Página Principal Explorar Ajuda
Iniciar Sessão
hanzhengyi
/
usky-website
1
0
Fork 0
Ficheiros Problemas 0 Pull Requests 0 Wiki
Ramo: master
Ramos Etiquetas
usky-website
/
web
/
pa
/
libraries
/
List_Database.class.php

List_Database.class.php 9.8 KB
Link permanente Histórico Em bruto

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319 
  1. <?php
    2. 

  2. /* vim: set expandtab sw=4 ts=4 sts=4: */
    3. 

  3. /**
    4. 

  4.  * holds the PMA_List_Database class
    5. 

  5.  *
    6. 

  6.  * @package PhpMyAdmin
    7. 

  7.  */
    8. 

  8. 

  9. if (! defined('PHPMYADMIN')) {
    10. 

  10.     exit;
    11. 

  11. }
    12. 

  12. 

  13. /**
    14. 

  14.  * the list base class
    15. 

  15.  */
    16. 

  16. require_once './libraries/List.class.php';
    17. 

  17. 

  18. /**
    19. 

  19.  * handles database lists
    20. 

  20.  *
    21. 

  21.  * <code>
    22. 

  22.  * $PMA_List_Database = new PMA_List_Database($userlink, $controllink);
    23. 

  23.  * </code>
    24. 

  24.  *
    25. 

  25.  * @todo this object should be attached to the PMA_Server object
    26. 

  26.  * @todo ? make use of INFORMATION_SCHEMA
    27. 

  27.  * @todo ? support --skip-showdatabases and user has only global rights
    28. 

  28.  *
    29. 

  29.  * @package PhpMyAdmin
    30. 

  30.  * @since   phpMyAdmin 2.9.10
    31. 

  31.  */
    32. 

  32. class PMA_List_Database extends PMA_List
    33. 

  33. {
    34. 

  34.     /**
    35. 

  35.      * @var mixed   database link resource|object to be used
    36. 

  36.      * @access protected
    37. 

  37.      */
    38. 

  38.     protected $db_link = null;
    39. 

  39. 

  40.     /**
    41. 

  41.      * @var mixed   user database link resource|object
    42. 

  42.      * @access protected
    43. 

  43.      */
    44. 

  44.     protected $db_link_user = null;
    45. 

  45. 

  46.     /**
    47. 

  47.      * @var mixed   controluser database link resource|object
    48. 

  48.      * @access protected
    49. 

  49.      */
    50. 

  50.     protected $db_link_control = null;
    51. 

  51. 

  52.     /**
    53. 

  53.      * @var boolean whether SHOW DATABASES is disabled or not
    54. 

  54.      * @access protected
    55. 

  55.      */
    56. 

  56.     protected $show_databases_disabled = false;
    57. 

  57. 

  58.     /**
    59. 

  59.      * @var string command to retrieve databases from server
    60. 

  60.      * @access protected
    61. 

  61.      */
    62. 

  62.     protected $command = null;
    63. 

  63. 

  64.     /**
    65. 

  65.      * Constructor
    66. 

  66.      *
    67. 

  67.      * @param mixed $db_link_user    user database link resource|object
    68. 

  68.      * @param mixed $db_link_control control database link resource|object
    69. 

  69.      *
    70. 

  70.      * @return void
    71. 

  71.      */
    72. 

  72.     public function __construct($db_link_user = null, $db_link_control = null)
    73. 

  73.     {
    74. 

  74.         $this->db_link = $db_link_user;
    75. 

  75.         $this->db_link_user = $db_link_user;
    76. 

  76.         $this->db_link_control = $db_link_control;
    77. 

  77. 

  78.         parent::__construct();
    79. 

  79.         $this->build();
    80. 

  80.     }
    81. 

  81. 

  82.     /**
    83. 

  83.      * checks if the configuration wants to hide some databases
    84. 

  84.      *
    85. 

  85.      * @return void
    86. 

  86.      */
    87. 

  87.     protected function checkHideDatabase()
    88. 

  88.     {
    89. 

