--- /dev/null
+#php_value auto_prepend_file "prepend.php"
+php_value auto_append_file "global.done.php"
+#php_flag xdebug.remote_enable on
+#php_flag xdebug.remote_autostart on
+#php_value xdebug.remote_host "localhost"
+#php_value xdebug.remote_port "9000"
+
+RewriteEngine On
+RewriteBase /~administrator/mitsql/
+
+#RewriteOptions MaxRedirects=1
+
+#RewriteCond %{REQUEST_FILENAME}.php -f
+#RewriteRule ^.* do/%{REQUEST_FILENAME}
+#RewriteCond %{REQUEST_URI} !^/~administrator/mitsql/go/.+
+
+##RewriteCond %{REQUEST_URI}
+##RewriteCond %{REQUEST_FILENAME} !-s
+#RewriteRule ^do/.+$ - [L]
+
+#RewriteCond %{IS_SUBREQ} !="true"
+#RewriteRule ^.*$ do/index [R,L]
+
+##RewriteCond %{REQUEST_URI} ^.*/do/.+$
+##RewriteRule ^do/.+$ - [C]
+#RewriteRule ^do/(.+)$ $1.php [PT,L]
+
+#RewriteRule ^do/(.+)$ $1.php [L]
+
+## attempt 2
+#RewriteCond %{REQUEST_URI} !^.*/do/.+$
+#RewriteRule ^.*$ do/index [R,L]
+#
+#RewriteCond %{THE_REQUEST} ^(GET|HEAD)\ /.+\.php\ HTTP
+#RewriteRule \.php$ - [F]
+#
+##RewriteCond do/%{REQUEST_FILENAME}.php -f
+#RewriteRule ^do/(.+)$ $1.php [L]
+
+# attempt 3
+
+#RewriteRule \.php$ - [F,C]
+
+#RewriteCond %{REQUEST_URI} !^.*/do/.+$
+#RewriteRule ^.*$ do/index [R,L]
+
+#RewriteCond do/%{REQUEST_FILENAME}.php -f
+#RewriteRule ^do/(.+)$ $1.php [L]
+
+#RewriteCond %{THE_REQUEST} !^(GET|HEAD)\ /.+\.php\ HTTP
+#RewriteCond %{THE_REQUEST} ^(GET|HEAD)\ /.+mitsql/do/.+\ HTTP
+
+## REVISION 4
+
+RewriteCond %{REQUEST_URI} ^.*/mitsql/do/(.+)$
+RewriteRule ^do/(.+)$ $1.php [QSA]
+
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteRule .* do/index [R,L,QSA]
+
+# now redundant after following conditions
+#RewriteCond %{THE_REQUEST} ^(GET|HEAD)\ /.+\.php\ HTTP
+#RewriteRule .* do/index [R,L,QSA]
+
+RewriteCond %{THE_REQUEST} !^(GET|HEAD)\ /.+mitsql/do/.+\ HTTP
+RewriteCond %{REQUEST_FILENAME} !\.html$
+RewriteCond %{REQUEST_FILENAME} !\.css$
+RewriteCond %{REQUEST_FILENAME} !\.jpg$
+RewriteRule .* do/index [R,L,QSA]
--- /dev/null
+-- MySQL dump 10.9\r
+--\r
+-- Host: sql.mit.edu Database: mitsql\r
+-- ------------------------------------------------------\r
+-- Server version 4.1.11-Debian_4-log\r
+\r
+/*!40101 SET @OLD_CHARACTER_SET_CLIENT=@@CHARACTER_SET_CLIENT */;\r
+/*!40101 SET @OLD_CHARACTER_SET_RESULTS=@@CHARACTER_SET_RESULTS */;\r
+/*!40101 SET @OLD_COLLATION_CONNECTION=@@COLLATION_CONNECTION */;\r
+/*!40101 SET NAMES utf8 */;\r
+/*!40014 SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0 */;\r
+/*!40014 SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0 */;\r
+/*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' */;\r
+/*!40111 SET @OLD_SQL_NOTES=@@SQL_NOTES, SQL_NOTES=0 */;\r
+\r
+--\r
+-- Current Database: `mitsql`\r
+--\r
+\r
+CREATE DATABASE /*!32312 IF NOT EXISTS*/ `mitsql` /*!40100 DEFAULT CHARACTER SET latin1 */;\r
+\r
+USE `mitsql`;\r
+\r
+--\r
+-- Table structure for table `db`\r
+--\r
+\r
+DROP TABLE IF EXISTS `db`;\r
+CREATE TABLE `db` (\r
+ `name` varchar(255) NOT NULL default '',\r
+ `owner` varchar(255) NOT NULL default '',\r
+ `sizeMax` bigint(20) NOT NULL default '0',\r
+ `sizeLast` bigint(20) NOT NULL default '0',\r
+ `modified` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,\r
+ `created` timestamp NOT NULL default '0000-00-00 00:00:00',\r
+ PRIMARY KEY (`name`)\r
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;\r
+\r
+--\r
+-- Dumping data for table `db`\r
+--\r
+\r
+\r
+/*!40000 ALTER TABLE `db` DISABLE KEYS */;\r
+LOCK TABLES `db` WRITE;\r
+INSERT INTO `db` VALUES ('presbrey+123','presbrey',0,0,'2005-03-01 10:50:25','2005-03-01 10:50:25'),('presbrey+12','presbrey',0,0,'2005-03-01 10:50:26','2005-03-01 10:50:26'),('bgelb+db','bgelb',0,0,'2005-01-18 23:39:43','2005-01-18 23:39:43'),('presbrey+12345','presbrey',0,0,'2005-03-01 10:50:31','2005-03-01 10:50:31'),('presbrey+forum','presbrey',0,0,'2005-03-11 12:28:26','2005-03-11 12:28:26'),('test+1','test',0,0,'2005-01-25 03:25:08','2005-01-25 03:25:08'),('test+2','test',0,0,'2005-01-25 03:25:11','2005-01-25 03:25:11'),('test+3','test',0,0,'2005-01-25 03:25:14','2005-01-25 03:25:14'),('test+4','test',0,0,'2005-01-25 03:25:16','2005-01-25 03:25:16'),('test+5','test',0,0,'2005-01-25 03:25:20','2005-01-25 03:25:20'),('presbrey+1234','presbrey',0,0,'2005-03-01 10:50:23','2005-03-01 10:50:23'),('andriko+phpBB','andriko',0,0,'2005-03-11 13:27:28','2005-03-11 13:27:28'),('mrivas03+blog','mrivas03',0,0,'2005-07-10 13:25:18','2005-07-10 13:25:18');\r
