from x_mysql_databases where my_acc_fk =:newid and my_deleted_ts IS NULL");
$sql2->bindParam(':newid',$currentuser['userid']);
$sql2->execute();
$row_count3 = $sql2->rowCount();
if($row_count3 >0)
{
while($rows=$sql2->fetch())
{
$my_name_vc = $rows['my_name_vc'];
try{
$sql = $zdbh->prepare("GRANT ALL PRIVILEGES ON `$my_name_vc`. * TO :username@'localhost' ");
$sql->bindParam(':username', $user_name);
$sql->execute();
$sql = $zdbh->prepare("FLUSH PRIVILEGES");
$sql->execute();
}
catch(Exception $e) { }
}
}
}
}
return true;
}
static function CheckCreateForErrors($username, $databasename)
{
global $zdbh;
# Check to make sure the database name is not blank before we go any further...
if ($databasename == '') {
self::$blank = true;
return false;
}
// Check for invalid username
if (!self::IsValidUserName($databasename)) {
self::$badname = true;
return false;
}
# Check to make sure the database is not a duplicate...
$sql = "SELECT COUNT(*) FROM x_mysql_databases WHERE my_name_vc=:dbName AND my_deleted_ts IS NULL";
$dbName = $username . "_" . $databasename;
$numrows = $zdbh->prepare($sql);
$numrows->bindParam(':dbName', $dbName);
if ($numrows->execute()) {
if ($numrows->fetchColumn() <> 0) {
self::$alreadyexists = true;
return false;
}
}
return true;
}
static function ExecuteDeleteDatabase($my_id_pk)
{
global $zdbh;
runtime_hook::Execute('OnBeforeDeleteDatabase');
$numrows = $zdbh->prepare("SELECT my_name_vc FROM x_mysql_databases WHERE my_id_pk=:my_id_pk");
$numrows->bindParam(':my_id_pk', $my_id_pk);
$numrows->execute();
$rowmysql = $numrows->fetch();
try {
$my_name_vc = $zdbh->mysqlRealEscapeString($rowmysql['my_name_vc']);
$sql = $zdbh->prepare("DROP DATABASE IF EXISTS `$my_name_vc`;");
//$sql->bindParam(':my_name_vc', $rowmysql['my_name_vc'], PDO::PARAM_STR);
$sql->execute();
$sql = $zdbh->prepare("FLUSH PRIVILEGES");
$sql->execute();
$sql = $zdbh->prepare("UPDATE x_mysql_databases SET ip_deleted=:ip_deleted,my_deleted_ts = :time WHERE my_id_pk = :my_id_pk");
$ip_deleted =self::get_client_ip();
$sql->bindParam(':ip_deleted', $ip_deleted);
$sql->bindParam(':time', time());
$sql->bindParam(':my_id_pk', $my_id_pk);
$sql->execute();
$sql = $zdbh->prepare("DELETE FROM x_mysql_dbmap WHERE mm_database_fk=:my_id_pk");
$sql->bindParam(':my_id_pk', $my_id_pk);
$sql->execute();
/********** code added by Sangeeth to revoke remotehost Start *************/
$currentuser = ctrl_users::GetUserDetail();
$uid = $currentuser['userid'];
$sql = "SELECT * FROM mysql.db WHERE db = :name";
$numrows1 = $zdbh->prepare($sql);
$numrows1->bindParam(':name', $my_name_vc);
$numrows1->execute();
$mysqldb = $numrows1->fetchAll();
foreach($mysqldb as $db) {
$numrows = $zdbh->prepare("SELECT * FROM x_remote_mysql_hosts WHERE re_acc_fk=:userid AND re_deleted_ts IS NULL");
$numrows->bindParam(':userid', $uid);
$numrows->execute();
$rowhosts= $numrows->fetchAll();
array_push($rowhosts, array("re_host_vc"=>"localhost", "re_acc_fk"=>$uid));
foreach($rowhosts as $rowhost) {
$sql = $zdbh->prepare("REVOKE ALL PRIVILEGES ON `" . $rowmysql['my_name_vc'] . "`.* FROM '" . $db['User'] . "'@'" . $rowhost['re_host_vc'] . "'");
$sql->execute();
}
}
/********** code added by Sangeeth to revoke remotehost End *************/
} catch (PDOException $e) {
return false;
}
runtime_hook::Execute('OnAfterDeleteDatabase');
self::$deleted_ok = true;
return true;
}
static function IsValidUserName($username)
{
if (!preg_match('/^[a-z\d\w][a-z\d\w-]{0,62}$/i', $username) || preg_match('/-$/', $username)) {
return false;
}
else {
if (strlen($username) < 17) {
// Enforce the MySQL username limit! (http://dev.mysql.com/doc/refman/4.1/en/user-names.html)
return true;
}
return false;
}
}
/**
* End 'worker' methods.
*/
/**
* Webinterface sudo methods.