  89.         if (empty($GLOBALS['cfg']['Server']['hide_db'])) {
    90. 

  90.             return;
    91. 

  91.         }
    92. 

  92. 

  93.         foreach ($this->getArrayCopy() as $key => $db) {
    94. 

  94.             if (preg_match('/' . $GLOBALS['cfg']['Server']['hide_db'] . '/', $db)) {
    95. 

  95.                 $this->offsetUnset($key);
    96. 

  96.             }
    97. 

  97.         }
    98. 

  98.     }
    99. 

  99. 

  100.     /**
    101. 

  101.      * retrieves database list from server
    102. 

  102.      *
    103. 

  103.      * @param string $like_db_name usally a db_name containing wildcards
    104. 

  104.      *
    105. 

  105.      * @return array
    106. 

  106.      * @todo   we could also search mysql tables if all fail?
    107. 

  107.      */
    108. 

  108.     protected function retrieve($like_db_name = null)
    109. 

  109.     {
    110. 

  110.         if ($this->show_databases_disabled) {
    111. 

  111.             return array();
    112. 

  112.         }
    113. 

  113. 

  114.         if (null !== $like_db_name) {
    115. 

  115.             $command = "SHOW DATABASES LIKE '" . $like_db_name . "'";
    116. 

  116.         } elseif (null === $this->command) {
    117. 

  117.             $command = str_replace(
    118. 

  118.                 '#user#', $GLOBALS['cfg']['Server']['user'],
    119. 

  119.                 $GLOBALS['cfg']['Server']['ShowDatabasesCommand']
    120. 

  120.             );
    121. 

  121.             $this->command = $command;
    122. 

  122.         } else {
    123. 

  123.             $command = $this->command;
    124. 

  124.         }
    125. 

  125. 

  126.         $database_list = PMA_DBI_fetch_result($command, null, null, $this->db_link);
    127. 

  127.         PMA_DBI_getError();
    128. 

  128. 

  129.         if ($GLOBALS['errno'] !== 0) {
    130. 

  130.             // failed to get database list, try the control user
    131. 

  131.             // (hopefully there is one and he has SHOW DATABASES right)
    132. 

  132.             $this->db_link = $this->db_link_control;
    133. 

  133.             $database_list = PMA_DBI_fetch_result(
    134. 

  134.                 $command, null, null, $this->db_link
    135. 

  135.             );
    136. 

  136. 

  137.             PMA_DBI_getError();
    138. 

  138. 

  139.             if ($GLOBALS['errno'] !== 0) {
    140. 

  140.                 // failed! we will display a warning that phpMyAdmin could not safely
    141. 

  141.                 // retrieve database list, the admin has to setup a control user or
    142. 

  142.                 // allow SHOW DATABASES
    143. 

  143.                 $GLOBALS['error_showdatabases'] = true;
    144. 

  144.                 $this->show_databases_disabled = true;
    145. 

  145.             }
    146. 

  146.         }
    147. 

  147. 

  148.         if ($GLOBALS['cfg']['NaturalOrder']) {
    149. 

  149.             natsort($database_list);
    150. 

  150.         } else {
    151. 

  151.             // need to sort anyway, otherwise information_schema
    152. 

  152.             // goes at the top
    153. 

  153.             sort($database_list);
    154. 

  154.         }
    155. 

  155. 

  156.         return $database_list;
    157. 

  157.     }
    158. 

  158. 

  159.     /**
    160. 

  160.      * builds up the list
    161. 

  161.      *
    162. 

  162.      * @return void
    163. 

  163.      */
    164. 

  164.     public function build()
    165. 

  165.     {
    166. 

  166.         if (! $this->checkOnlyDatabase()) {
    167. 

  167.             $items = $this->retrieve();
    168. 

  168.             $this->exchangeArray($items);
    169. 

  169.         }
    170. 

  170. 

  171.         $this->checkHideDatabase();
    172. 

  172.     }
    173. 

  173. 

  174.     /**
    175. 

  175.      * checks the only_db configuration
    176. 

