From 273547b03794741a03418a4819fab041108f78f6 Mon Sep 17 00:00:00 2001
From: vogelor <vogelor@ispconfig3>
Date: Sun, 7 Dec 2008 16:35:04 +0000
Subject: [PATCH]
---
interface/web/sites/database_phpmyadmin.php | 89 +++++++++++++++++++
.../web/sites/templates/database_list.htm | 1 +
.../default/css/screen/content_ispc.css | 1 +
.../monitor_core_module.inc.php | 66 +++++++-------
4 files changed, 124 insertions(+), 33 deletions(-)
create mode 100644 interface/web/sites/database_phpmyadmin.php
diff --git a/interface/web/sites/database_phpmyadmin.php b/interface/web/sites/database_phpmyadmin.php
new file mode 100644
index 000000000..eeb840fc2
--- /dev/null
+++ b/interface/web/sites/database_phpmyadmin.php
@@ -0,0 +1,89 @@
+<?php
+/*
+Copyright (c) 2008, Till Brehm, projektfarm Gmbh
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+ * Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+ * Neither the name of ISPConfig nor the names of its contributors
+ may be used to endorse or promote products derived from this software without
+ specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+
+require_once('../../lib/config.inc.php');
+require_once('../../lib/app.inc.php');
+
+//* Check permissions for module
+$app->auth->check_module_permissions('sites');
+
+/* get the id of the database (must be int!) */
+if (!isset($_GET['id'])){
+ die ("No DB selected!");
+}
+$databaseId = intval($_GET['id']);
+
+/*
+ * Get the data to connect to the database
+ */
+$dbData = $app->dbmaster->queryOneRecord(
+ "SELECT sys_userid, sys_groupid, sys_perm_user, sys_perm_group, server_id, database_name, database_user, database_password FROM web_database WHERE database_id = " .
+ $databaseId);
+
+/*
+ * We also need the data of the server
+ */
+$serverId = intval($dbData['server_id']);
+if ($serverId == 0){
+ die ("No DB-Server found!");
+}
+
+$serverData = $app->dbmaster->queryOneRecord(
+ "SELECT server_name FROM server WHERE server_id = " .
+ $serverId);
+
+/*
+ * Check if the user has the right to open phpmyadmin with this database
+ * (we will check only users, not admins)
+ */
+if($_SESSION["s"]["user"]["typ"] == 'user') {
+ /* Get the group of the client */
+ $client_group_id = $_SESSION["s"]["user"]["default_group"];
+ /* compare both */
+ if ($dbData['sys_groupid'] != $client_group_id){
+ die ("You don't have the right to access this db!");
+ }
+}
+
+/*
+ * Now generate the login-Form
+ */
+echo '
+starting phpMyAdmin...<br>
+<form method="post" action="http://' . $serverData['server_name'] . '/phpmyadmin/index.php" name="login_form" target="_top" style="visibility:hidden">
+ <input type="text" name="pma_username" id="input_username" value="' . $dbData['database_user'] . '" />
+ <input type="password" name="pma_password" id="input_password" value="' . $dbData['database_password'] . '" size="24" class="textfield" />
+</form>
+<script type="text/javascript" language="javascript">
+<!--
+document.forms["login_form"].submit();
+//-->
+</script>';
+?>
\ No newline at end of file
diff --git a/interface/web/sites/templates/database_list.htm b/interface/web/sites/templates/database_list.htm
index 1a4435cef..bebdd0a6f 100644
--- a/interface/web/sites/templates/database_list.htm
+++ b/interface/web/sites/templates/database_list.htm
@@ -40,6 +40,7 @@
<td class="tbl_col_database_name"><a href="#" onClick="loadContent('sites/database_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="database_name"}</a></td>
<td class="tbl_col_buttons">
<div class="buttons icons16">
+ <a class="icons16 icoDbAdmin" href="sites/database_phpmyadmin.php?id={tmpl_var name='id'}" target="phpmyadmin"><span>{tmpl_var name='admin_txt'}</span></a>
<a class="icons16 icoEdit" href="javascript: loadContent('sites/database_edit.php?id={tmpl_var name='id'}');"><span>{tmpl_var name='edit_txt'}</span></a>
<a class="icons16 icoDelete" href="javascript: del_record('sites/database_del.php?id={tmpl_var name='id'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span>{tmpl_var name='delete_txt'}</span></a>
</div>
diff --git a/interface/web/themes/default/css/screen/content_ispc.css b/interface/web/themes/default/css/screen/content_ispc.css
index a03fbe0ae..4a33732d5 100644
--- a/interface/web/themes/default/css/screen/content_ispc.css
+++ b/interface/web/themes/default/css/screen/content_ispc.css
@@ -287,5 +287,6 @@
.icons16.icoDelete { background-image: url("../../icons/x16/minus_circle_frame.png"); }
.icons16.icoFilter { background-image: url(../../icons/x16/funnel.png); }
.icons16.icoEdit { background-image: url("../../icons/x16/wrench.png"); }
+ .icons16.icoDbAdmin { background-image: url("../../icons/x16/database.png"); }
}
diff --git a/server/mods-available/monitor_core_module.inc.php b/server/mods-available/monitor_core_module.inc.php
index 322209450..a7d0d5113 100644
--- a/server/mods-available/monitor_core_module.inc.php
+++ b/server/mods-available/monitor_core_module.inc.php
@@ -156,9 +156,9 @@ class monitor_core_module {
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
- "'" . $app->db->quote($type) . "', " .
