2014-03-22 10:12:53 +01:00
< ? php
/**
* File : class_mysql . php .
* Author : Ulrich Block
* Contact : < ulrich . block @ easy - wi . com >
*
* This file is part of Easy - WI .
*
* Easy - WI is free software : you can redistribute it and / or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation , either version 3 of the License , or
* ( at your option ) any later version .
*
* Easy - WI is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
* along with Easy - WI . If not , see < http :// www . gnu . org / licenses />.
*
* Diese Datei ist Teil von Easy - WI .
*
* Easy - WI ist Freie Software : Sie koennen es unter den Bedingungen
* der GNU General Public License , wie von der Free Software Foundation ,
* Version 3 der Lizenz oder ( nach Ihrer Wahl ) jeder spaeteren
* veroeffentlichten Version , weiterverbreiten und / oder modifizieren .
*
* Easy - WI wird in der Hoffnung , dass es nuetzlich sein wird , aber
* OHNE JEDE GEWAEHELEISTUNG , bereitgestellt ; sogar ohne die implizite
* Gewaehrleistung der MARKTFAEHIGKEIT oder EIGNUNG FUER EINEN BESTIMMTEN ZWECK .
* Siehe die GNU General Public License fuer weitere Details .
*
* Sie sollten eine Kopie der GNU General Public License zusammen mit diesem
* Programm erhalten haben . Wenn nicht , siehe < http :// www . gnu . org / licenses />.
*/
class ExternalSQL {
private $remotesql ;
public $error ;
public function __construct ( $ip , $port , $user , $password ) {
try {
$this -> remotesql = new PDO ( 'mysql:host=' . $ip . ';' . $port . '=' . $port , $user , $password );
2016-02-27 08:29:19 +01:00
$this -> remotesql -> setAttribute ( PDO :: ATTR_ERRMODE , PDO :: ERRMODE_EXCEPTION );
2014-03-22 10:12:53 +01:00
} catch ( PDOException $error ) {
$this -> error = $error -> getMessage ();
}
if ( ! isset ( $this -> error )) {
$this -> error = 'ok' ;
}
}
2016-02-27 08:29:19 +01:00
private function errorReturn ( $sqlError , $sql ) {
return $sqlError . ' while executing the SQL statement: ' . $sql ;
}
2014-03-30 12:54:42 +02:00
public function getDBSizeList () {
if ( $this -> error != 'ok' ) {
return $this -> error ;
}
try {
$query = $this -> remotesql -> prepare ( " SELECT `table_schema` AS `dbName`,ROUND(SUM(`data_length` + `index_length`)/1048576, 1) AS `dbSize` FROM `information_schema`.`tables` GROUP BY `table_schema` " );
$query -> execute ();
return $query -> fetchAll ( PDO :: FETCH_ASSOC );
} catch ( PDOException $error ) {
return $error -> getMessage ();
}
}
2016-11-26 13:14:45 +01:00
private function flushAll () {
try {
$sql = " FLUSH PRIVILEGES " ;
$this -> remotesql -> exec ( $sql );
} catch ( PDOException $error ) {
return $this -> errorReturn ( $error -> getMessage (), $sql );
}
try {
$sql = " FLUSH HOSTS " ;
$this -> remotesql -> exec ( $sql );
} catch ( PDOException $error ) {
return $this -> errorReturn ( $error -> getMessage (), $sql );
}
return true ;
}
2014-03-22 10:12:53 +01:00
public function AddUser ( $username , $password , $max_queries_per_hour , $max_connections_per_hour , $max_updates_per_hour , $max_userconnections_per_hour ) {
if ( $this -> error != 'ok' ) {
return $this -> error ;
}
try {
2016-02-27 08:29:19 +01:00
$sql = " CREATE USER ?@'' IDENTIFIED BY ? " ;
$query = $this -> remotesql -> prepare ( $sql );
2014-03-22 10:12:53 +01:00
$query -> execute ( array ( $username , $password ));