+UNLOCK TABLES;\r
+/*!40000 ALTER TABLE `db` ENABLE KEYS */;\r
+\r
+--\r
+-- Table structure for table `groups`\r
+--\r
+\r
+DROP TABLE IF EXISTS `groups`;\r
+CREATE TABLE `groups` (\r
+ `owner` varchar(255) NOT NULL default '',\r
+ `group` varchar(255) NOT NULL default '',\r
+ PRIMARY KEY (`owner`)\r
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;\r
+\r
+--\r
+-- Dumping data for table `groups`\r
+--\r
+\r
+\r
+/*!40000 ALTER TABLE `groups` DISABLE KEYS */;\r
+LOCK TABLES `groups` WRITE;\r
+UNLOCK TABLES;\r
+/*!40000 ALTER TABLE `groups` ENABLE KEYS */;\r
+\r
+--\r
+-- Table structure for table `owner`\r
+--\r
+\r
+DROP TABLE IF EXISTS `owner`;\r
+CREATE TABLE `owner` (\r
+ `name` varchar(255) NOT NULL default '',\r
+ `maxDB` bigint(20) NOT NULL default '0',\r
+ `maxSize` bigint(20) NOT NULL default '0',\r
+ `modified` timestamp NOT NULL default CURRENT_TIMESTAMP on update CURRENT_TIMESTAMP,\r
+ `created` timestamp NOT NULL default '0000-00-00 00:00:00',\r
+ PRIMARY KEY (`name`)\r
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;\r
+\r
+--\r
+-- Dumping data for table `owner`\r
+--\r
+\r
+\r
+/*!40000 ALTER TABLE `owner` DISABLE KEYS */;\r
+LOCK TABLES `owner` WRITE;\r
+INSERT INTO `owner` VALUES ('bgelb',5,26214400,'2005-01-18 23:39:18','2005-01-18 23:39:18'),('presbrey',5,26214400,'2005-03-01 10:50:21','2005-03-01 10:50:21'),('test',5,1048576,'2005-01-25 03:25:03','2005-01-25 03:25:03'),('jtwang',5,26214400,'2005-03-01 12:32:30','2005-03-01 12:32:30'),('andriko',5,26214400,'2005-03-11 12:32:49','2005-03-11 12:32:49'),('melissa2',5,26214400,'2005-05-19 01:19:44','2005-05-19 01:19:44'),('mrivas03',5,26214400,'2005-07-10 12:06:24','2005-07-10 12:06:24');\r
+UNLOCK TABLES;\r
+/*!40000 ALTER TABLE `owner` ENABLE KEYS */;\r
+\r
+--\r
+-- Table structure for table `passwd`\r
+--\r
+\r
+DROP TABLE IF EXISTS `passwd`;\r
+CREATE TABLE `passwd` (\r
+ `user` varchar(255) NOT NULL default '',\r
+ `crypt` varchar(255) NOT NULL default '',\r
+ `manages` text NOT NULL,\r
+ `admin` tinyint(1) NOT NULL default '0',\r
+ PRIMARY KEY (`user`)\r
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;\r
+\r
+--\r
+-- Dumping data for table `passwd`\r
+--\r
+\r
+\r
+/*!40000 ALTER TABLE `passwd` DISABLE KEYS */;\r
+LOCK TABLES `passwd` WRITE;\r
+INSERT INTO `passwd` VALUES ('test','x4','',0);\r
+UNLOCK TABLES;\r
+/*!40000 ALTER TABLE `passwd` ENABLE KEYS */;\r
+\r
+/*!40101 SET SQL_MODE=@OLD_SQL_MODE */;\r
+/*!40014 SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS */;\r
+/*!40014 SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS */;\r
+/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;\r
+/*!40101 SET CHARACTER_SET_RESULTS=@OLD_CHARACTER_SET_RESULTS */;\r
+/*!40101 SET COLLATION_CONNECTION=@OLD_COLLATION_CONNECTION */;\r
+/*!40111 SET SQL_NOTES=@OLD_SQL_NOTES */;\r
+\r
--- /dev/null
+<?php
+
+$_NEW_DB['nBytes'] = 0;
+$_NEW_DB['dCreated'] = 'NOW()';
+$_NEW_DB['bEnabled'] = 1;
+
+$_NEW_DBQUOTA['nBytesSoft'] = 0;
+$_NEW_DBQUOTA['nBytesHard'] = 0;
+$_NEW_DBQUOTA['dCreated'] = 'NOW()';
+
+$_NEW_USER['UserId'] = '';
+$_NEW_USER['UL'] = 1;
+$_NEW_USER['dCreated'] = 'NOW()';
+$_NEW_USER['bEnabled'] = 0;
+
+$_NEW_USERQUOTA['nDatabases'] = 5;
+$_NEW_USERQUOTA['nBytesSoft'] = 26214400;
+$_NEW_USERQUOTA['nBytesHard'] = 26214400;
+$_NEW_USERQUOTA['dCreated'] = 'NOW()';
+
+$_NEW_USERSTAT['nDatabases'] = 0;
+$_NEW_USERSTAT['nBytes'] = 0;
+
+?>
--- /dev/null
+<?php
+
+require_once('mitsql.lib.php');
+
+if (isset($i_reset)) { session_destroy(); session_start(); redirect(newQS('reset')); }
+
+## SESSION VARS
+
+$timings = array();
+$UserId = 0;
+$Login = sess('Login');
