diff --git a/includes/functions.php b/includes/functions.php index 513c63ad..cb96b11f 100644 --- a/includes/functions.php +++ b/includes/functions.php @@ -882,10 +882,22 @@ function utf8ize($d, $htmlEntities = true) { $d[$k] = utf8ize($v, $htmlEntities); } } else if (is_string ($d)) { - if($htmlEntities){ - $d = htmlentities($d); + if (function_exists('mb_detect_encoding') && function_exists('mb_convert_encoding')) { + if (mb_detect_encoding($d, 'UTF-8', true) === false) { + $d = mb_convert_encoding($d, 'UTF-8'); + } + } elseif (function_exists('iconv')) { + $converted = @iconv('ISO-8859-1', 'UTF-8//IGNORE', $d); + if ($converted !== false) { + $d = $converted; + } } - return utf8_encode($d); + + if($htmlEntities){ + $d = htmlentities($d, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8'); + } + + return $d; } return $d; } @@ -1042,7 +1054,7 @@ function removeInvalidFileNameCharacters($string){ } function deleteMysqlAddonDatabasesForGameServerHome($home_id){ - global $db, $db_host, $db_user, $db_pass, $db_name, $table_prefix; + global $db, $db_host, $db_user, $db_pass, $db_name, $table_prefix, $db_port; if ( function_exists('mysqli_connect') ) require_once("modules/mysql/mysqli_database.php"); else @@ -1052,7 +1064,7 @@ function deleteMysqlAddonDatabasesForGameServerHome($home_id){ $modDb = new MySQLModuleDatabase(); require_once("includes/config.inc.php"); - $modDb->connect($db_host,$db_user,$db_pass,$db_name,$table_prefix); + $modDb->connect($db_host,$db_user,$db_pass,$db_name,$table_prefix,isset($db_port)?$db_port:NULL); if(hasValue($home_id) && is_numeric($home_id)){ @@ -1063,6 +1075,7 @@ function deleteMysqlAddonDatabasesForGameServerHome($home_id){ if(is_array($dbsToDelete) && count((array)$dbsToDelete)){ foreach ((array)$dbsToDelete as $dbToDel){ $mysql_db = $dbToDel; + $mysql_admin_user = !empty($mysql_db['mysql_admin_user']) ? $mysql_db['mysql_admin_user'] : 'root'; if($mysql_db['remote_server_id'] != "0") { $remote_server = $db->getRemoteServer($mysql_db['remote_server_id']); @@ -1070,7 +1083,7 @@ function deleteMysqlAddonDatabasesForGameServerHome($home_id){ $host_stat = $remote->status_chk(); if($host_stat === 1 ) { - $remote->exec('mysql --host=localhost --port='.$mysql_db['mysql_port'].' -uroot -p'.$mysql_db['mysql_root_passwd']. + $remote->exec('mysql --host=localhost --port='.$mysql_db['mysql_port'].' -u'.$mysql_admin_user.' -p'.$mysql_db['mysql_root_passwd']. ' -e "DROP DATABASE '.$mysql_db['db_name'].";DROP USER '".$mysql_db['db_user']."'@'%';\""); } } @@ -1078,7 +1091,14 @@ function deleteMysqlAddonDatabasesForGameServerHome($home_id){ { if( function_exists('mysqli_connect') ) { - @$link = mysqli_connect($mysql_db['mysql_ip'], 'root', $mysql_db['mysql_root_passwd'], "", $mysql_db['mysql_port']); + mysqli_report(MYSQLI_REPORT_OFF); + try { + $link = mysqli_connect($mysql_db['mysql_ip'], $mysql_admin_user, $mysql_db['mysql_root_passwd'], "", $mysql_db['mysql_port']); + } catch (Exception $e) { + $link = false; + } catch (Throwable $e) { + $link = false; + } if ( $link !