2016-02-27 08:29:19 +01:00
} catch ( PDOException $error ) {
return $this -> errorReturn ( $error -> getMessage (), $sql );
}
try {
$sql = " GRANT USAGE ON *.* TO ?@'' IDENTIFIED BY ? WITH MAX_QUERIES_PER_HOUR " . $max_queries_per_hour . " MAX_CONNECTIONS_PER_HOUR " . $max_connections_per_hour . " MAX_UPDATES_PER_HOUR " . $max_updates_per_hour . " MAX_USER_CONNECTIONS " . $max_userconnections_per_hour ;
$query = $this -> remotesql -> prepare ( $sql );
2014-03-22 10:12:53 +01:00
$query -> execute ( array ( $username , $password ));
2016-02-27 08:29:19 +01:00
} catch ( PDOException $error ) {
return $this -> errorReturn ( $error -> getMessage (), $sql );
}
2016-11-26 13:14:45 +01:00
$dbReturn = $this -> flushAll ();
2014-03-22 10:12:53 +01:00
2016-11-26 13:14:45 +01:00
if ( $dbReturn !== true ) {
return $dbReturn ;
2016-02-27 08:29:19 +01:00
}
2016-11-26 13:14:45 +01:00
return 'ok' ;
}
2016-02-27 08:29:19 +01:00
2016-11-26 13:14:45 +01:00
private function noHostTable () {
2016-02-27 08:29:19 +01:00
2016-11-26 13:14:45 +01:00
$sql = " SELECT VERSION() " ;
$query = $this -> remotesql -> prepare ( $sql );
$query -> execute ( array ());
2016-02-27 08:29:19 +01:00
2016-11-26 13:14:45 +01:00
list ( $version ) = explode ( '-' , $query -> fetchColumn ());
2014-03-22 10:12:53 +01:00
2016-11-26 13:14:45 +01:00
return ( version_compare ( $version , '5.6.7' ) >= 0 );
}
2015-06-06 19:55:18 +02:00
2016-11-26 13:14:45 +01:00
private function checkUserHostExists ( $dbname , $hostName ) {
2014-03-22 10:12:53 +01:00
2016-11-26 13:14:45 +01:00
$sql = " SELECT 1 AS `found` FROM `mysql`.`user` WHERE `User`=? AND `Host`=? LIMIT 1 " ;
$query = $this -> remotesql -> prepare ( $sql );
$query -> execute ( array ( $dbname , $hostName ));
2014-03-22 10:12:53 +01:00
2016-11-26 13:14:45 +01:00
return ( $query -> fetchColumn () == 1 );
}
2014-03-22 10:12:53 +01:00
2016-11-26 13:14:45 +01:00
private function createUserOn ( $hostName , $dbname , $password ) {
if ( $this -> checkUserHostExists ( $dbname , $hostName )) {
return true ;
2016-02-27 08:29:19 +01:00
}
try {
2016-11-26 13:14:45 +01:00
$sql = " CREATE USER ?@? IDENTIFIED BY ? " ;
2016-02-27 08:29:19 +01:00
$query = $this -> remotesql -> prepare ( $sql );
2016-11-26 13:14:45 +01:00
$query -> execute ( array ( $dbname , $hostName , $password ));
2014-03-22 10:12:53 +01:00
2016-02-27 08:29:19 +01:00
} catch ( PDOException $error ) {
return $this -> errorReturn ( $error -> getMessage (), $sql );
}
2016-11-26 13:14:45 +01:00
return true ;
}
private function grantUsageOn ( $hostName , $dbname , $password , $max_queries_per_hour , $max_connections_per_hour , $max_updates_per_hour , $max_userconnections_per_hour ) {
2016-02-27 08:29:19 +01:00
try {
2016-11-26 13:14:45 +01:00
$sql = " GRANT USAGE ON *.* TO ?@? IDENTIFIED BY ? WITH MAX_QUERIES_PER_HOUR " . $max_queries_per_hour . " MAX_CONNECTIONS_PER_HOUR " . $max_connections_per_hour . " MAX_UPDATES_PER_HOUR " . $max_updates_per_hour . " MAX_USER_CONNECTIONS " . $max_userconnections_per_hour ;
2016-02-27 08:29:19 +01:00
$query = $this -> remotesql -> prepare ( $sql );
2016-11-26 13:14:45 +01:00
$query -> execute ( array ( $dbname , $hostName , $password ));
2014-03-22 10:12:53 +01:00
2016-02-27 08:29:19 +01:00
} catch ( PDOException $error ) {