+
+if (is_a($Login,'Login')) {
+ $UserId = $Login->getUserId();
+ $Name = $Login->getName();
+ $Email = $Login->getEmail();
+ $UL = $Login->getUL();
+}
+
+?>
--- /dev/null
+<?php
+
+sess('Login', $Login);
+
+echo '<pre>';
+print_r($_SESSION);
+print_r($timings);
+
+?>
- to support group sql "lockers"
*/
-if (file_exists('/mit/presbrey/web_tmp'))
- ini_set('session.save_path','/mit/presbrey/web_tmp');
-ini_set('display_errors', 1);
-ignore_user_abort(1);
-error_reporting(E_ALL);
-set_time_limit(0);
-session_start();
-if (isset($_GET['reset'])) { session_destroy(); session_start(); }
require_once('mitsql.lib.php');
-if (!isset($_SESSION['owner'])) {
- if (isset($_GET['owner'])) {
- $_SESSION['owner'] = $_GET['owner'];
- redirectLocal('/');
- }
- if (isset($_POST['owner'])) {
- $_SESSION['owner'] = $_POST['owner'];
- redirectLocal('/');
- }
- if (is_null(getSSLIdent())) {
- redirect('https://'.$_SERVER['SERVER_NAME'].$_SERVER['PHP_SELF']);
- echo '<p class="err">Your SSL certificate could not be verified, please authenticate manually below.</p>';
-// echo '<form method="',FORM_METHOD,'"><input type="text" name="owner" value="',$_SESSION['owner'],'"><input type=submit value="owner"></form>';
- echo '<p>(This will be fixed when I do group locker SQL support)</p>';
- } else {
- $_SESSION['owner'] = getSSLIdent();
- }
-}
-if (isset($_SESSION['realuser'])) {
- $realuser = $_SESSION['realuser'];
-} else $realuser = null;
+isLoggedIn() || redirect('login');
+
+redirect('main');
-ob_start();
-include('style.inc');
+exit;
if (isset($_SESSION['owner'])) {
$owner = $_SESSION['owner'];
$dbm = new DBManage($owner);
-} else exit;
?><p><h2>SQL Databases: <?php echo $owner; ?></h2><?php
if (isset($realuser)) {
?></p><?php
$inputvars = array('initpw', 'op', 'name', 'owner');
-foreach($inputvars as $i) {
- $newvar = 'i_'.$i;
- $$newvar = isset($_GET[$i]) ? $_GET[$i] : null;
-}
if (isset($i_op)) {
switch($i_op) {
<address>MIT SQL Service Management v<?php echo VERSION; ?><br />
Direct comments and bugs to: <a href="mailto:presbrey@mit.edu">presbrey@mit.edu</a></address></div>
<?php
- //ob_flush();
+}
?>
--- /dev/null
+<?php
+
+require_once('joe.lib.php');
+
+function DBMaster($sql) {
+ sessTime($sql);
+ $res = mysql_query($sql);
+ sessTime();
+ return $res;
+}
+function DBSlave($sql) {
+ sessTime($sql);
+ $res = mysql_query($sql);
+ sessTime();
+ return $res;
+}
+
+function DBSelect($sql) { return DBSlave($sql); }
+function DBInsert($sql) { DBMaster($sql); return mysql_insert_id(); }
+function DBUpdate($sql) { DBMaster($sql); }
+function DBDelete($sql) { DBMaster($sql); }
+function DBGrant($sql) { DBMaster($sql); }
+function DBRevoke($sql) { DBMaster($sql); }
+function DBSet($sql) { DBMaster($sql); }
+function DBShow($sql) { return DBSlave($sql); }
+
+function calcDBSize($tdb) {
+ $sql_result = "SHOW TABLE STATUS FROM `" .mysql_escape_string($tdb)."`";
+// $result = @mysql_db_query($tdb,$sql_result);
+ $result = DBShow($sql_result);
+
+ if($result) {
+ $size = 0;
+ while ($data = mysql_fetch_array($result)) {
+ $size += $data["Data_length"] + $data["Index_length"];
+ }
+ mysql_free_result($result);
+ return $size;
+ }
+ else {
+ return null;
+ }
+}
+
+?>
--- /dev/null
+<?php
+
+## FORMATTING FUNCTIONS
+
+function sprintSize($bytes, $float=2) {
+ if (is_null($bytes)) return null;
+ $kb = round($bytes / 1024, $float);
+ $mb = round($bytes / 1024 / 1024, $float);
+ $gb = round($bytes / 1024 / 1024 / 1024, $float);
+
+ return ($bytes<1||$kb<1?$bytes.' B':($mb<1?$kb.' KB':($gb<1?$mb.' MB':$gb.' GB')));
+}
+
+function sprintTS($timestamp) {
+ return substr($timestamp,0,4).
+ '-'.substr($timestamp,4,2).
+ '-'.substr($timestamp,6,2).
+ ' '.substr($timestamp,8,2).
+ ':'.substr($timestamp,10,2).
+ ':'.substr($timestamp,12,2);
+}
+
+?>
--- /dev/null
+<?php
+/*
+ (c) 2005 Joe Presbrey
+ joepresbrey@gmail.com
+
+ ATTN: This library was assembled and completed in its entirety independent of
+ any and all corporate projects and/or work environ.
+
+ You may NOT use this library elsewhere!
