require_once('mitsql.lib.php');
class Login {
- var $u, $p;
+ var $id, $u, $p;
var $info;
function Login($u, $p=null) {
if (empty($u)) return;
- $this->u = $u;
+ $this->u = $u;
$this->p = $p;
- $opt = sprintf(" Username = '%s'", mysql_escape_string($u));
- $opt .= (is_null($p)?'':sprintf(" AND Password='%s'", mysql_escape_string(base64_encode($p))));
- is_numeric($u) && $opt = sprintf(" UserId = '%s'", mysql_escape_string($u));
+ if (is_numeric($u)) {
+ $this->id = $u;
+ $opt = sprintf(" UserId = '%s'", mysql_escape_string($u));
+ } else {
+ $opt = sprintf(" Username = '%s'", mysql_escape_string($u));
+ $opt .= (is_null($p)?'':sprintf(" AND Password='%s'", mysql_escape_string(base64_encode($p))));
+ }
$sql = sprintf("SELECT UserId, Username, Name, Email, UL, bEnabled
FROM User
WHERE %s", $opt);
$r = fetchRows(DBSelect($sql),'UserId');
- $this->info = count($r)?array_shift($r):$r;
- }
+ $this->info = count($r)?array_shift($r):$r;
+ }
function exists() {
return count($this->info);
}
$this->info = null;
}
function refresh() {
- $this->Login($this->u,$this->p);
+ if (!empty($this->id)) {
+ $this->Login($this->id);
+ } else {
+ $this->Login($this->u,$this->p);
+ }
}
function update($name=null,$email=null) {
if (!$this->exists()) return;
if ($email == $this->getEmail()) $email = null;
is_null($name) || $arr['Name'] = $name;
is_null($email) || $arr['Email'] = $email;
- $upd = buildSQLSet($arr);
+ $upd = buildSQLSet($arr);
$sql = sprintf("UPDATE User %s WHERE UserId = '%s'",
$upd, mysql_escape_string($this->getUserId()));
- if (!empty($upd) && $upd != 'SET')
- DBUpdate($sql);
+ if (!empty($upd) && $upd != 'SET')
+ DBUpdate($sql);
if (isset($arr['Name']))
$this->info['Name'] = $arr['Name'];
if (isset($arr['Email']))
$this->userId = $userId;
$sql = sprintf("SELECT User.UserId, Username, Password, Name, Email, UL, bEnabled, nBytesSoft, nBytesHard, nBytes, nDatabases, nDatabasesHard
FROM User
- NATURAL JOIN UserQuota
- NATURAL JOIN UserStat
+ INNER JOIN UserQuota ON User.UserId = UserQuota.UserId
+ INNER JOIN UserStat ON User.UserId = UserStat.UserId
WHERE User.UserId = '%s'",
mysql_escape_string($userId));
$r = fetchRows(DBSelect($sql),'UserId');
// LEFT JOIN DBQuota ON DBQuota.DatabaseId = DBOwner.DatabaseId
$sql = sprintf("SELECT *
FROM DBOwner
- NATURAL JOIN DB
- NATURAL JOIN DBQuota
+ INNER JOIN DB ON DB.DatabaseId = DBOwner.DatabaseId
+ INNER JOIN DBQuota ON DBQuota.DatabaseId = DBOwner.DatabaseId
WHERE DBOwner.UserId = '%s' AND DB.bEnabled=1",
mysql_escape_string($this->getUserId()));
// $r = fetchRows(DBSelect($sql),'DatabaseId');
}
}
function addDB($name) {
+ if (in_array($name, $this->getDBList())) return false;
if (!addDB($name, $this->getUserId())) return false;
$this->setAccess($name);
return true;
}
+ function delDB($name) {
+ if (!in_array($name, array_keys($this->getDBList()))) return false;
+ if (!delDB($name)) return false;//, $this->getUserId())) return false;
+ $this->setAccess($name,false);
+ return true;
+ }
}
return !empty($aLogin) && is_a($aLogin, 'Login') && $aLogin->canLogin();
}
+function isAdmin($aLogin=null) {
+ if (is_null($aLogin)) {
+ global $Login;
+ $aLogin = $Login;
+ }
+ return !empty($aLogin) && is_a($aLogin, 'Login') && $aLogin->getUL()>=100;