return $this -> errorReturn ( $error -> getMessage (), $sql );
}
2016-11-26 13:14:45 +01:00
return true ;
}
private function addLocalHostEntry () {
2016-02-27 08:29:19 +01:00
try {
$sql = " SELECT `host` FROM `mysql`.`host` WHERE `host`='localhost' AND `db`='%' LIMIT 1 " ;
$query = $this -> remotesql -> prepare ( $sql );
2014-03-22 10:12:53 +01:00
$query -> execute ( array ());
2016-02-27 08:29:19 +01:00
2014-03-22 10:12:53 +01:00
if ( $query -> rowCount () == 0 ) {
2016-02-27 08:29:19 +01:00
try {
$sql = " INSERT INTO `mysql`.`host` (`host`,`db`,`Select_priv`,`Insert_priv`,`Update_priv`,`Delete_priv`,`Create_priv`,`Drop_priv`,`Alter_priv`) VALUES ('localhost','%','Y','Y','Y','Y','Y','Y','Y') " ;
$this -> remotesql -> exec ( $sql );
} catch ( PDOException $error ) {
return $this -> errorReturn ( $error -> getMessage (), $sql );
}
2014-03-22 10:12:53 +01:00
}
2016-02-27 08:29:19 +01:00
} catch ( PDOException $error ) {
return $this -> errorReturn ( $error -> getMessage (), $sql );
}
2016-11-26 13:14:45 +01:00
return true ;
}
2016-02-27 08:29:19 +01:00
2016-11-26 13:14:45 +01:00
private function grantAll ( $hostName , $dbname ) {
2016-02-27 08:29:19 +01:00
try {
2014-03-22 10:12:53 +01:00
2016-11-26 13:14:45 +01:00
$sql = " GRANT SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,REFERENCES,INDEX,ALTER,CREATE TEMPORARY TABLES,LOCK TABLES,CREATE VIEW,SHOW VIEW,CREATE ROUTINE,ALTER ROUTINE,EXECUTE ON ` " . $dbname . " `.* TO ?@? " ;
2016-02-27 08:29:19 +01:00
$query = $this -> remotesql -> prepare ( $sql );
2016-11-26 13:14:45 +01:00
$query -> execute ( array ( $dbname , $hostName ));
2014-03-22 10:12:53 +01:00
2016-02-27 08:29:19 +01:00
} catch ( PDOException $error ) {
return $this -> errorReturn ( $error -> getMessage (), $sql );
}
2014-03-22 10:12:53 +01:00
2016-11-26 13:14:45 +01:00
return true ;
}
2014-03-22 10:12:53 +01:00
2016-11-26 13:14:45 +01:00
private function grantCreate ( $hostNames , $dbname , $password , $max_queries_per_hour , $max_connections_per_hour , $max_updates_per_hour , $max_userconnections_per_hour ) {
foreach ( $hostNames as $hostName ) {
$dbReturn = $this -> createUserOn ( $hostName , $dbname , $password );
if ( $dbReturn !== true ) {
return $dbReturn ;
2016-02-27 08:29:19 +01:00
}
2014-03-22 10:12:53 +01:00
2016-11-26 13:14:45 +01:00
$dbReturn = $this -> grantUsageOn ( $hostName , $dbname , $password , $max_queries_per_hour , $max_connections_per_hour , $max_updates_per_hour , $max_userconnections_per_hour );
if ( $dbReturn !== true ) {
return $dbReturn ;
}
$dbReconfigure = $this -> grantAll ( $hostName , $dbname );
if ( $dbReconfigure !== true ) {
return $dbReconfigure ;
2014-03-22 10:12:53 +01:00
}
2016-02-27 08:29:19 +01:00
}
2014-03-22 10:12:53 +01:00
2016-11-26 13:14:45 +01:00
return true ;
}
private function createGrantFlush ( $dbname , $password , $ips , $max_queries_per_hour , $max_connections_per_hour , $max_updates_per_hour , $max_userconnections_per_hour ) {
$hostList = array_merge ( array ( 'localhost' ), ipstoarray ( $ips ));
$sql = " DROP USER IF EXISTS ?@? " ;
$query = $this -> remotesql -> prepare ( $sql );
foreach ( $this -> getUsersHostList ( $dbname ) as $host ) {
if ( ! in_array ( $host , $hostList )) {
$query -> execute ( array ( $dbname , $host ));
}
2016-02-27 08:29:19 +01:00
}
2014-03-22 10:12:53 +01:00