== FALSE ) { @@ -1091,12 +1111,12 @@ function deleteMysqlAddonDatabasesForGameServerHome($home_id){ break; } mysqli_close($link); - $db->connect($db_host,$db_user,$db_pass,$db_name,$table_prefix); + $db->connect($db_host,$db_user,$db_pass,$db_name,$table_prefix,isset($db_port)?$db_port:NULL); } } else { - @$link = mysql_connect($mysql_db['mysql_ip'].':'.$mysql_db['mysql_port'], 'root', $mysql_db['mysql_root_passwd']); + @$link = mysql_connect($mysql_db['mysql_ip'].':'.$mysql_db['mysql_port'], $mysql_admin_user, $mysql_db['mysql_root_passwd']); if ( $link !== FALSE ) { @@ -1109,12 +1129,12 @@ function deleteMysqlAddonDatabasesForGameServerHome($home_id){ break; } mysql_close($link); - $db->connect($db_host,$db_user,$db_pass,$db_name,$table_prefix); + $db->connect($db_host,$db_user,$db_pass,$db_name,$table_prefix,isset($db_port)?$db_port:NULL); } } } - if ( $modDb->removeMysqlServerDB($db_id) !== FALSE ) + if ( $modDb->removeMysqlServerDB($dbToDel['db_id']) !== FALSE ) { $dbDeletedCount++; } diff --git a/lang/English/modules/mysql.php b/lang/English/modules/mysql.php index 53b4ff70..5e1b0d13 100644 --- a/lang/English/modules/mysql.php +++ b/lang/English/modules/mysql.php @@ -26,6 +26,7 @@ define('OGP_LANG_configured_mysql_hosts', "Configured MySQL Hosts"); define('OGP_LANG_add_new_mysql_host', "Add MySQL host"); define('OGP_LANG_enter_mysql_ip', "Enter MySQL IP."); define('OGP_LANG_enter_valid_port', "Enter a valid port."); +define('OGP_LANG_enter_mysql_admin_user', "Enter MySQL admin user."); define('OGP_LANG_enter_mysql_root_password', "Enter MySQL root password."); define('OGP_LANG_enter_mysql_name', "Enter MySQL name."); define('OGP_LANG_could_not_add_mysql_server', "Could not add MySQL server."); @@ -43,6 +44,7 @@ define('OGP_LANG_assign_db', "Assign Database"); define('OGP_LANG_mysql_server_name', "MySQL server name"); define('OGP_LANG_server_status', "Server status"); define('OGP_LANG_mysql_ip_port', "MySQL IP:port"); +define('OGP_LANG_mysql_admin_user', "MySQL admin user"); define('OGP_LANG_mysql_root_passwd', "MySQL root password"); define('OGP_LANG_connection_method', "Connection method"); define('OGP_LANG_user_privilegies', "User privileges"); diff --git a/modules/config_games/server_configs/dayz_arma2co_win32.xml b/modules/config_games/server_configs/dayz_arma2co_win32.xml index 1fa34a94..b79466b3 100644 --- a/modules/config_games/server_configs/dayz_arma2co_win32.xml +++ b/modules/config_games/server_configs/dayz_arma2co_win32.xml @@ -88,28 +88,29 @@ dbID=server_${srvID} # sed -i "s/dayz_dayzmod/${dbID}/g" 1.9.0_fresh.sql sed -i "s/Host = .*/Host = mysql.iaregamer.com/g" cfg/hiveext.ini +sed -i "s/Port = .*/Port = 3307/g" cfg/hiveext.ini sed -i "s/Database = .*/Database = ${dbID}/g" cfg/hiveext.ini sed -i "s/Username = .*/Username = ${dbID}/g" cfg/hiveext.ini sed -i "s/Password = .*/Password = ${dbPass}/g" cfg/hiveext.ini -mysql -uremoteuser -pPkloyn7yvpht! -hmysql.iaregamer.com -e "CREATE DATABASE IF NOT EXISTS ${dbID}" -mysql -uremoteuser -pPkloyn7yvpht! -hmysql.iaregamer.com -e "GRANT ALL ON ${dbID}.