4 written for beta SIPB/MIT SQL service in conjunction with scripts.mit.edu
8 define('VERSION', '0.1beta');
10 define('DEFAULT_MAX_DBS', 5);
11 define('DEFAULT_MAX_SIZE', 26214400);
12 define('DEFAULT_MAX_DB_SIZE', 0);
14 define('FORM_METHOD', 'GET');
16 define('PASS_MIN_LEN', 4);
17 define('DELIMETER', '+');
19 define('TEXT_NOREG', 'Your account is not registered with this utility.');
20 define('TEXT_DBLIMIT', 'You\'ve reached your database limit.');
21 define('TEXT_FIXREG', 'Fixing database registration for: ');
22 define('TEXT_NOTREG', 'Database operations are allowed only for those registered to your account.');
23 define('TEXT_REGPASSTOOSHORT', 'Your SQL password must be at least '.PASS_MIN_LEN.' characters.');
25 define('HOST', 'sql.mit.edu');
26 define('ADMINUSER', 'root');
27 //define('ADMINPASS', 'b6808ded2');
28 define('ADMINPASS', 'MyBeatsPost@');
29 //define('ADMINPASS', base64_decode('YjY4MDhkZWQy'));
30 define('MANAGEDB', 'mitsql');
31 define('MANAGEDBTABLE', 'db');
32 define('MANAGEOWNERTABLE', 'owner');
34 define('SQLSELECT', 'SELECT * FROM %s');
35 define('SQLSELECTWHERE', 'SELECT * FROM %s WHERE %s');
36 define('SQLSELECT1WHERE', 'SELECT * FROM %s WHERE %s LIMIT 1');
37 define('SQLINSERT', 'INSERT INTO %s VALUES (%s)');
38 define('SQLDELETE', 'DELETE FROM %s WHERE %s');
39 define('SQLDELETE1', 'DELETE FROM %s WHERE %s LIMIT 1');
41 $cxn = mysql_connect(HOST, ADMINUSER, ADMINPASS);
43 function redirectLocal($target) {
44 $dir = dirname($_SERVER['PHP_SELF'])=='/'?'':dirname($_SERVER['PHP_SELF']);
45 redirectFull($dir.$target);
47 function redirectFull($target) {
48 $ssl = $_SERVER['SERVER_PORT'] == 443 ? true : false;
49 redirect(($ssl?'https://':'http://').$_SERVER['SERVER_NAME'].$target);
51 function redirect($target) {
52 if (ob_get_contents()) ob_end_clean();
53 header('Location: '.$target);
57 function sprintSize($bytes, $float=2) {
58 if (is_null($bytes)) return null;
59 $kb = round($bytes / 1024, $float);
60 $mb = round($bytes / 1024 / 1024, $float);
61 $gb = round($bytes / 1024 / 1024 / 1024, $float);
63 return ($bytes<1||$kb<1?$bytes.' B':($mb<1?$kb.' KB':($gb<1?$mb.' MB':$gb.' GB')));
66 function sprintTS($timestamp) {
67 return substr($timestamp,0,4).
68 '-'.substr($timestamp,4,2).
69 '-'.substr($timestamp,6,2).
70 ' '.substr($timestamp,8,2).
71 ':'.substr($timestamp,10,2).