+
+*/
+
+function isPost() {
+ if($_SERVER['REQUEST_METHOD'] == 'POST') {
+ return true;
+ } else {
+ return false;
+ }
+}
+function isFormPost() { return isPost(); }
+
+function isSess($id) {
+ return isset($_SESSION[$id]);
+}
+
+function sess($id,$val=null) {
+ if (is_null($val)) {
+ return (isSess($id)?$_SESSION[$id]:null);
+ } elseif (empty($val)) {
+ unset($_SESSION[$id]);
+ } else {
+ $prev = sess($id);
+ $_SESSION[$id] = $val;
+ return $prev;
+ }
+}
+
+function stopSess() {
+ $sid[] = session_id();
+ @session_destroy();
+ session_start();
+ $sid[] = session_id();
+ session_regenerate_id();
+ $sid[] = session_id();
+ session_write_close();
+ @session_destroy();
+
+ foreach($sid as $id) {
+ @unlink(session_save_path().'/sess_'.$id);
+ }
+}
+
+function sessTime($query=null) {
+ global $timingc;
+ global $timings;
+
+ if(!isset($timings)) {
+ $timings = array();
+ }
+
+ if (!isset($timingc) || empty($timingc)) {
+ $timingc = 1;
+ } elseif (!is_null($query)) {
+ $current = $timingc;
+ $timingc = ++$current;
+ }
+ $key = $timingc;
+
+ if (is_null($query)) {
+ $timings[$key]['time'] = microtime(true)-$timings[$key]['time'];
+ return true;
+ } else {
+ $timings[$key] = array();
+ $timings[$key]['time'] = microtime(true);
+ $timings[$key]['query'] = $query;
+ return false;
+ }
+}
+
+function fetchRows($rs, $key = null) {
+ /* ask me how to use this if its not obvious ~ Joe */
+ if (!$rs) return array();
+ $kn = is_null($key);
+ $n = mysql_num_rows($rs);
+ if ($n > 0) {
+ $arr = array();
+ if (is_null($key)) {
+ while ($r = mysql_fetch_assoc($rs)) {
+ $arr[] = $r;
+ }
+ } elseif (is_numeric($key)) {
+ while ($r = mysql_fetch_row($rs)) {
+ $arr[$r[$key]] = $r;
+ }
+ } else {
+ while ($r = mysql_fetch_assoc($rs)) {
+ $arr[$r[$key]] = $r;
+ }
+ }
+ mysql_free_result($rs);
+ return $arr;
+ } else {
+ mysql_free_result($rs);
+ return array();
+ }
+}
+
+function printErrors($errArray) {
+ if (isset($errArray) && count($errArray)) {
+ echo '<ul style="color:red;">';
+ foreach($errArray as $err) {
+ echo '<li style="color:red;"><p>',$err,'</p></li>';
+ }
+ echo '</ul>';
+ }
+}
+
+function buildSQLSet($fields, $values=null) {
+ $ex = array('NOW()','NULL');
+ $sql = 'SET';
+ $c = 0;
+ if (!is_null($values)) {
+ foreach($fields as $field) {
+ if ($c++) $sql .= ',';
+ $sql .= " `$field`='".mysql_escape_string(array_shift($values))."'";
+ }
+ } else {
+ foreach($fields as $field=>$value) {
+ if ($c++) $sql .= ',';
+ if (in_array($value,$ex)) {
+ $sql .= " `$field`= $value";
+ } else {
+ $sql .= " `$field`='".mysql_escape_string($value)."'";
+ }
+ }
+ }
+ return $sql;
+}
+
+function buildSQLInsert($array, $table=null) {
+ $ex = array('NOW()','NULL');
+ $sql = '(';
+ $c = 0;
+ foreach($array as $field=>$value) {
+ if ($c++) $sql .= ',';
+ $sql .= " `$field` ";
+ }
+ $sql .= ') VALUES (';
+ $c = 0;
+ foreach($array as $field=>$value) {
+ $v = mysql_escape_string($value);
+ if ($c++) $sql .= ',';
+ if (in_array($v, $ex))
+ $sql .= " $v ";
+ else
+ $sql .= " '$v' ";
+ }
+ $sql .= ')';
+ return (is_null($table)?$sql:('INSERT INTO `'.$table.'` '.$table));
+}
+
+function build_str($query_array) {
+ $query_string = array();
+ foreach ($query_array as $k => $v) {
+ $new = $k;
+ if (strlen($v))
+ $new .= '='.$v;
+ $query_string[] = $new;
+ }
+ return join('&', $query_string);
+}
+
+function newQS($key, $val=null) {
+ /*
+ parse_str($_SERVER['QUERY_STRING'], $arr);
+ $arr[$key] = $val;
+ return '?'.build_str($arr);
+ */
+ return newQSA(array($key=>$val));
+}
+
+function newQSA($array=array()) {
+ parse_str($_SERVER['QUERY_STRING'], $arr);
+ $s = count($arr);
+ foreach($array as $key=>$val) {
+ $arr[$key] = $val;
+ if (is_null($val))
+ unset($arr[$key]);
+ }
+ return (count($arr)||$s)?'?'.build_str($arr):'';
+}
+
+function formQSA($array=array()) {
+ if (!count($array)) $array = $_SERVER['QUERY_STRING'];
+ parse_str($array, $arr);
+ $text = '';
+ foreach($arr as $key=>$val) {
+ $text .= sprintf('<input type="hidden" name="%s" value="%s">', $key, $val);
+ }
+ return $text;
+}
+
+?>
--- /dev/null
+<?php
+/*
+ mitsql.lib.php
+ (c) 2005 Joe Presbrey
+ written for SIPB/MIT SQL service
+*/
+
+require_once('joe.lib.php');
+require_once('dbaccess.lib.php');
+
+require_once('mitsql.cfg.php');
+require_once('security.lib.php');
+
+require_once('display.lib.php');
+
+if (isset($_SERVER['REQUEST_URI'])) {
+ //$thisPath=pathinfo($_SERVER['REQUEST_URI']);
+ //session_set_cookie_params(0, $thisPath['dirname']);
+ session_set_cookie_params(0, $BASE_URL);
+ session_start();
+ define('INTERACTIVE', 1);
+} else {
+ define('INTERACTIVE', 0);
+}
+
+INTERACTIVE && require_once('global.act.php');
+
+?>
--- /dev/null
+<?php
+
+require_once('mitsql.lib.php');
+
+class Login {
+ var $info;
+ function Login($u, $p=null) {
+ $opt = is_null($p)?'':sprintf(" AND Password='%s' ", mysql_escape_string(base64_encode($p)));
+ $sql = sprintf("SELECT UserId, Username, Name, Email, UL, bEnabled
+ FROM User
+ WHERE Username = '%s'
+ $opt",
+ mysql_escape_string($u));
+ $r = fetchRows(DBSelect($sql),'UserId');
+ $this->info = count($r)?array_shift($r):null;
+ }
+ function exists() {
+ return !is_null($this->info);
+ }
+ function isValid() {
+ return $this->isEnabled() && $this->getUL()>0;
+ }
+ function isEnabled() {
+ return $this->exists() && $this->info['bEnabled']==1;
+ }
+ function getUserId() {
+ return $this->exists() && $this->info['UserId'];
+ }
+ function getUsername() {
+ return $this->exists() && $this->info['Username'];
+ }
+ function getName() {
+ return $this->exists() && $this->info['Name'];
+ }
+ function getEmail() {