* TO '${dbID}'@'localhost' IDENTIFIED BY '${dbPass}'" -mysql -uremoteuser -pPkloyn7yvpht! -hmysql.iaregamer.com -e "GRANT ALL ON ${dbID}.* TO 'dayzhivemind'@'%' IDENTIFIED BY 'Pkloyn7yvpht!'" -mysql -uremoteuser -pPkloyn7yvpht! -hmysql.iaregamer.com -e "GRANT ALL ON ${dbID}.* TO '${dbID}'@'%' IDENTIFIED BY '${dbPass}'" -mysql -uremoteuser -pPkloyn7yvpht! -hmysql.iaregamer.com -e "FLUSH PRIVILEGES;" -mysql -uremoteuser -pPkloyn7yvpht! -hmysql.iaregamer.com -D ${dbID} < 1.9.0_fresh.sql +mysql -uremoteuser -pPkloyn7yvpht! -hmysql.iaregamer.com -P3307 -e "CREATE DATABASE IF NOT EXISTS ${dbID}" +mysql -uremoteuser -pPkloyn7yvpht! -hmysql.iaregamer.com -P3307 -e "GRANT ALL ON ${dbID}.* TO '${dbID}'@'localhost' IDENTIFIED BY '${dbPass}'" +mysql -uremoteuser -pPkloyn7yvpht! -hmysql.iaregamer.com -P3307 -e "GRANT ALL ON ${dbID}.* TO 'dayzhivemind'@'%' IDENTIFIED BY 'Pkloyn7yvpht!'" +mysql -uremoteuser -pPkloyn7yvpht! -hmysql.iaregamer.com -P3307 -e "GRANT ALL ON ${dbID}.* TO '${dbID}'@'%' IDENTIFIED BY '${dbPass}'" +mysql -uremoteuser -pPkloyn7yvpht! -hmysql.iaregamer.com -P3307 -e "FLUSH PRIVILEGES;" +mysql --force -uremoteuser -pPkloyn7yvpht! -hmysql.iaregamer.com -P3307 -D ${dbID} < 1.9.0_fresh.sql -mysql -uremoteuser -pPkloyn7yvpht! -hmysql.iaregamer.com -e "DELETE FROM panel.ogp_mysql_databases WHERE db_user = '${dbID}'" -mysql -uremoteuser -pPkloyn7yvpht! -hmysql.iaregamer.com -e "INSERT INTO panel.ogp_mysql_databases(mysql_server_id, home_id, db_user, db_passwd, db_name, enabled) VALUES (2,${srvID},'${dbID}','${dbPass}','${dbID}',1)" +mysql -uremoteuser -pPkloyn7yvpht! -hmysql.iaregamer.com -P3307 -e "DELETE FROM panel.gsp_mysql_databases WHERE db_user = '${dbID}'" +mysql -uremoteuser -pPkloyn7yvpht! -hmysql.iaregamer.com -P3307 -e "INSERT INTO panel.gsp_mysql_databases(mysql_server_id, home_id, db_user, db_passwd, db_name, enabled) VALUES (2,${srvID},'${dbID}','${dbPass}','${dbID}',1)" # Create alsoRun.bat ----------------------------------- printf '%s\r\n' \ '@echo off' \ 'del /q "..\_alsoRun.pid" 2>nul' \ -'cd bec +'cd bec' \ 'start "BEC" bec.exe --dsc --dec -f config.cfg' \ -'cd .. +'cd ..' \ 'timeout /t 3 /nobreak >nul' \ 'for /f "tokens=2 delims==" %%P in ('"'"'wmic process where "ExecutablePath='"'"'%cd:\=\\%\\bec.exe'"'"'" get ProcessId /value ^| find "="'"'"') do >"..\_alsoRun.pid" echo %%P' \ > _alsoRun.bat diff --git a/modules/mysql/edit_server.php b/modules/mysql/edit_server.php index fdccccb1..93a48ba3 100644 --- a/modules/mysql/edit_server.php +++ b/modules/mysql/edit_server.php @@ -50,6 +50,25 @@ if ( function_exists('mysqli_connect') ) else require_once("modules/mysql/mysql_database.php"); +function get_mysql_admin_user(array $mysql_server) { + return !empty($mysql_server['mysql_admin_user']) ? $mysql_server['mysql_admin_user'] : 'root'; +} + +function mysqli_connect_safe($host, $user, $pass, $db = "", $port = null) { + if (!function_exists('mysqli_connect')) { + return false; + } + + mysqli_report(MYSQLI_REPORT_OFF); + try { + return mysqli_connect($host, $user, $pass, $db, $port); + } catch (Exception $e) { + return false; + } catch (Throwable $e) { + return false; + } +} + function exec_ogp_module() { $modDb = new MySQLModuleDatabase(); @@ -121,7 +140,7 @@ function exec_ogp_module() { $host_stat = $remote->status_chk(); if($host_stat === 1 ) { - $command = "mysql -h localhost -P ".