Location: PHPKode > projects > web-cp - Web Hosting Control Panel > webcp/web/domain/dbadmin.phps
<?
// Init vars
$i = 0;
$j = 0;
$k = 0;
unset($done);
unset($userlist);
unset($error);

// Get current domain's user list
$dbp = mysql_query("SELECT username FROM users WHERE id=".$domaindata['id']." ORDER BY username");

while ($tmp = mysql_fetch_array($dbp)) {
	$utmp = substr($tmp['username'],0,16);
	if ($userlist[$j-1] != $utmp)
		$userlist[$j++] = $utmp;
}

// If data is set (i.e the submit button has been hit)
if ((isset($data) OR $action == 'remove') && ($userdata['type'] != 'demo') && $confirm) {
	// remove spaces and slashes.
	if ($action != 'remove') {
		while (list($key, $val) = each($data))
			$data[$key] = trim(stripslashes($val));
		reset($data);
	}
	
	// create database
	if ($action == 'create') {
		// Check database name
		if (!eregi($rx['user'],$data['dbname']))
			$error[$i++] = $T['err']['db']['name'];
		
		// Name is free?
		if (@mysql_select_db($data['dbname'])) {
			mysql_select_db($cfg['dbname']);
			$error[$i++] = $T['err']['db']['name taken'];
		}
		
		// Verify username validity
		$j = 0;
		$uvalid = false;
		while($userlist[$j]) {
			if ($userlist[$j] == $data['dbuser']) {
				$uvalid = true;
				break;
			}
			++$j;
		}
		if (!$uvalid)
			$error[$i++] = $T['err']['db']['username'];
		
		// if user is already in the db, dont check pass or create it!
		mysql_select_db('mysql');
		$dbp = mysql_query("SELECT User FROM user WHERE User='".$data['dbuser']."'");
		if (mysql_num_rows($dbp))
			$userset = true;
		else
			$userset = false;

		
		// Verify password
		if (!eregi($rx['pass'],$data['password']) AND !$userset) {
			$error[$i++] = $T['err']['db']['password'];
		}
		
		// Check for weak password
		if ($cfg['strong_passwords']) {
			if (!password_check($data['password'])) {
				$error[$i++] = $T['err']['db']['weakpassword'];
			}
		}
		// Verify there free databases
		// Construct SQL query
		$sql_query  = "SELECT User FROM db WHERE ";
		$sql_query .= "User='".implode("' OR User='",$userlist);
		$sql_query .= "'";
		// Fetch current databases
		
		$dbp = mysql_query($sql_query);
		if (mysql_num_rows($dbp) >= $domaindata['db'])
			$error[$i++] = $T['err']['db']['no db'];
		mysql_select_db($cfg['dbname']);

		if(!$error) {
			if (!mysql_query("CREATE DATABASE `".$data['dbname']."`")) {
				$error[$i++] = $T['err']['db']['no create'];
			}
			mysql_select_db('mysql');
			if (!$userset) {
				mysql_query("INSERT INTO user SET Host='localhost', User='".$data['dbuser']."', password=PASSWORD('".$data['password']."')");
			}
			mysql_query("INSERT INTO db SET Host='localhost', Db='".$data['dbname']."', User='".$data['dbuser']."', Select_priv='Y',
					Insert_priv='Y', Update_priv='Y', Delete_priv='Y', Create_priv='Y' ,Drop_priv='Y', Grant_priv='N', 
					References_priv='Y', Index_priv='Y', Alter_priv='Y'");
			mysql_query("FLUSH PRIVILEGES");
			mysql_select_db($cfg['dbname']);
			if(!$error) {
				$done[++$k] = $T['db created'].$data['dbname'];
			}
		}
	}
	
	// update database(s)
	elseif ($action == 'update') {
		// loop through all possible input
		while (list($key, $val) = each($data)) {
			// if its a password, check it out
			if (ereg("_pass$",$key) AND $val) {
				// Get username
				$uname = trim(ereg_replace("_pass$","",$key));
				
				// Check username
				if (!eregi($rx['user'],$uname))
					$error[$i++] = $T['err']['db']['username'];
				