+ return $this->exists() && $this->info['Email'];
+ }
+ function getUL() {
+ return $this->exists() && $this->info['UL'];
+ }
+ function expire() {
+ $this->info = null;
+ }
+ function refresh() {
+ $this->Login($this->getUsername());
+ }
+ function update($name=null,$email=null) {
+ if (!$this->exists()) return;
+ $arr = array();
+ is_null($name) || $arr['Name'] = $name;
+ is_null($email) || $arr['Email'] = $email;
+ $sql = sprintf("UPDATE User %s WHERE UserId = '%s'",
+ buildSQLSet($arr), mysql_escape_string($this->getUserId()));
+ DBUpdate($sql);
+ }
+}
+
+
+function isLoggedIn($aLogin=null) {
+ if (is_null($aLogin)) {
+ global $Login;
+ $aLogin = $Login;
+ }
+ return !empty($aLogin) && is_a($aLogin, 'Login') && $aLogin->isValid();
+}
+
+function isSSL() {
+ return $_SERVER['SERVER_PORT'] == 443;
+}
+
+function getSSLCert() {
+ if (DEVEL && file_exists('.forceauth')) {
+ $fu = explode('|',file_get_contents('.forceauth'));
+ $name = $fu[0];
+ $email = $fu[1];
+ } else {
+ $name = isset($_SERVER['SSL_CLIENT_S_DN_CN'])?$_SERVER['SSL_CLIENT_S_DN_CN']:null;
+ $email = isset($_SERVER['SSL_CLIENT_S_DN_Email'])?$_SERVER['SSL_CLIENT_S_DN_Email']:null;
+ }
+ if (!is_null($email)) {
+ $user = explode('@',$email);
+ $user = $user[0];
+ return array('Username'=>$user, 'Name'=>$name, 'Email'=>$email);
+ } else {
+ return null;
+ }
+}
+
+## 302 REDIRECTS
+
+function redirect($target=NULL) {
+ $base = (is_null($target)||substr($target,0,1)=='?')?$_SERVER['REDIRECT_URL']:(dirname($_SERVER['REDIRECT_URL']).'/');
+ redirectFull(is_null($target)?$base:($base.$target));
+}
+function redirectFull($target) {
+ redirect2((isSSL()?'https://':'http://').$_SERVER['SERVER_NAME'].$target);
+}
+function redirect2($target) {
+ header('Location: '.$target);
+ exit;
+}
+
+## USER SCRIPTS
+
+function addUser($sslCredentials) {
+ global $_NEW_USER;
+ $arr = array_merge($sslCredentials, $_NEW_USER);
+ $sql = sprintf("INSERT INTO User %s",
+ buildSQLInsert($arr));
+ return DBInsert($sql);
+}
+
+?>
--- /dev/null
+<?php
+
+require_once('mitsql.cfg.php');
+require_once('mitsql.lib.php');
+
+if (isPost() && isSSL()) {
+ $cred = getSSLCert();
+ if (count($cred)) {
+ $Login = new Login($cred['Username']);
+ if (!$Login->exists()) {
+ addUser($cred);
+ $Login->refresh();
+ }
+ } else {
+ $err[] = 'Your SSL certificate failed to identify you.';
+ }
+} elseif (isPost()) {
+} elseif (isSSL()) {
+ require('tpl/login_ssl.php');
+} else {
+}
+
+if (isLoggedIn())
+ redirect('main');
+
+?>
--- /dev/null
+<?php
+/*
+ mitsql.cfg.php
+ (c) 2005 Joe Presbrey
+ written for SIPB/MIT SQL service
+*/
+
+define('DEBUG', 0);
+define('DEVEL', 1);
+define('VERSION', '0.2-dev');
+
+define('DELIMETER', '+');
+
+define('HOST', 'localhost');
+define('ADMINUSER', 'root');
+//define('ADMINPASS', base64_decode('TXlCZWF0c1Bvc3RA'));
+define('ADMINPASS', '');
+define('ADMINDB', 'mitsql');
+
+set_time_limit(0);
+ignore_user_abort(1);
+import_request_variables('cgp', 'i_');
+DEVEL && ini_set('display_errors', 1);
+DEVEL && error_reporting(E_ALL);
+set_include_path(get_include_path() . PATH_SEPARATOR . 'lib/');
+
+require_once('defaults.cfg.php');
+
+$BASE_URL = isset($_SERVER['SCRIPT_NAME'])?dirname($_SERVER['SCRIPT_NAME']).'/':'';
+
+$cxn = mysql_connect(HOST, ADMINUSER, ADMINPASS);
+mysql_select_db(ADMINDB,$cxn);
+
+?>
+++ /dev/null
-<?php
-/* mitsql.lib.php
- (c) 2005 Joe Presbrey
- written for beta SIPB/MIT SQL service in conjunction with scripts.mit.edu
-*/
-
-define('DEBUG', 0);
-define('VERSION', '0.1beta');
-
-define('DEFAULT_MAX_DBS', 5);
-define('DEFAULT_MAX_SIZE', 26214400);
-define('DEFAULT_MAX_DB_SIZE', 0);
-
-define('FORM_METHOD', 'GET');
-
-define('PASS_MIN_LEN', 4);
-define('DELIMETER', '+');
-
-define('TEXT_NOREG', 'Your account is not registered with this utility.');
-define('TEXT_DBLIMIT', 'You\'ve reached your database limit.');
-define('TEXT_FIXREG', 'Fixing database registration for: ');
-define('TEXT_NOTREG', 'Database operations are allowed only for those registered to your account.');
-define('TEXT_REGPASSTOOSHORT', 'Your SQL password must be at least '.PASS_MIN_LEN.' characters.');
-
-define('HOST', 'sql.mit.edu');
-define('ADMINUSER', 'root');
-//define('ADMINPASS', 'b6808ded2');
-define('ADMINPASS', 'MyBeatsPost@');
-//define('ADMINPASS', base64_decode('YjY4MDhkZWQy'));
-define('MANAGEDB', 'mitsql');
-define('MANAGEDBTABLE', 'db');
-define('MANAGEOWNERTABLE', 'owner');
-
-define('SQLSELECT', 'SELECT * FROM %s');
-define('SQLSELECTWHERE', 'SELECT * FROM %s WHERE %s');
-define('SQLSELECT1WHERE', 'SELECT * FROM %s WHERE %s LIMIT 1');
-define('SQLINSERT', 'INSERT INTO %s VALUES (%s)');
-define('SQLDELETE', 'DELETE FROM %s WHERE %s');
-define('SQLDELETE1', 'DELETE FROM %s WHERE %s LIMIT 1');
-
-$cxn = mysql_connect(HOST, ADMINUSER, ADMINPASS);
-
-function redirectLocal($target) {
- $dir = dirname($_SERVER['PHP_SELF'])=='/'?'':dirname($_SERVER['PHP_SELF']);
- redirectFull($dir.$target);
-}
-function redirectFull($target) {
- $ssl = $_SERVER['SERVER_PORT'] == 443 ? true : false;
- redirect(($ssl?'https://':'http://').$_SERVER['SERVER_NAME'].$target);
-}
-function redirect($target) {
- if (ob_get_contents()) ob_end_clean();
- header('Location: '.$target);
- exit;
-}
-
-function sprintSize($bytes, $float=2) {
- if (is_null($bytes)) return null;
- $kb = round($bytes / 1024, $float);
- $mb = round($bytes / 1024 / 1024, $float);
- $gb = round($bytes / 1024 / 1024 / 1024, $float);
-
- return ($bytes<1||$kb<1?$bytes.' B':($mb<1?$kb.' KB':($gb<1?$mb.' MB':$gb.' GB')));
-}
-
-function sprintTS($timestamp) {
- return substr($timestamp,0,4).