$mysql_db['mysql_port']." -u root -p".$mysql_db['mysql_root_passwd'].' -e exit; echo $?'; + $command = "mysql -h localhost -P ".$mysql_db['mysql_port']." -u ".get_mysql_admin_user($mysql_db)." -p".$mysql_db['mysql_root_passwd'].' -e exit; echo $?'; $test_mysql_conn = $remote->exec($command); if($test_mysql_conn == 0) @@ -130,7 +149,7 @@ function exec_ogp_module() { "GRANT ".$mysql_db['privilegies_str']." ON \\`".$mysql_db['db_name']."\\`.* TO '".$mysql_db['db_user']."'@'%' IDENTIFIED BY '".$mysql_db['db_passwd']."';". "FLUSH PRIVILEGES;"; - $command = "mysql --host=localhost --port=".$mysql_db['mysql_port']." -uroot -p".$mysql_db['mysql_root_passwd']." -e \"".$SQL."\""; + $command = "mysql --host=localhost --port=".$mysql_db['mysql_port']." -u".get_mysql_admin_user($mysql_db)." -p".$mysql_db['mysql_root_passwd']." -e \"".$SQL."\""; $result = $remote->exec($command); } } @@ -139,11 +158,11 @@ function exec_ogp_module() { { if( function_exists('mysqli_connect') ) { - @$link = mysqli_connect($mysql_db['mysql_ip'], $mysql_db['db_user'], $mysql_db['db_passwd'], $mysql_db['db_name'], $mysql_db['mysql_port']); + $link = mysqli_connect_safe($mysql_db['mysql_ip'], $mysql_db['db_user'], $mysql_db['db_passwd'], $mysql_db['db_name'], $mysql_db['mysql_port']); if ( $link === FALSE ) { - @$link = mysqli_connect($mysql_db['mysql_ip'], 'root', $mysql_db['mysql_root_passwd'], "", $mysql_db['mysql_port']); + $link = mysqli_connect_safe($mysql_db['mysql_ip'], get_mysql_admin_user($mysql_db), $mysql_db['mysql_root_passwd'], "", $mysql_db['mysql_port']); if ( $link !== FALSE ) { @@ -169,7 +188,7 @@ function exec_ogp_module() { if ( $link === FALSE ) { - @$link = mysql_connect($mysql_db['mysql_ip'].':'.$mysql_db['mysql_port'], 'root', $mysql_db['mysql_root_passwd']); + @$link = mysql_connect($mysql_db['mysql_ip'].':'.$mysql_db['mysql_port'], get_mysql_admin_user($mysql_db), $mysql_db['mysql_root_passwd']); if ( $link !== FALSE ) { @@ -207,7 +226,7 @@ function exec_ogp_module() { $host_stat = $remote->status_chk(); if($host_stat === 1 ) { - $remote->exec('mysql --host=localhost --port='.$mysql_db['mysql_port'].' -uroot -p'.$mysql_db['mysql_root_passwd']. + $remote->exec('mysql --host=localhost --port='.$mysql_db['mysql_port'].' -u'.get_mysql_admin_user($mysql_db).' -p'.$mysql_db['mysql_root_passwd']. ' -e "DROP DATABASE '.$mysql_db['db_name'].";DROP USER '".$mysql_db['db_user']."'@'%';\""); } } @@ -215,7 +234,7 @@ function exec_ogp_module() { { if( function_exists('mysqli_connect') ) { - @$link = mysqli_connect($mysql_db['mysql_ip'], 'root', $mysql_db['mysql_root_passwd'], "", $mysql_db['mysql_port']); + $link = mysqli_connect_safe($mysql_db['mysql_ip'], get_mysql_admin_user($mysql_db), $mysql_db['mysql_root_passwd'], "", $mysql_db['mysql_port']); if ( $link !