				// Verify password
				if (!eregi($rx['pass'],$val))
					$error[$i++] = $T['err']['db']['password'];
				
				// if no errors, update user's password
				if (!$error) {
					mysql_select_db('mysql');
					mysql_query("UPDATE user SET Password = PASSWORD('$val') WHERE User='$uname'");
					mysql_query("FLUSH PRIVILEGES");
					mysql_select_db($cfg['dbname']);
					$done[++$k] = $T['db user updated'].$uname;
				}
			}
		}
	}
	
	// remove database
	elseif ($action == 'remove') {
		
		// Check database name
		if (!eregi($rx['user'],$data['dbname']))
			$error[$i++] = $T['err']['db']['name'];
		
		// Verify the db exists and is valid
		// Construct SQL query
		$sql_query  = "SELECT User FROM db WHERE ";
		$sql_query .= "User='".implode("' OR User='",$userlist);
		$sql_query .= "' AND Db='".$data['dbname']."'";
		// Fetch current databases
		mysql_select_db('mysql');
		$dbp = mysql_query($sql_query);
		if (!mysql_num_rows($dbp)) {
			$error[$i++] = $T['err']['db']['invalid db'];
		}
		$uname = mysql_fetch_array($dbp);
		$uname = $uname['User'];
		// Verify if the user is still in use
		$dbp = mysql_query("SELECT Db FROM db WHERE User = '$uname'");
		$userused = mysql_num_rows($dbp);
		mysql_select_db($cfg['dbname']);
		
		// if no errors, update user's password
		if (!$error) {
			mysql_query("DROP DATABASE ".$data['dbname']);
			mysql_select_db('mysql');
			if (!$userused)
				mysql_query("DELETE FROM user WHERE User='$uname'");
			mysql_query("DELETE FROM db WHERE Db='".$data['dbname']."'");
			mysql_query("FLUSH PRIVILEGES");
			mysql_select_db($cfg['dbname']);
			$done[++$k] = $T['db removed'].$data['dbname'];
		}
	}
	if ($error)
		echo "<br>&nbsp;&nbsp;• ".implode("<br>\n&nbsp;&nbsp;• ",$error)."<br><br>\n";
	if ($done)
		echo "<br>&nbsp;&nbsp;• ".implode("<br>\n&nbsp;&nbsp;• ",$done)."<br><br>\n";
} elseif ((isset($data) OR $action == 'remove') && $userdata['type'] == 'demo') {
	echo "<center>".$T['err']['demo user']."</center>";
} elseif ((isset($data) OR $action == 'remove') && !$confirm) {
?>
<blockquote>
<form action="<?=$current_url;?>" method="post" name="webcp1" onSubmit="submitonce(this);">

&nbsp;&nbsp;• <?=$T['really '.$action];?><b><?=(($action == "update") ? "password" : $data['dbname']);?></b><br>
&nbsp;&nbsp;&nbsp;<input type="submit" value="<?=$T['yes'];?>">
<?

foreach ($data as $key => $val) {
	echo '<input type="hidden" name="data['.$key.']" value="'.$data[$key].'">';
}
?>

<input type="hidden" name="action" value="<?=$action;?>">
<input type="hidden" name="confirm" value="true">
</form>
</blockquote>
<?
}