72 ':'.substr($timestamp,12,2);
75 function getDBSize($tdb) {
76 mysql_select_db($tdb);
78 $sql_result = "SHOW TABLE STATUS FROM `" .mysql_escape_string($tdb)."`";
79 $result = @mysql_query($sql_result);
83 while ($data = mysql_fetch_array($result)) {
84 $size += $data["Data_length"] + $data["Index_length"];
93 function getSSLIdent() {
94 if (isset($_SERVER['SSL_CLIENT_S_DN_Email'])) {
95 $sslemail = $_SERVER['SSL_CLIENT_S_DN_Email'];
96 $ssluser = explode('@',$sslemail);
97 $ssluser = $ssluser[0];
105 var $username = "", $dbs;
109 function DBManage($username = "") {
110 if (!empty($username)) {
111 $this->username = $username;
118 $rs = mysql_db_query(MANAGEDB,
119 sprintf(SQLSELECT1WHERE,
121 'name="'.mysql_escape_string($this->username).'"'));
122 //or exit(mysql_error());
123 while($r = mysql_fetch_assoc($rs)) {
126 mysql_free_result($rs);
130 $rs = mysql_db_query(MANAGEDB,
131 sprintf(SQLSELECTWHERE,
133 'owner="'.mysql_escape_string($this->username).'" ORDER BY name')) or exit(mysql_error());
134 while($r = mysql_fetch_assoc($rs)) {
136 $t['registered'] = 1;
138 $dbs[$r['name']] = $t;
140 mysql_free_result($rs);
142 $rs = mysql_db_query('mysql',
143 sprintf(SQLSELECTWHERE,
145 'User="'.mysql_escape_string($this->username).'" ORDER BY Db'));
146 while($r = mysql_fetch_assoc($rs)) {
147 if (!isset($dbs[$r['Db']])) {
148 $dbs[$r['Db']] = array();
149 $dbs[$r['Db']]['registered'] = 0;
151 $dbs[$r['Db']]['granted'] = 1;
152 $dbs[$r['Db']]['name'] = $r['Db'];
154 mysql_free_result($rs);
156 foreach($dbs as $d1=>$d2) {
157 $size = getDBSize($d1);
158 if (is_null($size)) {
159 $dbs[$d1]['sizeNow'] = 0;
160 $dbs[$d1]['exists'] = 0;
162 $dbs[$d1]['sizeNow'] = $size;
163 $this->sizeNow += $size;
164 $dbs[$d1]['exists'] = 1;
170 return !is_null($this->r_owner);
172 function grantDB($dbname) {
173 mysql_query('GRANT ALL PRIVILEGES ON '
174 .'`'.mysql_escape_string($dbname).'` . * '
175 .'TO \''.mysql_escape_string($this->username).'\'@\'%\'') or exit(mysql_error());
178 function flushPriv() {
179 mysql_query('FLUSH PRIVILEGES') or exit(mysql_error());
181 function revokeDB($dbname) {
182 mysql_db_query('mysql',
183 'DELETE FROM `db` WHERE '
184 .'User = \''.mysql_escape_string($this->username).'\' '
185 .'AND Db = \''.mysql_escape_string($dbname).'\'') or exit(mysql_error());
188 function setPassword($password) {
189 mysql_query('SET PASSWORD FOR '.
190 '\''.mysql_escape_string($this->username).'\'@\'%\'='.
191 'PASSWORD(\''.mysql_escape_string($password).'\')') or exit(mysql_error());
193 function init($password, $maxDBs = DEFAULT_MAX_DBS, $maxSize = DEFAULT_MAX_SIZE) {
194 mysql_query('GRANT USAGE ON * . * TO '.
195 '\''.mysql_escape_string($this->username).'\'@\'%\' '.
196 'IDENTIFIED BY \''.mysql_escape_string($password).'\'') or exit(mysql_error());
198 mysql_db_query(MANAGEDB,
201 sprintf("'%s','%s','%s',NOW(),NOW()",
202 mysql_escape_string($this->username),
204 $maxSize))) or exit(mysql_error());
207 mysql_db_query('mysql',
208 'DELETE FROM `user` WHERE '
209 .'User = \''.mysql_escape_string($this->username).'\'') or exit(mysql_error());
210 mysql_db_query('mysql',
211 'DELETE FROM `db` WHERE '
212 .'User = \''.mysql_escape_string($this->username).'\'') or exit(mysql_error());
213 mysql_db_query('mysql',
214 'DELETE FROM `tables_priv` WHERE '
215 .'User = \''.mysql_escape_string($this->username).'\'') or exit(mysql_error());
216 mysql_db_query('mysql',
217 'DELETE FROM `columns_priv` WHERE '
218 .'User = \''.mysql_escape_string($this->username).'\'') or exit(mysql_error());