== FALSE ) { @@ -233,7 +252,7 @@ function exec_ogp_module() { } else { - @$link = mysql_connect($mysql_db['mysql_ip'].':'.$mysql_db['mysql_port'], 'root', $mysql_db['mysql_root_passwd']); + @$link = mysql_connect($mysql_db['mysql_ip'].':'.$mysql_db['mysql_port'], get_mysql_admin_user($mysql_db), $mysql_db['mysql_root_passwd']); if ( $link !== FALSE ) { @@ -294,7 +313,7 @@ function exec_ogp_module() { "GRANT ".$mysql_db['privilegies_str']." ON \\`".$mysql_db['db_name']."\\`.* TO '".$mysql_db['db_user']."'@'%' IDENTIFIED BY '".$post_db_passwd."';". "FLUSH PRIVILEGES;"; - $command = "mysql --host=localhost --port=".$mysql_db['mysql_port']." -uroot -p".$mysql_db['mysql_root_passwd']." -e \"".$SQL."\""; + $command = "mysql --host=localhost --port=".$mysql_db['mysql_port']." -u".get_mysql_admin_user($mysql_db)." -p".$mysql_db['mysql_root_passwd']." -e \"".$SQL."\""; $remote->exec($command); } } @@ -302,7 +321,7 @@ function exec_ogp_module() { { if( function_exists('mysqli_connect') ) { - @$link = mysqli_connect($mysql_db['mysql_ip'], 'root', $mysql_db['mysql_root_passwd'], "", $mysql_db['mysql_port']); + $link = mysqli_connect_safe($mysql_db['mysql_ip'], get_mysql_admin_user($mysql_db), $mysql_db['mysql_root_passwd'], "", $mysql_db['mysql_port']); if ( $link !== FALSE ) { @@ -321,7 +340,7 @@ function exec_ogp_module() { } else { - @$link = mysql_connect($mysql_db['mysql_ip'].':'.$mysql_db['mysql_port'], 'root', $mysql_db['mysql_root_passwd']); + @$link = mysql_connect($mysql_db['mysql_ip'].':'.$mysql_db['mysql_port'], get_mysql_admin_user($mysql_db), $mysql_db['mysql_root_passwd']); if ( $link !== FALSE ) { @@ -357,7 +376,7 @@ function exec_ogp_module() { $SQL = "GRANT ".$mysql_db['privilegies_str']." ON \\`".$mysql_db['db_name']."\\`.* TO '".$mysql_db['db_user']."'@'%' IDENTIFIED BY '".$post_db_passwd."';". "FLUSH PRIVILEGES;"; - $command = "mysql --host=localhost --port=".$mysql_db['mysql_port']." -uroot -p".$mysql_db['mysql_root_passwd']." -e \"".$SQL."\""; + $command = "mysql --host=localhost --port=".$mysql_db['mysql_port']." -u".get_mysql_admin_user($mysql_db)." -p".$mysql_db['mysql_root_passwd']." -e \"".$SQL."\""; $remote->exec($command); } } @@ -365,7 +384,7 @@ function exec_ogp_module() { { if( function_exists('mysqli_connect') ) { - @$link = mysqli_connect($mysql_db['mysql_ip'], 'root', $mysql_db['mysql_root_passwd'], "", $mysql_db['mysql_port']); + $link = mysqli_connect_safe($mysql_db['mysql_ip'], get_mysql_admin_user($mysql_db), $mysql_db['mysql_root_passwd'], "", $mysql_db['mysql_port']); if ( $link !== FALSE ) { @@ -388,7 +407,7 @@ function exec_ogp_module() { } else { - @$link = mysql_connect($mysql_db['mysql_ip'].':'.$mysql_db['mysql_port'], 'root', $mysql_db['mysql_root_passwd']); + @$link = mysql_connect($mysql_db['mysql_ip'].':'.$mysql_db['mysql_port'], get_mysql_admin_user($mysql_db), $mysql_db['mysql_root_passwd']); if ( $link !== FALSE ) { @@ -448,7 +467,7 @@ function exec_ogp_module() { $host_stat = $remote->status_chk(); if($host_stat === 1 ) { - $remote->exec('mysql --host=localhost --port='.