1#!/usr/local/bin/perl
2# save_tpriv.cgi
3# Save, update or delete table permissions
4
5require './mysql-lib.pl';
6&ReadParse();
7$access{'perms'} || &error($text{'perms_ecannot'});
8
9if ($in{'delete'}) {
10	# Delete some permissions
11	$access{'perms'} == 1 || &can_edit_db($in{'olddb'}) ||
12		&error($text{'perms_edb'});
13	&execute_sql_logged($master_db,
14		"delete from tables_priv where user = '$in{'olduser'}' ".
15		"and host = '$in{'oldhost'}' and db = '$in{'olddb'}' ".
16		"and table_name = '$in{'oldtable'}'");
17	}
18else {
19	# Validate inputs
20	&error_setup($text{'tpriv_err'});
21	$in{'table'} || &error($text{'tpriv_etable'});
22	$in{'user_def'} || $in{'user'} =~ /^\S+$/ ||
23		&error($text{'tpriv_euser'});
24	$in{'host_def'} || $in{'host'} =~ /^\S+$/ ||
25		&error($text{'tpriv_ehost'});
26	$in{'perms1'} =~ s/\0/,/g;
27	$in{'perms2'} =~ s/\0/,/g;
28
29	if ($in{'db'}) {
30		# Create new table permissions
31		$access{'perms'} == 1 || &can_edit_db($in{'db'}) ||
32			&error($text{'perms_edb'});
33		$sql = "insert into tables_priv (host, db, user, table_name, ".
34		       "grantor, table_priv, column_priv) ".
35		       "values (?, ?, ?, ?, ?, ?, ?)";
36		&execute_sql_logged($master_db, $sql,
37			$in{'host_def'} ? '%' : $in{'host'},
38			$in{'db'},
39			$in{'user_def'} ? '' : $in{'user'},
40			$in{'table'}, $config{'login'} || "root",
41			$in{'perms1'} || '', $in{'perms2'} || '');
42		}
43	else {
44		# Update existing table permissions
45		$access{'perms'} == 1 || &can_edit_db($in{'olddb'}) ||
46			&error($text{'perms_edb'});
47		$sql = "update tables_priv set host = ?, user = ?, ".
48		       "table_name = ?, table_priv = ?, column_priv = ? ".
49		       "where host = ? and db = ? and user = ? and ".
50		       "table_name = ?";
51		&execute_sql_logged($master_db, $sql,
52			$in{'host_def'} ? '%' : $in{'host'},
53			$in{'user_def'} ? '' : $in{'user'},
54			$in{'table'}, $in{'perms1'} || '', $in{'perms2'} || '',
55			$in{'oldhost'}, $in{'olddb'},
56			$in{'olduser'}, $in{'oldtable'});
57		}
58	}
59&execute_sql_logged($master_db, 'flush privileges');
60if ($in{'delete'}) {
61	&webmin_log("delete", "tpriv", $in{'oldtable'},
62		    { 'user' => $in{'olduser'}, 'host' => $in{'oldhost'},
63		      'db' => $in{'olddb'}, 'table' => $in{'oldtable'} } );
64	}
65elsif ($in{'db'}) {
66	&webmin_log("create", "tpriv", $in{'table'},
67		    { 'user' => $in{'user_def'} ? '' : $in{'user'},
68		      'host' => $in{'host_def'} ? '%' : $in{'host'},
69		      'db' => $in{'db'}, 'table' => $in{'table'} } );
70	}
71else {
72	&webmin_log("modify", "tpriv", $in{'table'},
73		    { 'user' => $in{'user_def'} ? '' : $in{'user'},
74		      'host' => $in{'host_def'} ? '%' : $in{'host'},
75		      'db' => $in{'db'}, 'table' => $in{'table'} } );
76	}
77&redirect("list_tprivs.cgi");
78
79