| Current File : //etc/zpanel/panel/modules/phpmyadmin/code/controller.ext.php |
<?php
/**
* @copyright 2014-2015 Sentora Project (http://www.sentora.org/)
* Sentora is a GPL fork of the ZPanel Project whose original header follows:
*
* ZPanel - A Cross-Platform Open-Source Web Hosting Control panel.
*
* @package ZPanel
* @version $Id$
* @author Bobby Allen - ballen@bobbyallen.me
* @copyright (c) 2008-2014 ZPanel Group - http://www.zpanelcp.com/
* @license http://opensource.org/licenses/gpl-3.0.html GNU Public License v3
*
* This program (ZPanel) is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
class module_controller extends ctrl_module
{
static function randomtext($len_text)
{
$code = '';
$i = 0;
//$poss_char = "$&*%_}{[]abcdefghijklmnopqrstuvzxyzABCDEFGHIJKLMNOPQRSTUVWXYZ123456789$&*%_}{[]$&*%_}{[]";
$poss_char = "*%_}{[]abcdefghijklmnopqrstuvzxyzABCDEFGHIJKLMNOPQRSTUVWXYZ123456789$&*%_}{[]";
$char_len = strlen($poss_char);
while ($i < $len_text)
{
$code .= substr($poss_char, mt_rand(0,$char_len -1), 1);
$i++;
}
return $code;
}
static function gethelpicon()
{
global $zdbh;
global $controller;
$temp=$controller->GetControllerRequest('URL','module') ;
$val = '/assets/one.txt';
$val1 = '/modules/';
$name=file_get_contents("modules/$temp/assets/helpicon.txt");
return $name;
}
static function getMySQLVersion() {
$output = shell_exec('mysql -V');
preg_match('@[0-9]+\.[0-9]+\.[0-9]+@', $output, $version);
return $version[0];
}
static function getphpmyadminversion()
{
$return="phpmyadmin";
if (version_compare(PHP_VERSION, '5.5') <= 0) {
$return= "phpmyadmin";
}
else
{
$return = "phpmyadmin_v4_6_6";
}
if(version_compare(self::getMySQLVersion(),'5.6')<0)
$return="phpmyadmin";
return $return;
}
function docreateuser()
{
global $zdbh;
global $controller;
$currentuser = ctrl_users::GetUserDetail();
$suid = $currentuser['userid'];
date_default_timezone_set("UTC");
$cur_time = date("Y-m-d H:i:s");
$str_time = strtotime($cur_time);
$exp_time = 1800;
$new_st_time =$str_time + $exp_time;
if(is_numeric($suid))
{
$count_s = strlen($str_time);
$str_time1 = substr($str_time,4,($count_s - 4));
$user_name1 = self::randomtext(7);
$user_name = $user_name1.$str_time1;
$pass_word = self::randomtext(15);
$status = 0;
if(isset($_SESSION['cgs_user']) && isset($_SESSION['cgs_id']) && array_key_exists("cgs_user",$_SESSION) && array_key_exists("cgs_id",$_SESSION) )
{
$c_id = $_SESSION['cgs_id'];
$c_pk_id = $_SESSION['cgs_pk_id'];
$c_name = $_SESSION['cgs_user'];
if($c_pk_id == $suid )
{
$stmt = $zdbh->prepare("UPDATE x_autouser SET my_exp_ts=? WHERE my_id_pk=?");
$stmt->execute(array($new_st_time, $c_id));
}
else
{
unset($_SESSION['cgs_user']);
unset($_SESSION['cgs_id']);
unset($_SESSION['cgs_pass']);
unset($_SESSION['cgs_pk_id']);
$stmt = $zdbh->prepare("DELETE FROM x_autouser WHERE my_id_pk=:id");
$stmt->bindParam(':id', $c_id);
$stmt->execute();
try
{
$sql = $zdbh->prepare("DROP USER :username@'localhost' ");
$sql->bindParam(':username', $c_name);
$sql->execute();
}
catch(Exception $e) { }
$sql = $zdbh->prepare("CREATE USER :username@'localhost' IDENTIFIED BY :password ");
$sql->bindParam(':username', $user_name);
$sql->bindParam(':password', $pass_word);
$sql->execute();
$sql2 = $zdbh->prepare("select my_name_vc from x_mysql_databases where my_acc_fk =:newid and my_deleted_ts IS NULL");