219 mysql_query('FLUSH PRIVILEGES') or exit(mysql_error());
221 mysql_db_query(MANAGEDB,
224 'owner=\''.mysql_escape_string($this->username).'\'')) or exit(mysql_error());
226 foreach($this->dbs as $db)
227 $this->dropDB($db['name']);
229 mysql_db_query(MANAGEDB,
232 'name=\''.mysql_escape_string($this->username).'\'')) or exit(mysql_error());
234 function registerDB($name, $maxSize = DEFAULT_MAX_DB_SIZE) {
235 mysql_db_query(MANAGEDB,
238 sprintf("'%s','%s','%s','',NOW(),NOW()",
239 mysql_escape_string($name),
240 mysql_escape_string($this->username),
241 $maxSize))) or exit(mysql_error());
243 function unregisterDB($name) {
244 mysql_db_query(MANAGEDB,
247 'name="'.mysql_escape_string($name).'"')) or exit(mysql_error());
249 function createDB($name) {
250 @mysql_create_db($name);
252 function dropDB($name) {
253 @mysql_drop_db($name);
255 function addDB($name) {
256 if (!$this->isExists($name))
257 $this->createDB($name);
258 if (!$this->isRegistered($name))
259 $this->registerDB($name);
260 if (!$this->isGranted($name))
261 $this->grantDB($name);
263 function delDB($name) {
264 $this->revokeDB($name);
265 $this->unregisterDB($name);
266 $this->dropDB($name);
268 function getNumDBs() {
269 return count($this->dbs);
271 function getTotalSize() {
272 return $this->sizeNow;
274 function isRegistered($name) {
275 if (isset($this->dbs[$name]))
276 return $this->dbs[$name]['registered'];
279 function isExists($name) {
280 if (isset($this->dbs[$name]))
281 return $this->dbs[$name]['exists'];
284 function isGranted($name) {
285 if (isset($this->dbs[$name]))
286 return $this->dbs[$name]['granted'];
290 function printOwnerHeader() {
292 echo '<td class="header2"><p></p></td>';
293 echo '<td class="header1"><p>databases:</p></td>';
294 echo '<td class="header2"><p>storage:</p></td>';
295 echo '<td class="header1"><p>modified:</p></td>';
296 // echo '<td class="header2"><p>created:</p></td>';
299 function printOwner() {
300 $obj_owner = $this->r_owner;
302 $this->printOwnerHeader();
303 echo '<td><p>status:</p></td>';
304 echo '<td><p>',$this->getNumDBs(),'</p></td>';
305 echo '<td><p>',sprintSize($this->getTotalSize()),'</p></td>';
307 echo '<td><p>limits:</p></td>';
308 echo '<td><p>',$obj_owner['maxDB'],'</p></td>';
309 echo '<td><p>',sprintSize($obj_owner['maxSize']),'</p></td>';
310 echo '<td><p>',sprintTS($obj_owner['modified']),'</p></td>';
311 // echo '<td><p>',sprintTS($obj_owner['created']),'</p></td>';
315 function printOwnerDBs($showOwner = false) {
318 echo '<td class="header1"><p>name:</p></td>';
319 echo '<td class="header2"><p>owner:</p></td>';
320 echo '<td class="header1"><p>last size:</p></td>';
321 echo '<td class="header2"><p>size:</p></td>';
322 echo '<td class="header1"><p>modified:</p></td>';
323 // echo '<td class="header2"><p>created:</p></td>';
325 foreach($rows as $name=>$r) {
327 echo '<td><p>',$name,'</p></td>';
328 echo '<td><p>',$r['owner'],'</p></td>';
329 /* echo '<td><p>',sprintSize($r['sizeMax']),'</p></td>';*/
330 echo '<td><p>',sprintSize($r['sizeLast']),'</p></td>';
331 echo '<td><p>',sprintSize($r['sizeNow']),'</p></td>';
332 echo '<td><p>',sprintTS($r['modified']),'</p></td>';
333 // echo '<td><p>',sprintTS($r['created']),'</p></td>';
335 echo '<form method="',FORM_METHOD,'"><td>';
336 echo '<input type=hidden name="op" value="',($r['exists']?'dropdb':'createdb'),'"><input type=hidden name="name" value="',$name,'">';
337 echo '<input type=submit value="',($r['exists']?'empty':'create'),'"></td></form>';
339 echo '<form method="',FORM_METHOD,'"><td>';