+ "'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
- "'" . $app->db->quote(serialize($data)) . "', " .
+ "'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
@@ -220,9 +220,9 @@ class monitor_core_module {
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
- "'" . $app->db->quote($type) . "', " .
+ "'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
- "'" . $app->db->quote(serialize($data)) . "', " .
+ "'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
@@ -271,9 +271,9 @@ class monitor_core_module {
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
- "'" . $app->db->quote($type) . "', " .
+ "'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
- "'" . $app->db->quote(serialize($data)) . "', " .
+ "'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
@@ -316,9 +316,9 @@ class monitor_core_module {
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
- "'" . $app->db->quote($type) . "', " .
+ "'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
- "'" . $app->db->quote(serialize($data)) . "', " .
+ "'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
@@ -440,9 +440,9 @@ class monitor_core_module {
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
- "'" . $app->db->quote($type) . "', " .
+ "'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
- "'" . $app->db->quote(serialize($data)) . "', " .
+ "'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
@@ -520,9 +520,9 @@ class monitor_core_module {
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
- "'" . $app->db->quote($type) . "', " .
+ "'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
- "'" . $app->db->quote(serialize($data)) . "', " .
+ "'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
@@ -566,9 +566,9 @@ class monitor_core_module {
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
- "'" . $app->db->quote($type) . "', " .
+ "'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
- "'" . $app->db->quote(serialize($data)) . "', " .
+ "'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
@@ -649,9 +649,9 @@ class monitor_core_module {
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
- "'" . $app->db->quote($type) . "', " .
+ "'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
- "'" . $app->db->quote(serialize($data)) . "', " .
+ "'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
@@ -709,9 +709,9 @@ class monitor_core_module {
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
- "'" . $app->db->quote($type) . "', " .
+ "'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
- "'" . $app->db->quote(serialize($data)) . "', " .
+ "'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
@@ -746,9 +746,9 @@ class monitor_core_module {
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
- "'" . $app->db->quote($type) . "', " .
+ "'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
- "'" . $app->db->quote(serialize($data)) . "', " .
+ "'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
@@ -783,9 +783,9 @@ class monitor_core_module {
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
- "'" . $app->db->quote($type) . "', " .
+ "'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
- "'" . $app->db->quote(serialize($data)) . "', " .
+ "'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
@@ -820,9 +820,9 @@ class monitor_core_module {
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
- "'" . $app->db->quote($type) . "', " .
+ "'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
- "'" . $app->db->quote(serialize($data)) . "', " .
+ "'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
@@ -858,9 +858,9 @@ class monitor_core_module {
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
- "'" . $app->db->quote($type) . "', " .
+ "'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
- "'" . $app->db->quote(serialize($data)) . "', " .
+ "'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
@@ -930,9 +930,9 @@ class monitor_core_module {
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
- "'" . $app->db->quote($type) . "', " .
+ "'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
- "'" . $app->db->quote(serialize($data)) . "', " .
+ "'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
@@ -964,9 +964,9 @@ class monitor_core_module {
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
- "'" . $app->db->quote($type) . "', " .
+ "'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
- "'" . $app->db->quote(serialize($data)) . "', " .
+ "'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
@@ -998,9 +998,9 @@ class monitor_core_module {
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
"VALUES (".
$server_id . ", " .
- "'" . $app->db->quote($type) . "', " .
+ "'" . $app->dbmaster->quote($type) . "', " .
time() . ", " .
- "'" . $app->db->quote(serialize($data)) . "', " .
+ "'" . $app->dbmaster->quote(serialize($data)) . "', " .
"'" . $state . "'" .
")";
$app->dbmaster->query($sql);
@@ -1111,7 +1111,7 @@ class monitor_core_module {
$old = $now - ($min * 60) - ($hour * 60 * 60) - ($days * 24 * 60 * 60);
$sql = "DELETE FROM monitor_data " .
"WHERE " .
- "type =" . "'" . $app->db->quote($type) . "' " .
+ "type =" . "'" . $app->dbmaster->quote($type) . "' " .
"AND " .
"created < " . $old;
$app->dbmaster->query($sql);
--
GitLab