Skip to content

Commit 273547b

Browse files
author
vogelor
committed
1 parent bfbabf3 commit 273547b

File tree

4 files changed

+124
-33
lines changed

4 files changed

+124
-33
lines changed

interface/web/sites/database_phpmyadmin.php

Lines changed: 89 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,89 @@
1+
<?php
2+
/*
3+
Copyright (c) 2008, Till Brehm, projektfarm Gmbh
4+
All rights reserved.
5+
6+
Redistribution and use in source and binary forms, with or without modification,
7+
are permitted provided that the following conditions are met:
8+
9+
* Redistributions of source code must retain the above copyright notice,
10+
this list of conditions and the following disclaimer.
11+
* Redistributions in binary form must reproduce the above copyright notice,
12+
this list of conditions and the following disclaimer in the documentation
13+
and/or other materials provided with the distribution.
14+
* Neither the name of ISPConfig nor the names of its contributors
15+
may be used to endorse or promote products derived from this software without
16+
specific prior written permission.
17+
18+
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
19+
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
20+
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21+
IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
22+
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
23+
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24+
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
25+
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
26+
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
27+
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28+
*/
29+
30+
31+
require_once('../../lib/config.inc.php');
32+
require_once('../../lib/app.inc.php');
33+
34+
//* Check permissions for module
35+
$app->auth->check_module_permissions('sites');
36+
37+
/* get the id of the database (must be int!) */
38+
if (!isset($_GET['id'])){
39+
die ("No DB selected!");
40+
}
41+
$databaseId = intval($_GET['id']);
42+
43+
/*
44+
* Get the data to connect to the database
45+
*/
46+
$dbData = $app->dbmaster->queryOneRecord(
47+
"SELECT sys_userid, sys_groupid, sys_perm_user, sys_perm_group, server_id, database_name, database_user, database_password FROM web_database WHERE database_id = " .
48+
$databaseId);
49+
50+
/*
51+
* We also need the data of the server
52+
*/
53+
$serverId = intval($dbData['server_id']);
54+
if ($serverId == 0){
55+
die ("No DB-Server found!");
56+
}
57+
58+
$serverData = $app->dbmaster->queryOneRecord(
59+
"SELECT server_name FROM server WHERE server_id = " .
60+
$serverId);
61+
62+
/*
63+
* Check if the user has the right to open phpmyadmin with this database
64+
* (we will check only users, not admins)
65+
*/
66+
if($_SESSION["s"]["user"]["typ"] == 'user') {
67+
/* Get the group of the client */
68+
$client_group_id = $_SESSION["s"]["user"]["default_group"];
69+
/* compare both */
70+
if ($dbData['sys_groupid'] != $client_group_id){
71+
die ("You don't have the right to access this db!");
72+
}
73+
}
74+
75+
/*
76+
* Now generate the login-Form
77+
*/
78+
echo '
79+
starting phpMyAdmin...<br>
80+
<form method="post" action="http://' . $serverData['server_name'] . '/phpmyadmin/index.php" name="login_form" target="_top" style="visibility:hidden">
81+
<input type="text" name="pma_username" id="input_username" value="' . $dbData['database_user'] . '" />
82+
<input type="password" name="pma_password" id="input_password" value="' . $dbData['database_password'] . '" size="24" class="textfield" />
83+
</form>
84+
<script type="text/javascript" language="javascript">
85+
<!--
86+
document.forms["login_form"].submit();
87+
//-->
88+
</script>';
89+
?>

interface/web/sites/templates/database_list.htm

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40,6 +40,7 @@ <h2><tmpl_var name="list_head_txt"></h2>
4040
<td class="tbl_col_database_name"><a href="#" onClick="loadContent('sites/database_edit.php?id={tmpl_var name='id'}');">{tmpl_var name="database_name"}</a></td>
4141
<td class="tbl_col_buttons">
4242
<div class="buttons icons16">
43+
<a class="icons16 icoDbAdmin" href="sites/database_phpmyadmin.php?id={tmpl_var name='id'}" target="phpmyadmin"><span>{tmpl_var name='admin_txt'}</span></a>
4344
<a class="icons16 icoEdit" href="javascript: loadContent('sites/database_edit.php?id={tmpl_var name='id'}');"><span>{tmpl_var name='edit_txt'}</span></a>
4445
<a class="icons16 icoDelete" href="javascript: del_record('sites/database_del.php?id={tmpl_var name='id'}&phpsessid={tmpl_var name='phpsessid'}','{tmpl_var name='delete_confirmation'}');"><span>{tmpl_var name='delete_txt'}</span></a>
4546
</div>