  176.      *
    177. 

  177.      * @return boolean false if there is no only_db, otherwise true
    178. 

  178.      */
    179. 

  179.     protected function checkOnlyDatabase()
    180. 

  180.     {
    181. 

  181.         if (is_string($GLOBALS['cfg']['Server']['only_db'])
    182. 

  182.             && strlen($GLOBALS['cfg']['Server']['only_db'])
    183. 

  183.         ) {
    184. 

  184.             $GLOBALS['cfg']['Server']['only_db'] = array(
    185. 

  185.                 $GLOBALS['cfg']['Server']['only_db']
    186. 

  186.             );
    187. 

  187.         }
    188. 

  188. 

  189.         if (! is_array($GLOBALS['cfg']['Server']['only_db'])) {
    190. 

  190.             return false;
    191. 

  191.         }
    192. 

  192. 

  193.         $items = array();
    194. 

  194. 

  195.         foreach ($GLOBALS['cfg']['Server']['only_db'] as $each_only_db) {
    196. 

  196. 

  197.             // check if the db name contains wildcard,
    198. 

  198.             // thus containing not escaped _ or %
    199. 

  199.             if (! preg_match('/(^|[^\\\\])(_|%)/', $each_only_db)) {
    200. 

  200.                 // ... not contains wildcard
    201. 

  201.                 $items[] = PMA_Util::unescapeMysqlWildcards($each_only_db);
    202. 

  202.                 continue;
    203. 

  203.             }
    204. 

  204. 

  205.             if (! $this->show_databases_disabled) {
    206. 

  206.                 $items = array_merge($items, $this->retrieve($each_only_db));
    207. 

  207.                 continue;
    208. 

  208.             }
    209. 

  209. 

  210.             // @todo induce error, about not using wildcards
    211. 

  211.             // with SHOW DATABASE disabled?
    212. 

  212.         }
    213. 

  213. 

  214.         $this->exchangeArray($items);
    215. 

  215. 

  216.         return true;
    217. 

  217.     }
    218. 

  218. 

  219.     /**
    220. 

  220.      * returns default item
    221. 

  221.      *
    222. 

  222.      * @return string default item
    223. 

  223.      */
    224. 

  224.     public function getDefault()
    225. 

  225.     {
    226. 

  226.         if (strlen($GLOBALS['db'])) {
    227. 

  227.             return $GLOBALS['db'];
    228. 

  228.         }
    229. 

  229. 

  230.         return $this->getEmpty();
    231. 

  231.     }
    232. 

  232. 

  233.     /**
    234. 

  234.      * this is just a backup, if all is fine this can be deleted later
    235. 

  235.      *
    236. 

  236.      * @deprecated
    237. 

  237.      * @return void
    238. 

  238.      */
    239. 

  239.     protected function checkAgainstPrivTables()
    240. 

  240.     {
    241. 

  241.         // 1. get allowed dbs from the "mysql.db" table
    242. 

  242.         // User can be blank (anonymous user)
    243. 

  243.         $local_query = "
    244. 

  244.             SELECT DISTINCT `Db` FROM `mysql`.`db`
    245. 

  245.             WHERE `Select_priv` = 'Y'
    246. 

  246.             AND `User`
    247. 

  247.             IN ('" . PMA_Util::sqlAddSlashes($GLOBALS['cfg']['Server']['user']) . "', '')";
    248. 

  248.         $tmp_mydbs = PMA_DBI_fetch_result(
    249. 

  249.             $local_query, null, null, $GLOBALS['controllink']
    250. 

  250.         );
    251. 

  251.         if ($tmp_mydbs) {
    252. 

  252.             // Will use as associative array of the following 2 code
    253. 

  253.             // lines:
    254. 

  254.             //   the 1st is the only line intact from before
    255. 

  255.             //     correction,
    256. 

  256.             //   the 2nd replaces $dblist[] = $row['Db'];
    257. 

  257. 

  258.             // Code following those 2 lines in correction continues
    259. 