2016-11-26 13:14:45 +01:00
$dbReturn = $this -> grantCreate ( $hostList , $dbname , $password , $max_queries_per_hour , $max_connections_per_hour , $max_updates_per_hour , $max_userconnections_per_hour );
if ( $dbReturn !== true ) {
return $dbReturn ;
2014-03-22 10:12:53 +01:00
}
2016-11-26 13:14:45 +01:00
if ( ! $this -> noHostTable ()) {
2015-06-06 19:55:18 +02:00
2016-11-26 13:14:45 +01:00
$dbReturn = $this -> addLocalHostEntry ();
2014-03-22 10:12:53 +01:00
2016-11-26 13:14:45 +01:00
if ( $dbReturn !== true ) {
return $dbReturn ;
}
2014-03-22 10:12:53 +01:00
2016-11-26 13:14:45 +01:00
$dbReturn = $this -> reconfigureHostTable ( $ips , $dbname );
if ( $dbReturn !== true ) {
return $dbReturn ;
}
}
$dbReturn = $this -> flushAll ();
if ( $dbReturn !== true ) {
return $dbReturn ;
}
return true ;
}
public function AddDB ( $mailData , $dbname , $password , $ips , $max_queries_per_hour , $max_connections_per_hour , $max_updates_per_hour , $max_userconnections_per_hour ) {
if ( $this -> error != 'ok' ) {
2014-03-22 10:12:53 +01:00
return $this -> error ;
}
try {
2016-11-26 13:14:45 +01:00
$sql = " CREATE DATABASE IF NOT EXISTS ` " . $dbname . " ` " ;
2016-02-27 08:29:19 +01:00
$this -> remotesql -> exec ( $sql );
2016-11-26 13:14:45 +01:00
2016-02-27 08:29:19 +01:00
} catch ( PDOException $error ) {
return $this -> errorReturn ( $error -> getMessage (), $sql );
}
2016-11-26 13:14:45 +01:00
$dbReturn = $this -> createGrantFlush ( $dbname , $password , $ips , $max_queries_per_hour , $max_connections_per_hour , $max_updates_per_hour , $max_userconnections_per_hour );
if ( $dbReturn !== true ) {
return $dbReturn ;
2016-02-27 08:29:19 +01:00
}
2014-03-22 10:12:53 +01:00
2016-11-26 13:14:45 +01:00
sendmail ( 'emailserverinstall' , $mailData [ 'userId' ], $mailData [ 'name' ], 'MySQL' , $mailData [ 'mailConnectInfo' ]);
return 'ok' ;
}
private function reconfigureHostTable ( $ips , $dbname ) {
2016-02-27 08:29:19 +01:00
$iparray = ipstoarray ( $ips );
$allowedips = array ();
2014-03-22 10:12:53 +01:00
2016-02-27 08:29:19 +01:00
try {
$sql = " SELECT `host` FROM `mysql`.`host` WHERE `db`=? " ;
$query = $this -> remotesql -> prepare ( $sql );
2014-03-22 10:12:53 +01:00
$query -> execute ( array ( $dbname ));
2014-11-30 12:55:07 +01:00
while ( $row = $query -> fetch ( PDO :: FETCH_ASSOC )) {
2014-03-22 10:12:53 +01:00
$allowedips [] = $row [ 'host' ];
}
2016-02-27 08:29:19 +01:00
} catch ( PDOException $error ) {
return $this -> errorReturn ( $error -> getMessage (), $sql );
}
try {
$sql = " INSERT INTO `mysql`.`host` (`host`,`db`,`Select_priv`,`Insert_priv`,`Update_priv`,`Delete_priv`,`Create_priv`,`Drop_priv`,`Alter_priv`) VALUES (?,?,'Y','Y','Y','Y','Y','Y','Y') " ;
$query = $this -> remotesql -> prepare ( $sql );
2015-07-17 20:08:55 +02:00
2014-03-22 10:12:53 +01:00
foreach ( $iparray as $ip ) {
if ( ! in_array ( $ip , $allowedips )) {
$query -> execute ( array ( $ip , $dbname ));
}
}
2016-02-27 08:29:19 +01:00
} catch ( PDOException $error ) {
return $this -> errorReturn ( $error -> getMessage (), $sql );
}
try {
$sql = " DELETE FROM `mysql`.`host` WHERE `host`=? AND `db`=? LIMIT 1 " ;
$query = $this -> remotesql -> prepare ( $sql );
2014-03-22 10:12:53 +01:00
foreach ( $allowedips as $ip ) {
if ( ! in_array ( $ip , $iparray )) {
$query -> execute ( array ( $ip , $dbname ));