$sql2->bindParam(':newid',$suid);
$sql2->execute();
$row_count3 = $sql2->rowCount();
if($row_count3 >0)
{
while($rows=$sql2->fetch())
{
$my_name_vc = $rows['my_name_vc'];
try{
$sql = $zdbh->prepare("GRANT ALL PRIVILEGES ON `$my_name_vc`. * TO :username@'localhost' ");
$sql->bindParam(':username', $user_name);
$sql->execute();
$sql = $zdbh->prepare("FLUSH PRIVILEGES");
$sql->execute();
}
catch(Exception $e) { }
}
}
$stmt = $zdbh->prepare("INSERT INTO x_autouser (`my_acc_pk`, `my_user_vc`,`my_pass_vc`,`my_created_ts`,`my_exp_ts`) VALUES(?, ? , ? , ? ,?)");
$stmt->execute(array($suid, $user_name,$pass_word,$str_time,$new_st_time));
$ins_id = $zdbh->lastInsertId();
$_SESSION['cgs_user'] = $user_name;
$_SESSION['cgs_pass'] = $pass_word;
$_SESSION['cgs_id'] = $ins_id;
$_SESSION['cgs_pk_id'] = $suid;
}
}
else
{
try
{
$sql = $zdbh->prepare("CREATE USER :username@'localhost' IDENTIFIED BY :password ");
$sql->bindParam(':username', $user_name);
$sql->bindParam(':password', $pass_word);
$sql->execute();
$sql2 = $zdbh->prepare("select my_name_vc from x_mysql_databases where my_acc_fk =:newid and my_deleted_ts IS NULL");
$sql2->bindParam(':newid',$suid);
$sql2->execute();
$row_count3 = $sql2->rowCount();
if($row_count3 >0)
{
while($rows=$sql2->fetch())
{
$my_name_vc = $rows['my_name_vc'];
try{
$sql = $zdbh->prepare("GRANT ALL PRIVILEGES ON `$my_name_vc`. * TO :username@'localhost' ");
$sql->bindParam(':username', $user_name);
$sql->execute();
$sql = $zdbh->prepare("FLUSH PRIVILEGES");
$sql->execute();
}
catch(Exception $e) { }
}
}
$stmt = $zdbh->prepare("INSERT INTO x_autouser (`my_acc_pk`, `my_user_vc`,`my_pass_vc`,`my_created_ts`,`my_exp_ts`) VALUES(?, ? , ? , ? ,?)");
$stmt->execute(array($suid, $user_name,$pass_word,$str_time,$new_st_time));
$ins_id = $zdbh->lastInsertId();
$_SESSION['cgs_user'] = $user_name;
$_SESSION['cgs_pass'] = $pass_word;
$_SESSION['cgs_id'] = $ins_id;
$_SESSION['cgs_pk_id'] = $suid;
} catch(PDOException $ex) {
$status = 1;
}
}
$user_array = array();
$id_array = array();
$sql= $zdbh->prepare("select my_id_pk,my_acc_pk,my_user_vc from x_autouser where my_exp_ts < :mtime ");
$sql->bindParam(':mtime', $str_time);
$sql->execute();
$row_count3 = $sql->rowCount();
if($row_count3 > 0 )
{
while($rows=$sql->fetch())
{
array_push($user_array,$rows['my_user_vc']);
array_push($id_array,$rows['my_id_pk']);
}
}
$count_d = count($id_array);
if($count_d >0 )
{
$place_holders = implode(',', array_fill(0, count($id_array), '?'));
$sth = $zdbh->prepare("delete from x_autouser WHERE my_id_pk IN ($place_holders)");
$sth->execute($id_array);
$i = 0;
for( ;$i < $count_d;$i++)
{
$u_name = $user_array[$i];
try
{
$sql = $zdbh->prepare("DROP USER :username@'localhost' ");
$sql->bindParam(':username', $u_name);
$sql->execute();
}
catch(Exception $e) { }
$sql = $zdbh->prepare("FLUSH PRIVILEGES");
$sql->execute();
}
}
if($statusdata == 0)
{
echo json_encode(array("status"=>1));
}
else
{
if(isset($_SESSION['cgs_user'])){ unset($_SESSION['cgs_user']); }
if(isset($_SESSION['cgs_pass'])){ unset($_SESSION['cgs_pass']); }
if(isset($_SESSION['cgs_id'])){ unset($_SESSION['cgs_id']); }
if(isset($_SESSION['cgs_pk_id'])){ unset($_SESSION['cgs_pk_id']); }
echo json_encode(array("status"=>0));
}
exit;
}
else
{
echo json_encode(array("status"=>0));
exit;
}
}
}