You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
115 lines
2.9 KiB
115 lines
2.9 KiB
1 year ago
|
<?php
|
||
|
|
use function Hestiacp\quoteshellarg\quoteshellarg;
|
||
|
|
|
||
|
|
ob_start();
|
||
|
|
$TAB = "DB";
|
||
|
|
|
||
|
|
// Main include
|
||
|
|
include $_SERVER["DOCUMENT_ROOT"] . "/inc/main.php";
|
||
|
|
|
||
|
|
// Check database id
|
||
|
|
if (empty($_GET["database"])) {
|
||
|
|
header("Location: /list/db/");
|
||
|
|
exit();
|
||
|
|
}
|
||
|
|
|
||
|
|
// Edit as someone else?
|
||
|
|
if ($_SESSION["userContext"] === "admin" && !empty($_GET["user"])) {
|
||
|
|
$user = quoteshellarg($_GET["user"]);
|
||
|
|
$user_plain = htmlentities($_GET["user"]);
|
||
|
|
}
|
||
|
|
|
||
|
|
// List datbase
|
||
|
|
$v_database = $_GET["database"];
|
||
|
|
exec(
|
||
|
|
HESTIA_CMD . "v-list-database " . $user . " " . quoteshellarg($v_database) . " 'json'",
|
||
|
|
$output,
|
||
|
|
$return_var,
|
||
|
|
);
|
||
|
|
check_return_code_redirect($return_var, $output, "/list/db/");
|
||
|
|
$data = json_decode(implode("", $output), true);
|
||
|
|
unset($output);
|
||
|
|
|
||
|
|
// Parse database
|
||
|
|
$v_username = $user;
|
||
|
|
$v_dbuser = preg_replace("/^" . $user_plain . "_/", "", $data[$v_database]["DBUSER"]);
|
||
|
|
$v_password = "";
|
||
|
|
$v_host = $data[$v_database]["HOST"];
|
||
|
|
$v_type = $data[$v_database]["TYPE"];
|
||
|
|
$v_charset = $data[$v_database]["CHARSET"];
|
||
|
|
$v_date = $data[$v_database]["DATE"];
|
||
|
|
$v_time = $data[$v_database]["TIME"];
|
||
|
|
$v_suspended = $data[$v_database]["SUSPENDED"];
|
||
|
|
if ($v_suspended == "yes") {
|
||
|
|
$v_status = "suspended";
|
||
|
|
} else {
|
||
|
|
$v_status = "active";
|
||
|
|
}
|
||
|
|
|
||
|
|
// Check POST request
|
||
|
|
if (!empty($_POST["save"])) {
|
||
|
|
$v_username = $user;
|
||
|
|
|
||
|
|
// Check token
|
||
|
|
verify_csrf($_POST);
|
||
|
|
|
||
|
|
// Change database user
|
||
|
|
if ($v_dbuser != $_POST["v_dbuser"] && empty($_SESSION["error_msg"])) {
|
||
|
|
$cmd = implode(" ", [
|
||
|
|
HESTIA_CMD . "v-change-database-user",
|
||
|
|
// $user is already shell-quoted
|
||
|
|
$user,
|
||
|
|
quoteshellarg($v_database),
|
||
|
|
quoteshellarg($_POST["v_dbuser"]),
|
||
|
|
]);
|
||
|
|
exec($cmd, $output, $return_var);
|
||
|
|
|
||
|
|
check_return_code($return_var, $output);
|
||
|
|
unset($output);
|
||
|
|
}
|
||
|
|
|
||
|
|
// Change database password
|
||
|
|
if (!empty($_POST["v_password"]) && empty($_SESSION["error_msg"])) {
|
||
|
|
if (!validate_password($_POST["v_password"])) {
|
||
|
|
$_SESSION["error_msg"] = _("Password does not match the minimum requirements.");
|
||
|
|
} else {
|
||
|
|
$v_password = tempnam("/tmp", "vst");
|
||
|
|
$fp = fopen($v_password, "w");
|
||
|
|
fwrite($fp, $_POST["v_password"] . "\n");
|
||
|
|
fclose($fp);
|
||
|
|
exec(
|
||
|
|
HESTIA_CMD .
|
||
|
|
"v-change-database-password " .
|
||
|
|
$user .
|
||
|
|
" " .
|
||
|
|
quoteshellarg($v_database) .
|
||
|
|
" " .
|
||
|
|
$v_password,
|
||
|
|
$output,
|
||
|
|
$return_var,
|
||
|
|
);
|
||
|
|
check_return_code($return_var, $output);
|
||
|
|
unset($output);
|
||
|
|
unlink($v_password);
|
||
|
|
$v_password = quoteshellarg($_POST["v_password"]);
|
||
|
|
}
|
||
|
|
}
|
||
|
|
|
||
|
|
// Set success message
|
||
|
|
if (empty($_SESSION["error_msg"])) {
|
||
|
|
$_SESSION["ok_msg"] = _("Changes have been saved.");
|
||
|
|
}
|
||
|
|
// if the mysql username was changed, render_page() below will render with the OLD mysql username,
|
||
|
|
// to prvent that, make the browser refresh the page.
|
||
|
|
http_response_code(303);
|
||
|
|
header("Location: " . $_SERVER["REQUEST_URI"]);
|
||
|
|
die();
|
||
|
|
}
|
||
|
|
|
||
|
|
// Render page
|
||
|
|
render_page($user, $TAB, "edit_db");
|
||
|
|
|
||
|
|
// Flush session messages
|
||
|
|
unset($_SESSION["error_msg"]);
|
||
|
|
unset($_SESSION["ok_msg"]);
|