- '-'.substr($timestamp,4,2).
- '-'.substr($timestamp,6,2).
- ' '.substr($timestamp,8,2).
- ':'.substr($timestamp,10,2).
- ':'.substr($timestamp,12,2);
-}
-
-function getDBSize($tdb) {
- mysql_select_db($tdb);
-
- $sql_result = "SHOW TABLE STATUS FROM `" .mysql_escape_string($tdb)."`";
- $result = @mysql_query($sql_result);
-
- if($result) {
- $size = 0;
- while ($data = mysql_fetch_array($result)) {
- $size += $data["Data_length"] + $data["Index_length"];
- }
- return $size;
- }
- else {
- return null;
- }
-}
-
-function getSSLIdent() {
- if (isset($_SERVER['SSL_CLIENT_S_DN_Email'])) {
- $sslemail = $_SERVER['SSL_CLIENT_S_DN_Email'];
- $ssluser = explode('@',$sslemail);
- $ssluser = $ssluser[0];
- return $ssluser;
- } else {
- return null;
- }
-}
-
-class DBManage {
- var $username = "", $dbs;
- var $r_owner;
- var $sizeNow = 0;
-
- function DBManage($username = "") {
- if (!empty($username)) {
- $this->username = $username;
- $this->load();
- if ($this->fix())
- $this->load();
- }
- }
- function load() {
- $rs = mysql_db_query(MANAGEDB,
- sprintf(SQLSELECT1WHERE,
- MANAGEOWNERTABLE,
- 'name="'.mysql_escape_string($this->username).'"'));
- //or exit(mysql_error());
- while($r = mysql_fetch_assoc($rs)) {
- $this->r_owner = $r;
- }
- mysql_free_result($rs);
-
- $dbs = array();
-
- $rs = mysql_db_query(MANAGEDB,
- sprintf(SQLSELECTWHERE,
- MANAGEDBTABLE,
- 'owner="'.mysql_escape_string($this->username).'" ORDER BY name')) or exit(mysql_error());
- while($r = mysql_fetch_assoc($rs)) {
- $t = $r;
- $t['registered'] = 1;
- $t['granted'] = 0;
- $dbs[$r['name']] = $t;
- }
- mysql_free_result($rs);
-
- $rs = mysql_db_query('mysql',
- sprintf(SQLSELECTWHERE,
- MANAGEDBTABLE,
- 'User="'.mysql_escape_string($this->username).'" ORDER BY Db'));
- while($r = mysql_fetch_assoc($rs)) {
- if (!isset($dbs[$r['Db']])) {
- $dbs[$r['Db']] = array();
- $dbs[$r['Db']]['registered'] = 0;
- }
- $dbs[$r['Db']]['granted'] = 1;
- $dbs[$r['Db']]['name'] = $r['Db'];
- }
- mysql_free_result($rs);
-
- foreach($dbs as $d1=>$d2) {
- $size = getDBSize($d1);
- if (is_null($size)) {
- $dbs[$d1]['sizeNow'] = 0;
- $dbs[$d1]['exists'] = 0;
- } else {
- $dbs[$d1]['sizeNow'] = $size;
- $this->sizeNow += $size;
- $dbs[$d1]['exists'] = 1;
- }
- }
- $this->dbs = $dbs;
- }
- function isInit() {
- return !is_null($this->r_owner);
- }
- function grantDB($dbname) {
- mysql_query('GRANT ALL PRIVILEGES ON '
- .'`'.mysql_escape_string($dbname).'` . * '
- .'TO \''.mysql_escape_string($this->username).'\'@\'%\'') or exit(mysql_error());
- $this->flushPriv();
- }
- function flushPriv() {
- mysql_query('FLUSH PRIVILEGES') or exit(mysql_error());
- }
- function revokeDB($dbname) {
- mysql_db_query('mysql',
- 'DELETE FROM `db` WHERE '
- .'User = \''.mysql_escape_string($this->username).'\' '
- .'AND Db = \''.mysql_escape_string($dbname).'\'') or exit(mysql_error());
- $this->flushPriv();
- }
- function setPassword($password) {
- mysql_query('SET PASSWORD FOR '.
- '\''.mysql_escape_string($this->username).'\'@\'%\'='.
- 'PASSWORD(\''.mysql_escape_string($password).'\')') or exit(mysql_error());
- }
- function init($password, $maxDBs = DEFAULT_MAX_DBS, $maxSize = DEFAULT_MAX_SIZE) {
- mysql_query('GRANT USAGE ON * . * TO '.
- '\''.mysql_escape_string($this->username).'\'@\'%\' '.