// check for users, else display message
$dbp = mysql_query("SELECT username FROM users WHERE id=".$domaindata['id']." AND action != 'remove'");
$numrows = mysql_num_rows($dbp);
if (!$numrows) 
	echo $T['no users'];
else {
?>
<form action="<?=$current_url;?>" method="post" name="webcp1" onSubmit="submitonce(this);">
<div align="center">
<table border="0" cellpadding="0" cellspacing="0" summary="" width="500">
	<tr>
		<td>
		<b class="big"><?=$T['MySQL DB Creation'];?></b>
		<table border="0" cellpadding="0" cellspacing="0" summary="" class="tblbg">
			<tr>
				<td>
				<table border="0" cellspacing="1" summary="">
					<tr>
						<td class="row2"><b><?=$T['Database Name'];?></b></td>
						<td class="row2"><b><?=$T['Username'];?></b></td>
						<td class="row2"><b><?=$T['Password'];?></b></td>
					</tr>
					<tr>
						<td class="row1"><input type="text" name="data[dbname]" size="20" maxlength="25" value="<?=(($error) ? $data['dbname'] : "");?>"></td>
						<td class="row1"><select name="data[dbuser]">
						<? $j = 0;
						while($userlist[$j]) {
							echo "<option value='".$userlist[$j]."'";
							if ($error && ($userlist[$j] == $data['dbuser'])) { echo " selected "; }
							echo "> ".$userlist[$j]."</option>\n";
							++$j;
						} ?></select>
		                       </td>
						<td class="row1"><input type="text" name="data[password]" size="20" maxlength="25"></td>
					</tr>
				</table>
				</td>
			</tr>
		</table><br>
		<input type="hidden" name="action" value="create">
		<div align="right"><input type="submit" value="<?=$T['Create Database'];?>"></div>
		</td>
	</tr>
</table>
</div></form><br><br>
<?
if ($userlist) { 
	// Construct SQL query
	$sql_query  = "SELECT Db,User FROM db WHERE ";
	$sql_query .= "User='".implode("' OR User='",$userlist);
	$sql_query .= "'";
	
	// Fetch current databases
	mysql_select_db('mysql');
	$dbp = mysql_query($sql_query);

	if (mysql_num_rows($dbp)) { ?>
<div align="center">
<form action="<?=$current_url;?>" method="post" name="webcp2" onSubmit="submitonce(this);">
<table border="0" cellpadding="0" cellspacing="0" summary="" width="500">
	<tr>
		<td>
		<b class="big"><?=$T['MySQL DB Management'];?></b>
		<table border="0" cellpadding="0" cellspacing="0" summary="" class="tblbg">
			<tr>
				<td>
				<table border="0" cellspacing="1" summary="">
					<tr>
						<td class="row2"><b>&nbsp;<?=$T['Database Name'];?>&nbsp;</b></td>
						<td class="row2"><b>&nbsp;<?=$T['Num Tables'];?>&nbsp;</b></td>
						<td class="row2"><b>&nbsp;<?=$T['Database Size'];?>&nbsp;</b></td>
						<td class="row2"><b>&nbsp;<?=$T['Username'];?>&nbsp;</b></td>
						<td class="row2"><b>&nbsp;<?=$T['Password'];?>&nbsp;</b></td>
						<td class="row2">&nbsp;</td>
					</tr>
					<?
					while ($dbdata = mysql_fetch_array($dbp)) {
						$dbp1 = mysql_list_tables($dbdata['Db']);
						$db = mysql_select_db($dbdata['Db'])
	 						or exit('Could not select database: ' . mysql_error()); 
 						// Calculate DB size by adding table size + index size: 
 						$rows = mysql_query("SHOW TABLE STATUS"); 
 						$dbsize = 0; 
 						while ($row = mysql_fetch_array($rows)) { 
 							$dbsize += $row['Data_length'] + $row['Index_length']; 
 						}
 						$db = mysql_select_db($cfg['dbname']);
 						$dbsize = file_size_info($dbsize); 
						?>
					<tr>
						<td class="row1"><i><?=$dbdata['Db'];?></i></td>
						<td class="row1"><?=intval(@mysql_num_rows($dbp1));?></td>
						<td class="row1"><?=$dbsize['size'];?> <?=$dbsize['type'];?></td>
						<td class="row1"><i><?=$dbdata['User'];?></i></td>
						<td class="row1"><input type="text" name="data[<?=$dbdata['User'];?>_pass]" size="20" maxlength="25"></td>
						<td class="row1">&nbsp;<a href="<?=$current_url;?>&action=remove&data[dbname]=<?=$dbdata['Db'];?>"><img src="icon/remove.gif" border="0" width="15" height="15" alt="Remove"></a>&nbsp;</td>
					</tr>
					<? } ?>
				</table>
				</td>
			</tr>
		</table><br>
		<input type="hidden" name="action" value="update">
		<div align="right"><input type="submit" value="<?=$T['Update Settings'];?>"></div>
		</td>
	</tr>
</table>
</form></div>
<?		}
	mysql_select_db($cfg['dbname']);
	}
}
?>
Return current item: web-cp - Web Hosting Control Panel