interface/web/themes/default/css/screen/content_ispc.css

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -287,5 +287,6 @@
287287
.icons16.icoDelete { background-image: url("../../icons/x16/minus_circle_frame.png"); }
288288
.icons16.icoFilter { background-image: url(../../icons/x16/funnel.png); }
289289
.icons16.icoEdit { background-image: url("../../icons/x16/wrench.png"); }
290+
.icons16.icoDbAdmin { background-image: url("../../icons/x16/database.png"); }
290291
}
291292

server/mods-available/monitor_core_module.inc.php

Lines changed: 33 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -156,9 +156,9 @@ function monitorServer(){
156156
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
157157
"VALUES (".
158158
$server_id . ", " .
159-
"'" . $app->db->quote($type) . "', " .
159+
"'" . $app->dbmaster->quote($type) . "', " .
160160
time() . ", " .
161-
"'" . $app->db->quote(serialize($data)) . "', " .
161+
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
162162
"'" . $state . "'" .
163163
")";
164164
$app->dbmaster->query($sql);
@@ -220,9 +220,9 @@ function monitorDiskUsage() {
220220
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
221221
"VALUES (".
222222
$server_id . ", " .
223-
"'" . $app->db->quote($type) . "', " .
223+
"'" . $app->dbmaster->quote($type) . "', " .
224224
time() . ", " .
225-
"'" . $app->db->quote(serialize($data)) . "', " .
225+
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
226226
"'" . $state . "'" .
227227
")";
228228
$app->dbmaster->query($sql);
@@ -271,9 +271,9 @@ function monitorMemUsage()
271271
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
272272
"VALUES (".
273273
$server_id . ", " .
274-
"'" . $app->db->quote($type) . "', " .
274+
"'" . $app->dbmaster->quote($type) . "', " .
275275
time() . ", " .
276-
"'" . $app->db->quote(serialize($data)) . "', " .
276+
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
277277
"'" . $state . "'" .
278278
")";
279279
$app->dbmaster->query($sql);
@@ -316,9 +316,9 @@ function monitorCpu()
316316
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
317317
"VALUES (".
318318
$server_id . ", " .
319-
"'" . $app->db->quote($type) . "', " .
319+
"'" . $app->dbmaster->quote($type) . "', " .
320320
time() . ", " .
321-
"'" . $app->db->quote(serialize($data)) . "', " .
321+
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
322322
"'" . $state . "'" .
323323
")";
324324
$app->dbmaster->query($sql);
@@ -440,9 +440,9 @@ function monitorServices()
440440
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
441441
"VALUES (".
442442
$server_id . ", " .
443-
"'" . $app->db->quote($type) . "', " .
443+
"'" . $app->dbmaster->quote($type) . "', " .
444444
time() . ", " .
445-
"'" . $app->db->quote(serialize($data)) . "', " .
445+
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
446446
"'" . $state . "'" .
447447
")";
448448
$app->dbmaster->query($sql);
@@ -520,9 +520,9 @@ function monitorSystemUpdate(){
520520
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
521521
"VALUES (".
522522
$server_id . ", " .
523-
"'" . $app->db->quote($type) . "', " .
523+
"'" . $app->dbmaster->quote($type) . "', " .
524524
time() . ", " .
525-
"'" . $app->db->quote(serialize($data)) . "', " .
525+
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
526526
"'" . $state . "'" .
527527
")";
528528
$app->dbmaster->query($sql);
@@ -566,9 +566,9 @@ function monitorMailQueue(){
566566
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
567567
"VALUES (".
568568
$server_id . ", " .
569-
"'" . $app->db->quote($type) . "', " .
569+
"'" . $app->dbmaster->quote($type) . "', " .
570570
time() . ", " .
571-
"'" . $app->db->quote(serialize($data)) . "', " .
571+
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
572572
"'" . $state . "'" .
573573
")";
574574
$app->dbmaster->query($sql);
@@ -649,9 +649,9 @@ function monitorRaid(){
649649
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
650650
"VALUES (".
651651
$server_id . ", " .
652-
"'" . $app->db->quote($type) . "', " .
652+
"'" . $app->dbmaster->quote($type) . "', " .
653653
time() . ", " .
654-
"'" . $app->db->quote(serialize($data)) . "', " .
654+
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
655655
"'" . $state . "'" .