- 'IDENTIFIED BY \''.mysql_escape_string($password).'\'') or exit(mysql_error());
- $this->flushPriv();
- mysql_db_query(MANAGEDB,
- sprintf(SQLINSERT,
- MANAGEOWNERTABLE,
- sprintf("'%s','%s','%s',NOW(),NOW()",
- mysql_escape_string($this->username),
- $maxDBs,
- $maxSize))) or exit(mysql_error());
- }
- function uninit() {
- mysql_db_query('mysql',
- 'DELETE FROM `user` WHERE '
- .'User = \''.mysql_escape_string($this->username).'\'') or exit(mysql_error());
- mysql_db_query('mysql',
- 'DELETE FROM `db` WHERE '
- .'User = \''.mysql_escape_string($this->username).'\'') or exit(mysql_error());
- mysql_db_query('mysql',
- 'DELETE FROM `tables_priv` WHERE '
- .'User = \''.mysql_escape_string($this->username).'\'') or exit(mysql_error());
- mysql_db_query('mysql',
- 'DELETE FROM `columns_priv` WHERE '
- .'User = \''.mysql_escape_string($this->username).'\'') or exit(mysql_error());
- mysql_query('FLUSH PRIVILEGES') or exit(mysql_error());
-
- mysql_db_query(MANAGEDB,
- sprintf(SQLDELETE,
- MANAGEDBTABLE,
- 'owner=\''.mysql_escape_string($this->username).'\'')) or exit(mysql_error());
-
- foreach($this->dbs as $db)
- $this->dropDB($db['name']);
-
- mysql_db_query(MANAGEDB,
- sprintf(SQLDELETE1,
- MANAGEOWNERTABLE,
- 'name=\''.mysql_escape_string($this->username).'\'')) or exit(mysql_error());
- }
- function registerDB($name, $maxSize = DEFAULT_MAX_DB_SIZE) {
- mysql_db_query(MANAGEDB,
- sprintf(SQLINSERT,
- MANAGEDBTABLE,
- sprintf("'%s','%s','%s','',NOW(),NOW()",
- mysql_escape_string($name),
- mysql_escape_string($this->username),
- $maxSize))) or exit(mysql_error());
- }
- function unregisterDB($name) {
- mysql_db_query(MANAGEDB,
- sprintf(SQLDELETE1,
- MANAGEDBTABLE,
- 'name="'.mysql_escape_string($name).'"')) or exit(mysql_error());
- }
- function createDB($name) {
- @mysql_create_db($name);
- }
- function dropDB($name) {
- @mysql_drop_db($name);
- }
- function addDB($name) {
- if (!$this->isExists($name))
- $this->createDB($name);
- if (!$this->isRegistered($name))
- $this->registerDB($name);
- if (!$this->isGranted($name))
- $this->grantDB($name);
- }
- function delDB($name) {
- $this->revokeDB($name);
- $this->unregisterDB($name);
- $this->dropDB($name);
- }
- function getNumDBs() {
- return count($this->dbs);
- }
- function getTotalSize() {
- return $this->sizeNow;
- }
- function isRegistered($name) {
- if (isset($this->dbs[$name]))
- return $this->dbs[$name]['registered'];
- else return false;
- }
- function isExists($name) {
- if (isset($this->dbs[$name]))
- return $this->dbs[$name]['exists'];
- else return false;
- }
- function isGranted($name) {
- if (isset($this->dbs[$name]))
- return $this->dbs[$name]['granted'];
- else return false;
- }
-
- function printOwnerHeader() {
- echo '<th><tr>';
- echo '<td class="header2"><p></p></td>';
- echo '<td class="header1"><p>databases:</p></td>';
- echo '<td class="header2"><p>storage:</p></td>';
- echo '<td class="header1"><p>modified:</p></td>';
-// echo '<td class="header2"><p>created:</p></td>';
- echo '</tr></th>';
- }
- function printOwner() {
- $obj_owner = $this->r_owner;
- echo '<table>';
- $this->printOwnerHeader();
- echo '<td><p>status:</p></td>';
- echo '<td><p>',$this->getNumDBs(),'</p></td>';
- echo '<td><p>',sprintSize($this->getTotalSize()),'</p></td>';
- echo '</tr><tr>';
- echo '<td><p>limits:</p></td>';
- echo '<td><p>',$obj_owner['maxDB'],'</p></td>';
- echo '<td><p>',sprintSize($obj_owner['maxSize']),'</p></td>';
- echo '<td><p>',sprintTS($obj_owner['modified']),'</p></td>';
-// echo '<td><p>',sprintTS($obj_owner['created']),'</p></td>';
- echo '</tr>';
- echo '</table>';
- }
- function printOwnerDBs($showOwner = false) {
- $rows = $this->dbs;
- echo '<th><tr>';
- echo '<td class="header1"><p>name:</p></td>';
- echo '<td class="header2"><p>owner:</p></td>';
- echo '<td class="header1"><p>last size:</p></td>';
- echo '<td class="header2"><p>size:</p></td>';
- echo '<td class="header1"><p>modified:</p></td>';
-// echo '<td class="header2"><p>created:</p></td>';
- echo '</tr></th>';
- foreach($rows as $name=>$r) {
- echo '<tr>';
- echo '<td><p>',$name,'</p></td>';
- echo '<td><p>',$r['owner'],'</p></td>';
- /* echo '<td><p>',sprintSize($r['sizeMax']),'</p></td>';*/
- echo '<td><p>',sprintSize($r['sizeLast']),'</p></td>';
- echo '<td><p>',sprintSize($r['sizeNow']),'</p></td>';
- echo '<td><p>',sprintTS($r['modified']),'</p></td>';
-// echo '<td><p>',sprintTS($r['created']),'</p></td>';
-
- echo '<form method="',FORM_METHOD,'"><td>';
- echo '<input type=hidden name="op" value="',($r['exists']?'dropdb':'createdb'),'"><input type=hidden name="name" value="',$name,'">';
- echo '<input type=submit value="',($r['exists']?'empty':'create'),'"></td></form>';
-
- echo '<form method="',FORM_METHOD,'"><td>';
- echo '<input type=hidden name="op" value="',($r['granted']?'revokedb':'grantdb'),'"><input type=hidden name="name" value="',$name,'">';