340 echo '<input type=hidden name="op" value="',($r['granted']?'revokedb':'grantdb'),'"><input type=hidden name="name" value="',$name,'">';
341 echo '<input type=submit value="',($r['granted']?'disable':'enable'),'"></td></form>';
343 echo '<form method="',FORM_METHOD,'"><td><input type=hidden name="op" value="deldb"><input type=hidden name="name" value="',$name,'"><input type=submit value="X"></td></form>';
350 foreach($this->dbs as $db) {
351 if (!$db['registered']) {
352 echo '<p class="err">',TEXT_FIXREG,$db['name'],'</p>';
354 $this->registerDB($db['name']);
360 function getNumMaxDBs() {
361 return $this->r_owner['maxDB'];
366 function mysqlDBList() {
367 $rs = mysql_query('SHOW DATABASES');
369 while($r = mysql_fetch_row($rs)) {
370 $dbs[$r[0]] = array();
371 $dbs[$r[0]]['registered'] = 0;
372 $dbs[$r[0]]['granted'] = 0;
373 $dbs[$r[0]]['exists'] = 1;
374 $dbs[$r[0]]['owner'] = '';
375 $dbs[$r[0]]['sizeLast'] = 0;
376 $dbs[$r[0]]['sizeNow'] = '';
377 $dbs[$r[0]]['modified'] = '';
378 $dbs[$r[0]]['created'] = '';
382 function fullDBList() {
384 $dbs = $this->mysqlDBList();
386 $rs = mysql_db_query(MANAGEDB,
388 MANAGEDBTABLE)) or exit(mysql_error());
389 while($r = mysql_fetch_assoc($rs)) {
391 $t['registered'] = 1;
393 $dbs[$r['name']] = $t;
395 mysql_free_result($rs);
397 $rs = mysql_db_query('mysql',
400 while($r = mysql_fetch_assoc($rs)) {
401 if (!isset($dbs[$r['Db']])) {
402 $dbs[$r['Db']] = array();
403 $dbs[$r['Db']]['registered'] = 0;
405 $dbs[$r['Db']]['granted'] = 1;
406 $dbs[$r['Db']]['name'] = $r['Db'];
408 mysql_free_result($rs);
410 foreach($dbs as $d1=>$d2) {
411 $size = getDBSize($d1);
412 if (is_null($size)) {
413 $dbs[$d1]['sizeNow'] = 0;
414 $dbs[$d1]['exists'] = 0;
416 $dbs[$d1]['sizeNow'] = $size;
417 //$this->sizeNow += $size;
418 $dbs[$d1]['exists'] = 1;
423 function printDBs($rows) {
424 if (ob_get_contents()) ob_end_flush();
426 echo '<td class="header1"><p>name:</p></td>';
427 echo '<td class="header2"><p>owner:</p></td>';
428 echo '<td class="header1"><p>last size:</p></td>';
429 echo '<td class="header2"><p>size:</p></td>';
430 echo '<td class="header1"><p>modified:</p></td>';
431 echo '<td class="header2"><p>created:</p></td>';
433 foreach($rows as $name=>$r) {
435 echo '<td><p>',$name,'</p></td>';
436 // echo '<td><p>',$r['owner'],'</p></td>';
437 echo '<td><p><a href="?op=admin&owner=',$r['owner'],'">',$r['owner'],'</a></p></td>';
438 /* echo '<td><p>',sprintSize($r['sizeMax']),'</p></td>';*/
439 echo '<td><p>',sprintSize($r['sizeLast']),'</p></td>';
440 echo '<td><p>',sprintSize($r['sizeNow']),'</p></td>';
441 echo '<td><p>',sprintTS($r['modified']),'</p></td>';
442 echo '<td><p>',sprintTS($r['created']),'</p></td>';
445 echo $r['exists']?'E':'';
446 echo $r['granted']?'G':'';
447 echo $r['registered']?'R':'';
450 echo '<form method="',FORM_METHOD,'"><td>';
451 echo '<input type=hidden name="op" value="',($r['exists']?'dropdb':'createdb'),'"><input type=hidden name="name" value="',$name,'">';
452 echo '<input type=submit value="',($r['exists']?'empty':'create'),'"></td></form>';
454 echo '<form method="',FORM_METHOD,'"><td>';
455 echo '<input type=hidden name="op" value="',($r['granted']?'revokedb':'grantdb'),'"><input type=hidden name="name" value="',$name,'">';
456 echo '<input type=submit value="',($r['granted']?'disable':'enable'),'"></td></form>';
458 echo '<form method="',FORM_METHOD,'"><td><input type=hidden name="op" value="deldb"><input type=hidden name="name" value="',$name,'"><input type=submit value="X"></td></form>';