656656
")";
657657
$app->dbmaster->query($sql);
@@ -709,9 +709,9 @@ function monitorRkHunter(){
709709
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
710710
"VALUES (".
711711
$server_id . ", " .
712-
"'" . $app->db->quote($type) . "', " .
712+
"'" . $app->dbmaster->quote($type) . "', " .
713713
time() . ", " .
714-
"'" . $app->db->quote(serialize($data)) . "', " .
714+
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
715715
"'" . $state . "'" .
716716
")";
717717
$app->dbmaster->query($sql);
@@ -746,9 +746,9 @@ function monitorMailLog()
746746
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
747747
"VALUES (".
748748
$server_id . ", " .
749-
"'" . $app->db->quote($type) . "', " .
749+
"'" . $app->dbmaster->quote($type) . "', " .
750750
time() . ", " .
751-
"'" . $app->db->quote(serialize($data)) . "', " .
751+
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
752752
"'" . $state . "'" .
753753
")";
754754
$app->dbmaster->query($sql);
@@ -783,9 +783,9 @@ function monitorMailWarnLog()
783783
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
784784
"VALUES (".
785785
$server_id . ", " .
786-
"'" . $app->db->quote($type) . "', " .
786+
"'" . $app->dbmaster->quote($type) . "', " .
787787
time() . ", " .
788-
"'" . $app->db->quote(serialize($data)) . "', " .
788+
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
789789
"'" . $state . "'" .
790790
")";
791791
$app->dbmaster->query($sql);
@@ -820,9 +820,9 @@ function monitorMailErrLog()
820820
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
821821
"VALUES (".
822822
$server_id . ", " .
823-
"'" . $app->db->quote($type) . "', " .
823+
"'" . $app->dbmaster->quote($type) . "', " .
824824
time() . ", " .
825-
"'" . $app->db->quote(serialize($data)) . "', " .
825+
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
826826
"'" . $state . "'" .
827827
")";
828828
$app->dbmaster->query($sql);
@@ -858,9 +858,9 @@ function monitorMessagesLog()
858858
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
859859
"VALUES (".
860860
$server_id . ", " .
861-
"'" . $app->db->quote($type) . "', " .
861+
"'" . $app->dbmaster->quote($type) . "', " .
862862
time() . ", " .
863-
"'" . $app->db->quote(serialize($data)) . "', " .
863+
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
864864
"'" . $state . "'" .
865865
")";
866866
$app->dbmaster->query($sql);
@@ -930,9 +930,9 @@ function monitorFreshClamLog()
930930
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
931931
"VALUES (".
932932
$server_id . ", " .
933-
"'" . $app->db->quote($type) . "', " .
933+
"'" . $app->dbmaster->quote($type) . "', " .
934934
time() . ", " .
935-
"'" . $app->db->quote(serialize($data)) . "', " .
935+
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
936936
"'" . $state . "'" .
937937
")";
938938
$app->dbmaster->query($sql);
@@ -964,9 +964,9 @@ function monitorClamAvLog()
964964
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
965965
"VALUES (".
966966
$server_id . ", " .
967-
"'" . $app->db->quote($type) . "', " .
967+
"'" . $app->dbmaster->quote($type) . "', " .
968968
time() . ", " .
969-
"'" . $app->db->quote(serialize($data)) . "', " .
969+
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
970970
"'" . $state . "'" .
971971
")";
972972
$app->dbmaster->query($sql);
@@ -998,9 +998,9 @@ function monitorIspConfigLog()
998998
$sql = "INSERT INTO monitor_data (server_id, type, created, data, state) " .
999999
"VALUES (".
10001000
$server_id . ", " .
1001-
"'" . $app->db->quote($type) . "', " .
1001+
"'" . $app->dbmaster->quote($type) . "', " .
10021002
time() . ", " .
1003-
"'" . $app->db->quote(serialize($data)) . "', " .
1003+
"'" . $app->dbmaster->quote(serialize($data)) . "', " .
10041004
"'" . $state . "'" .
10051005
")";
10061006
$app->dbmaster->query($sql);
@@ -1111,7 +1111,7 @@ function _delOldRecords($type, $min, $hour=0, $days=0) {
11111111
$old = $now - ($min * 60) - ($hour * 60 * 60) - ($days * 24 * 60 * 60);
11121112
$sql = "DELETE FROM monitor_data " .
11131113
"WHERE " .
1114-
"type =" . "'" . $app->db->quote($type) . "' " .
1114+
"type =" . "'" . $app->dbmaster->quote($type) . "' " .
11151115
"AND " .
11161116
"created < " . $old;
11171117
$app->dbmaster->query($sql);

0 commit comments

Comments
 (0)