*/
static function doCreateDatabase()
{
global $controller;
runtime_csfr::Protect();
$currentuser = ctrl_users::GetUserDetail();
$formvars = $controller->GetAllControllerRequests('FORM');
return self::ExecuteCreateDatabase($currentuser['userid'], $formvars['inDatabase'],$formvars['inprefix']);
}
static function doDeleteDatabase()
{
global $controller;
runtime_csfr::Protect();
$currentuser = ctrl_users::GetUserDetail();
$formvars = $controller->GetAllControllerRequests('FORM');
foreach (self::ListDatabases($currentuser['userid']) as $row) {
if (isset($formvars['inDelete_' . $row['mysqlid'] . ''])) {
header("location: ./?module=" . $controller->GetCurrentModule() . "&show=Delete&other=" . $row['mysqlid'] . "");
exit;
}
}
return true;
}
static function doConfirmDeleteDatabase()
{
global $controller;
runtime_csfr::Protect();
$formvars = $controller->GetAllControllerRequests('FORM');
return self::ExecuteDeleteDatabase($formvars['inDelete']);
}
static function getDatabaseList()
{
$currentuser = ctrl_users::GetUserDetail();
return self::ListDatabases($currentuser['userid']);
}
static function getisDeleteDatabase()
{
global $controller;
$urlvars = $controller->GetAllControllerRequests('URL');
return (isset($urlvars['show'])) && ($urlvars['show'] == "Delete");
}
static function getisCreateDatabase()
{
global $controller;
$urlvars = $controller->GetAllControllerRequests('URL');
return !isset($urlvars['show']);
}
static function getCurrentUserName()
{
global $zdbh;
global $controller;
$currentuser = ctrl_users::GetUserDetail();
$uid = $currentuser['userid'];
$query = "SELECT * from x_database_settings WHERE ds_user_vc='$uid'";
$res = $zdbh->prepare($query);
$res->execute();
$results = $res->rowCount();
$val = "";
if($results == 0)
{
return $currentuser['username']."_";
}
else
if($results > 0)
{
while($rows=$res->fetch())
{
if($rows['ds_enabled_in'] == 0)
{
return $currentuser['username']."_";
}
else if($rows['ds_enabled_in'] == 1)
{
return $val;
}
}
}
}
static function getEditCurrentDatabaseName()
{
global $controller;
if ($controller->GetControllerRequest('URL', 'other')) {
$current = self::ListCurrentDatabases($controller->GetControllerRequest('URL', 'other'));
return $current[0]['mysqlname'];
} else {
return '';
}
}
static function getEditCurrentDatabaseID()
{
global $controller;
if ($controller->GetControllerRequest('URL', 'other')) {
$current = self::ListCurrentDatabases($controller->GetControllerRequest('URL', 'other'));
return $current[0]['mysqlid'];
} else {
return '';
}
}
static function getQuotaLimit()
{
$currentuser = ctrl_users::GetUserDetail();
return ($currentuser['mysqlquota'] < 0 ) or //-1 = unlimited
($currentuser['mysqlquota'] > ctrl_users::GetQuotaUsages('mysql', $currentuser['userid']));
}
static function getMysqlUsagepChart()
{
global $controller;
$currentuser = ctrl_users::GetUserDetail();
$maximum = $currentuser['mysqlquota'];
if ($maximum < 0) { //-1 = unlimited
return '<img src="' . ui_tpl_assetfolderpath::Template() . 'img/misc/unlimited.png" alt="' . ui_language::translate('Unlimited') . '"/>';
} else {
$used = ctrl_users::GetQuotaUsages('mysql', $currentuser['userid']);
$free = max($maximum - $used, 0);
return '<img src="etc/lib/pChart2/sentora/z3DPie.php?score=' . $free . '::' . $used
. '&labels=Free: ' . $free . '::Used: ' . $used
. '&legendfont=verdana&legendfontsize=8&imagesize=240::190&chartsize=120::90&radius=100&legendsize=150::160"'
. ' alt="' . ui_language::translate('Pie chart') . '"/>';
}
}
static function getResult()
{
if (!fs_director::CheckForEmptyValue(self::$blank)) {
return ui_sysmessage::shout(ui_language::translate("To create the database, please specify your database name."), "zannounceerror");
}
if (!fs_director::CheckForEmptyValue(self::$badname)) {
return ui_sysmessage::shout(ui_language::translate("Your MySQL database name is not valid. Please enter a valid MySQL database name (Length of the Databasename shouble be 16 including prefix)."), "zannounceerror");
}
if (!fs_director::CheckForEmptyValue(self::$alreadyexists)) {
return ui_sysmessage::shout(ui_language::translate("This database name has already been exsist."), "zannounceerror");
}
if (!fs_director::CheckForEmptyValue(self::$deleted_ok)) {
return ui_sysmessage::shout(ui_language::translate("Your database has been deleted successfully!"), "zannounceok");
}
if (!fs_director::CheckForEmptyValue(self::$created_ok)) {
return ui_sysmessage::shout(ui_language::translate("Database has been created successfully!"), "zannounceok");
}
return;
}
/**
* Webinterface sudo methods.
*/
}