- echo '<input type=submit value="',($r['granted']?'disable':'enable'),'"></td></form>';
-
- echo '<form method="',FORM_METHOD,'"><td><input type=hidden name="op" value="deldb"><input type=hidden name="name" value="',$name,'"><input type=submit value="X"></td></form>';
- echo '</tr>';
- flush();
- }
- }
- function fix() {
- $fixed = false;
- foreach($this->dbs as $db) {
- if (!$db['registered']) {
- echo '<p class="err">',TEXT_FIXREG,$db['name'],'</p>';
- flush();
- $this->registerDB($db['name']);
- $fixed = true;
- }
- }
- return $fixed;
- }
- function getNumMaxDBs() {
- return $this->r_owner['maxDB'];
- }
-}
-
-class DBAdmin {
- function mysqlDBList() {
- $rs = mysql_query('SHOW DATABASES');
- $dbs = array();
- while($r = mysql_fetch_row($rs)) {
- $dbs[$r[0]] = array();
- $dbs[$r[0]]['registered'] = 0;
- $dbs[$r[0]]['granted'] = 0;
- $dbs[$r[0]]['exists'] = 1;
- $dbs[$r[0]]['owner'] = '';
- $dbs[$r[0]]['sizeLast'] = 0;
- $dbs[$r[0]]['sizeNow'] = '';
- $dbs[$r[0]]['modified'] = '';
- $dbs[$r[0]]['created'] = '';
- }
- return $dbs;
- }
- function fullDBList() {
- //$dbs = array();
- $dbs = $this->mysqlDBList();
-
- $rs = mysql_db_query(MANAGEDB,
- sprintf(SQLSELECT,
- MANAGEDBTABLE)) or exit(mysql_error());
- while($r = mysql_fetch_assoc($rs)) {
- $t = $r;
- $t['registered'] = 1;
- $t['granted'] = 0;
- $dbs[$r['name']] = $t;
- }
- mysql_free_result($rs);
-
- $rs = mysql_db_query('mysql',
- sprintf(SQLSELECT,
- MANAGEDBTABLE));
- while($r = mysql_fetch_assoc($rs)) {
- if (!isset($dbs[$r['Db']])) {
- $dbs[$r['Db']] = array();
- $dbs[$r['Db']]['registered'] = 0;
- }
- $dbs[$r['Db']]['granted'] = 1;
- $dbs[$r['Db']]['name'] = $r['Db'];
- }
- mysql_free_result($rs);
-
- foreach($dbs as $d1=>$d2) {
- $size = getDBSize($d1);
- if (is_null($size)) {
- $dbs[$d1]['sizeNow'] = 0;
- $dbs[$d1]['exists'] = 0;
- } else {
- $dbs[$d1]['sizeNow'] = $size;
- //$this->sizeNow += $size;
- $dbs[$d1]['exists'] = 1;
- }
- }
- return $dbs;
- }
- function printDBs($rows) {
- if (ob_get_contents()) ob_end_flush();
- echo '<th><tr>';
- echo '<td class="header1"><p>name:</p></td>';
- echo '<td class="header2"><p>owner:</p></td>';
- echo '<td class="header1"><p>last size:</p></td>';
- echo '<td class="header2"><p>size:</p></td>';
- echo '<td class="header1"><p>modified:</p></td>';
- echo '<td class="header2"><p>created:</p></td>';
- echo '</tr></th>';
- foreach($rows as $name=>$r) {
- echo '<tr>';
- echo '<td><p>',$name,'</p></td>';
-// echo '<td><p>',$r['owner'],'</p></td>';
- echo '<td><p><a href="?op=admin&owner=',$r['owner'],'">',$r['owner'],'</a></p></td>';
- /* echo '<td><p>',sprintSize($r['sizeMax']),'</p></td>';*/
- echo '<td><p>',sprintSize($r['sizeLast']),'</p></td>';
- echo '<td><p>',sprintSize($r['sizeNow']),'</p></td>';
- echo '<td><p>',sprintTS($r['modified']),'</p></td>';
- echo '<td><p>',sprintTS($r['created']),'</p></td>';
-
- echo '<td><pre>';
- echo $r['exists']?'E':'';
- echo $r['granted']?'G':'';
- echo $r['registered']?'R':'';
- echo '</pre></td>';
-
- echo '<form method="',FORM_METHOD,'"><td>';
- echo '<input type=hidden name="op" value="',($r['exists']?'dropdb':'createdb'),'"><input type=hidden name="name" value="',$name,'">';
- echo '<input type=submit value="',($r['exists']?'empty':'create'),'"></td></form>';
-
- echo '<form method="',FORM_METHOD,'"><td>';
- echo '<input type=hidden name="op" value="',($r['granted']?'revokedb':'grantdb'),'"><input type=hidden name="name" value="',$name,'">';
- echo '<input type=submit value="',($r['granted']?'disable':'enable'),'"></td></form>';
-
- echo '<form method="',FORM_METHOD,'"><td><input type=hidden name="op" value="deldb"><input type=hidden name="name" value="',$name,'"><input type=submit value="X"></td></form>';
- echo '</tr>';
- flush();
- }
- }
-}
<?php
-echo base64_encode('b6808ded2');
+require_once('mitsql.cfg.php');
+require_once('mitsql.lib.php');
+
+/*
+include 'phpinfo.php';
+exit;
+*/
+
+$thisPath=pathinfo($_SERVER['SCRIPT_NAME']);
+
+session_set_cookie_params(0, $thisPath['dirname']);
+@session_start();
+
+if (isSess('i')) {
+ sess('i', sess('i')+1);
+} else {
+ echo sess('i', 1);
+}
--- /dev/null
+<div id="footer"><hr><address>MIT SQL Service Management v<?php echo VERSION; ?><br />
+Direct comments and bugs to: <a href="mailto:presbrey@mit.edu">presbrey@mit.edu</a></address></div>
+</body>
+</html>
--- /dev/null
+<html>
+<head>
+ <title>MIT SQL Services for Athena</title>
+ <link rel=stylesheet href="<?=$BASE_URL?>mitsql.css" type="text/css">
+</head>
+
+<body>
--- /dev/null
+<?php
+include 'head.inc';
+
+
+
+include 'foot.inc';
+?>
--- /dev/null
+<?php
+include 'head.inc';
+?>
+
+<?=$Name?><br />
+<?=$Username?><br />
+<form method=post>
+<input type=submit value="Login with Certificates">
+</form>
+
+<?php
+include 'foot.inc';
+?>