}
}
2016-02-27 08:29:19 +01:00
} catch ( PDOException $error ) {
return $this -> errorReturn ( $error -> getMessage (), $sql );
}
2016-11-26 13:14:45 +01:00
return true ;
}
2015-07-17 20:08:55 +02:00
2016-11-26 13:14:45 +01:00
public function ModDB ( $dbname , $password , $ips , $max_queries_per_hour , $max_connections_per_hour , $max_updates_per_hour , $max_userconnections_per_hour ) {
if ( $this -> error != 'ok' ) {
return $this -> error ;
}
$dbReturn = $this -> createGrantFlush ( $dbname , $password , $ips , $max_queries_per_hour , $max_connections_per_hour , $max_updates_per_hour , $max_userconnections_per_hour );
if ( $dbReturn !== true ) {
return $dbReturn ;
2016-02-27 08:29:19 +01:00
}
2014-03-22 10:12:53 +01:00
2016-02-27 08:29:19 +01:00
try {
2016-11-26 13:14:45 +01:00
if ( $this -> noHostTable ()) {
$sql = " UPDATE `mysql`.`user` SET `authentication_string`=PASSWORD(?) WHERE`User`=? " ;
} else {
$sql = " UPDATE `mysql`.`user` SET `Password`=PASSWORD(?) WHERE `User`=? " ;
}
$query = $this -> remotesql -> prepare ( $sql );
$query -> execute ( array ( $password , $dbname ));
2014-03-22 10:12:53 +01:00
} catch ( PDOException $error ) {
2016-02-27 08:29:19 +01:00
return $this -> errorReturn ( $error -> getMessage (), $sql );
2014-03-22 10:12:53 +01:00
}
return 'ok' ;
}
public function DelDB ( $dbname ) {
if ( $this -> error != 'ok' ) {
return $this -> error ;
}
2016-11-26 13:14:45 +01:00
if ( ! $this -> noHostTable ()) {
try {
$sql = " DELETE FROM `mysql`.`host` WHERE `db`=? " ;
$query = $this -> remotesql -> prepare ( $sql );
$query -> execute ( array ( $dbname ));
} catch ( PDOException $error ) {
return $this -> errorReturn ( $error -> getMessage (), $sql );
}
2016-02-27 08:29:19 +01:00
}
2014-03-22 10:12:53 +01:00
2016-02-27 08:29:19 +01:00
try {
$sql = " DROP DATABASE ` " . $dbname . " ` " ;
$this -> remotesql -> exec ( $sql );
} catch ( PDOException $error ) {
return $this -> errorReturn ( $error -> getMessage (), $sql );
}
2014-03-22 10:12:53 +01:00
2016-11-26 13:14:45 +01:00
$dbReturn = $this -> flushAll ();
2014-03-22 10:12:53 +01:00
2016-11-26 13:14:45 +01:00
if ( $dbReturn !== true ) {
return $dbReturn ;
2014-03-22 10:12:53 +01:00
}
return 'ok' ;
}
2016-11-26 13:14:45 +01:00
private function getUsersHostList ( $username ) {
$hosts = array ();
$sql = " SELECT `Host` FROM `mysql`.`user` WHERE `User`=? " ;
$query = $this -> remotesql -> prepare ( $sql );
$query -> execute ( array ( $username ));
while ( $row = $query -> fetch ( PDO :: FETCH_ASSOC )) {
$hosts [] = $row [ 'Host' ];
}
return $hosts ;
}
2014-03-22 10:12:53 +01:00
public function DelUser ( $username ) {
if ( $this -> error != 'ok' ) {
return $this -> error ;
}
try {
2018-09-10 11:01:26 +02:00
$sql = " DROP USER ?@? " ;
2016-02-27 08:29:19 +01:00
$query = $this -> remotesql -> prepare ( $sql );
2014-03-22 10:12:53 +01:00
2016-11-26 13:14:45 +01:00
foreach ( $this -> getUsersHostList ( $username ) as $host ) {
$query -> execute ( array ( $username , $host ));
}
2014-03-22 10:12:53 +01:00
} catch ( PDOException $error ) {
2016-02-27 08:29:19 +01:00
return $this -> errorReturn ( $error -> getMessage (), $sql );
2014-03-22 10:12:53 +01:00
}
return 'ok' ;
}
function __destruct () {
$this -> remotesql = null ;
unset ( $this -> error );
}
2018-09-10 11:01:26 +02:00
}