  259.             // populating $dblist[], as previous code did. But it is
    260. 

  260.             // now populated with actual database names instead of
    261. 

  261.             // with regular expressions.
    262. 

  262.             $tmp_alldbs = PMA_DBI_query('SHOW DATABASES;', $GLOBALS['controllink']);
    263. 

  263.             // all databases cases - part 2
    264. 

  264.             if (isset($tmp_mydbs['%'])) {
    265. 

  265.                 while ($tmp_row = PMA_DBI_fetch_row($tmp_alldbs)) {
    266. 

  266.                     $dblist[] = $tmp_row[0];
    267. 

  267.                 } // end while
    268. 

  268.             } else {
    269. 

  269.                 while ($tmp_row = PMA_DBI_fetch_row($tmp_alldbs)) {
    270. 

  270.                     $tmp_db = $tmp_row[0];
    271. 

  271.                     if (isset($tmp_mydbs[$tmp_db]) && $tmp_mydbs[$tmp_db] == 1) {
    272. 

  272.                         $dblist[]           = $tmp_db;
    273. 

  273.                         $tmp_mydbs[$tmp_db] = 0;
    274. 

  274.                     } elseif (! isset($dblist[$tmp_db])) {
    275. 

  275.                         foreach ($tmp_mydbs as $tmp_matchpattern => $tmp_value) {
    276. 

  276.                             // fixed bad regexp
    277. 

  277.                             // TODO: db names may contain characters
    278. 

  278.                             //       that are regexp instructions
    279. 

  279.                             $re        = '(^|(\\\\\\\\)+|[^\])';
    280. 

  280.                             $tmp_regex = preg_replace(
    281. 

  281.                                 '/' . addcslashes($re, '/') . '%/',
    282. 

  282.                                 '\\1.*',
    283. 

  283.                                 preg_replace(
    284. 

  284.                                     '/' . addcslashes($re, '/') . '_/',
    285. 

  285.                                     '\\1.{1}',
    286. 

  286.                                     $tmp_matchpattern
    287. 

  287.                                 )
    288. 

  288.                             );
    289. 

  289.                             // Fixed db name matching
    290. 

  290.                             // 2000-08-28 -- Benjamin Gandon
    291. 

  291.                             if (preg_match('/^' . addcslashes($tmp_regex, '/') . '$/', $tmp_db)) {
    292. 

  292.                                 $dblist[] = $tmp_db;
    293. 

  293.                                 break;
    294. 

  294.                             }
    295. 

  295.                         } // end while
    296. 

  296.                     } // end if ... elseif ...
    297. 

  297.                 } // end while
    298. 

  298.             } // end else
    299. 

  299.             PMA_DBI_free_result($tmp_alldbs);
    300. 

  300.             unset($tmp_mydbs);
    301. 

  301.         } // end if
    302. 

  302. 

  303.         // 2. get allowed dbs from the "mysql.tables_priv" table
    304. 

  304.         $local_query = 'SELECT DISTINCT `Db` FROM `mysql`.`tables_priv`';
    305. 

  305.         $local_query .= ' WHERE `Table_priv` LIKE \'%Select%\'';
    306. 

  306.         $local_query .= ' AND `User` = \'';
    307. 

  307.         $local_query .= PMA_Util::sqlAddSlashes($GLOBALS['cfg']['Server']['user']) . '\'';
    308. 

  308.         $rs          = PMA_DBI_try_query($local_query, $GLOBALS['controllink']);
    309. 

  309.         if ($rs && @PMA_DBI_num_rows($rs)) {
    310. 

  310.             while ($row = PMA_DBI_fetch_assoc($rs)) {
    311. 

  311.                 if (!in_array($row['Db'], $dblist)) {
    312. 

  312.                     $dblist[] = $row['Db'];
    313. 

  313.                 }
    314. 

  314.             } // end while
    315. 

  315.             PMA_DBI_free_result($rs);
    316. 

  316.         } // end if
    317. 

  317.     }
    318. 

  318. }
    319. 

  319. ?>
    320.