+}
+
function isImpersonating() {
return isSess('_UserId') && isSess('UserId');
}
}
function addDB($dbname,$userid) {
- global $_NEW_DB, $_NEW_DBQUOTA, $_NEW_DBOWNER;
+ global $_NEW_DB, $_NEW_DBQUOTA, $_NEW_DBOWNER;
DBCreate(sprintf('CREATE DATABASE `%s`', mysql_escape_string($dbname)));
- if (mysql_error()) return false;
$newdb['Name'] = $dbname;
- $arr = array_merge($newdb, $_NEW_DB);
+ $arr = array_merge($newdb, $_NEW_DB);
$arr['bEnabled'] = 1;
- $sql = sprintf("INSERT INTO DB %s",
+ $sql = sprintf("INSERT IGNORE INTO DB %s",
buildSQLInsert($arr));
- $DBId = DBInsert($sql);
+ $DBId = DBInsert($sql);
+ if (empty($DBId)) {
+ $sql = sprintf("SELECT DatabaseId FROM DB WHERE Name = '%s'",
+ mysql_escape_string($dbname));
+ $r = fetchRows(DBSelect($sql), 'DatabaseId');
+ if (count($r)) {
+ $r = array_shift($r);
+ $DBId = $r['DatabaseId'];
+ } else {
+ return false;
+ }
+ $sql = sprintf("UPDATE DB %s WHERE DB.DatabaseId = '%s'",
+ buildSQLSet($arr),
+ $DBId);
+ DBUpdate($sql);
+ return $DBId;
+ } else {
+ $arr = $_NEW_DBQUOTA;
+ $arr['DatabaseId'] = $DBId;
+ $sql = sprintf("INSERT IGNORE INTO DBQuota %s",
+ buildSQLInsert($arr));
+ DBInsert($sql);
- $arr = $_NEW_DBQUOTA;
- $arr['DatabaseId'] = $DBId;
- $sql = sprintf("INSERT INTO DBQuota %s",
- buildSQLInsert($arr));
- DBInsert($sql);
+ $arr = $_NEW_DBOWNER;
+ $arr['DatabaseId'] = $DBId;
+ $arr['UserId'] = $userid;
+ $sql = sprintf("INSERT IGNORE INTO DBOwner %s",
+ buildSQLInsert($arr));
+ DBInsert($sql);
- $arr = $_NEW_DBOWNER;
- $arr['DatabaseId'] = $DBId;
- $arr['UserId'] = $userid;
- $sql = sprintf("INSERT INTO DBOwner %s",
- buildSQLInsert($arr));
- DBInsert($sql);
+ return $DBId;
+ }
+}
+
+function delDB($dbname) {
+ global $_NEW_DB, $_NEW_DBQUOTA, $_NEW_DBOWNER;
+
+ DBCreate(sprintf('DROP DATABASE `%s`', mysql_escape_string($dbname)));
+
+ $arr['bEnabled'] = 0;
+ $sql = sprintf("UPDATE DB %s WHERE DB.Name = '%s'",
+ buildSQLSet($arr),
+ $dbname);
+ DBUpdate($sql);
- return $DBId;
+ return true;
}
?>
written for SIPB/MIT SQL service
*/
+$CWD = getcwd();
+chdir(dirname(__FILE__));
+
file_exists('server.cfg.php') && require('server.cfg.php');
defined('DEBUG') || define('DEBUG', 0);
defined('DEVEL') || define('DEVEL', 0);
define('DELIMETER', '+');
defined('DBHOST') || define('DBHOST', 'sql.mit.edu');
+defined('BASE_URL') || define('BASE_URL', '/~sql/main');
defined('ADMINUSER') || define('ADMINUSER', 'root');
defined('ADMINPASS') || define('ADMINPASS', base64_decode('TXlCZWF0c1Bvc3RA'));
defined('ADMINDB') || define('ADMINDB', 'mitsql');
$BASE_PATH = dirname(__FILE__).'/';
-$BASE_URL = isset($_SERVER['SCRIPT_NAME'])?dirname($_SERVER['SCRIPT_NAME']).'/':'';
+$BASE_URL = BASE_URL . '/';
+//$BASE_URL = isset($_SERVER['SCRIPT_NAME'])?dirname($_SERVER['SCRIPT_NAME']).'/':'';
set_time_limit(0);
ignore_user_abort(1);
import_request_variables('cgp', 'i_');
DEVEL && ini_set('display_errors', 1);
DEVEL && error_reporting(E_ALL);
-set_include_path(get_include_path() . PATH_SEPARATOR . $BASE_PATH . 'lib/');
+set_include_path(get_include_path() . PATH_SEPARATOR . $BASE_PATH . 'lib/' . PATH_SEPARATOR . $BASE_PATH);
require_once('defaults.cfg.php');
mysql_select_db(ADMINDB,$cxn);
if (mysql_error()) die(mysql_error());
+chdir($CWD);
+
?>