$mysql_server['mysql_port'].' -uroot -p'.$mysql_server['mysql_root_passwd']. + $remote->exec('mysql --host=localhost --port='.$mysql_server['mysql_port'].' -u'.get_mysql_admin_user($mysql_server).' -p'.$mysql_server['mysql_root_passwd']. ' -e "DROP DATABASE '.$mysql_db['db_name'].";DROP USER '".$mysql_db['db_user']."'@'%';\""); } } @@ -456,7 +475,7 @@ function exec_ogp_module() { { if( function_exists('mysqli_connect') ) { - @$link = mysqli_connect($mysql_server['mysql_ip'], 'root', $mysql_server['mysql_root_passwd'], "", $mysql_server['mysql_port']); + $link = mysqli_connect_safe($mysql_server['mysql_ip'], get_mysql_admin_user($mysql_server), $mysql_server['mysql_root_passwd'], "", $mysql_server['mysql_port']); if ( $link !== FALSE ) { @@ -473,7 +492,7 @@ function exec_ogp_module() { } else { - @$link = mysql_connect($mysql_server['mysql_ip'].':'.$mysql_server['mysql_port'], 'root', $mysql_server['mysql_root_passwd']); + @$link = mysql_connect($mysql_server['mysql_ip'].':'.$mysql_server['mysql_port'], get_mysql_admin_user($mysql_server), $mysql_server['mysql_root_passwd']); if ( $link !== FALSE ) { @@ -512,6 +531,9 @@ function exec_ogp_module() { if ( empty($get['mysql_ip']) ){ print_failure(get_lang('enter_mysql_ip')); } + elseif ( empty($get['mysql_admin_user']) ){ + print_failure(get_lang('enter_mysql_admin_user')); + } elseif ( !isPortValid($get['mysql_port']) ){ print_failure(get_lang('enter_valid_port')); } @@ -521,7 +543,7 @@ function exec_ogp_module() { elseif ( empty($get['mysql_name']) ){ print_failure(get_lang('enter_mysql_name')); } - elseif(!$modDb->editMysqlServer($mysql_server_id,$get['remote_server_id'],$get['mysql_name'],$get['mysql_ip'],$get['mysql_port'],$get['mysql_root_passwd'],$mysql_server['privilegies_str'])) + elseif(!$modDb->editMysqlServer($mysql_server_id,$get['remote_server_id'],$get['mysql_name'],$get['mysql_ip'],$get['mysql_port'],$get['mysql_admin_user'],$get['mysql_root_passwd'],$mysql_server['privilegies_str'])) print_failure(get_lang_f('unable_to_set_changes_to',$mysql_server['mysql_name'])); else print_success(get_lang_f('mysql_server_settings_changed',$mysql_server['mysql_name'])); @@ -552,6 +574,7 @@ function exec_ogp_module() { $ft->add_field('string','mysql_name',$mysql_server['mysql_name']); $ft->add_field('string','mysql_ip',$mysql_server['mysql_ip']); $ft->add_field('string','mysql_port',$mysql_server['mysql_port']); + $ft->add_field('string','mysql_admin_user', isset($mysql_server['mysql_admin_user']) ? $mysql_server['mysql_admin_user'] : (isset($db_user) ? $db_user : 'root')); $ft->add_field('string','mysql_root_passwd',$mysql_server['mysql_root_passwd']); $ft->end_table(); $ft->add_button("submit","save_settings",get_lang('save_settings')); diff --git a/modules/mysql/module.php b/modules/mysql/module.php index c99ed89b..5d8ebea1 100644 --- a/modules/mysql/module.php +++ b/modules/mysql/module.php @@ -37,7 +37,8 @@ $install_queries[0] = array( `mysql_name` varchar(100) NOT NULL, `mysql_ip` varchar(255) NOT NULL, `mysql_port` int(11) NOT NULL, - `mysql_root_passwd` VARCHAR( 32 ) NULL, + `mysql_admin_user` varchar(64) NOT NULL default 'root', + `mysql_root_passwd` VARCHAR(255) NULL, `privilegies_str` LONGTEXT NULL, PRIMARY KEY (`mysql_server_id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1;", diff --git a/modules/mysql/mysql_database.php b/modules/mysql/mysql_database.php index 85a422e0..d7179833 100644 --- a/modules/mysql/mysql_database.php +++ b/modules/mysql/mysql_database.php @@ -79,22 +79,25 @@ class MySQLModuleDatabase extends OGPDatabaseMySQL return $results; } - public function addMysqlServer($remote_server_id,$mysql_name,$mysql_ip,$mysql_port,$mysql_root_passwd,$privilegies_str) + public function addMysqlServer($remote_server_id,$mysql_name,$mysql_ip,$mysql_port,$mysql_admin_user,$mysql_root_passwd,$privilegies_str) { if ( empty($mysql_ip) ) return false; else if ( empty($mysql_port) ) + return false; + else if ( empty($mysql_admin_user) ) return false; else if ( empty($mysql_root_passwd) ) return false; - $query = sprintf("INSERT INTO `%smysql_servers` (`remote_server_id`,`mysql_name`,`mysql_ip`,`mysql_port`,`mysql_root_passwd`,`privilegies_str`) - VALUES('%s','%s','%s','%s','%s','%s');", + $query = sprintf("INSERT INTO `%smysql_servers` (`remote_server_id`,`mysql_name`,`mysql_ip`,`mysql_port`,`mysql_admin_user`,`mysql_root_passwd`,`privilegies_str`) + VALUES('%s','%s','%s','%s','%s','%s','%s');", $this->table_prefix, mysql_real_escape_string($remote_server_id,$this->link), mysql_real_escape_string($mysql_name,$this->link), mysql_real_escape_string($mysql_ip,$this->link), mysql_real_escape_string($mysql_port,$this->link), + mysql_real_escape_string($mysql_admin_user,$this->link), mysql_real_escape_string($mysql_root_passwd,$this->link), mysql_real_escape_string($privilegies_str,$this->link)); ++$this->queries_; @@ -108,17 +111,18 @@ class MySQLModuleDatabase extends OGPDatabaseMySQL return mysql_insert_id($this->link); } - public function editMysqlServer($mysql_server_id,$remote_server_id,$mysql_name,$mysql_ip,$mysql_port,$mysql_root_passwd,$privilegies_str) + public function editMysqlServer($mysql_server_id,$remote_server_id,$mysql_name,$mysql_ip,$mysql_port,$mysql_admin_user,$mysql_root_passwd,$privilegies_str) { $query = sprintf("UPDATE `%smysql_servers` SET `remote_server_id` = '%s', `mysql_name` = '%s', `mysql_ip` = '%s', `mysql_port` = '%s', - `mysql_root_passwd` = '%s', `privilegies_str` = '%s' + `mysql_admin_user` = '%s', `mysql_root_passwd` = '%s', `privilegies_str` = '%s' WHERE `mysql_server_id` = %s;", $this->table_prefix, mysql_real_escape_string($remote_server_id,$this->link), mysql_real_escape_string($mysql_name,$this->link), mysql_real_escape_string($mysql_ip,$this->link), mysql_real_escape_string($mysql_port,$this->link), + mysql_real_escape_string($mysql_admin_user,$this->link), mysql_real_escape_string($mysql_root_passwd,$this->link), mysql_real_escape_string($privilegies_str,$this->link), mysql_real_escape_string($mysql_server_id,$this->link)); diff --git a/modules/mysql/mysql_servers_admin_user_migration.sql b/modules/mysql/mysql_servers_admin_user_migration.sql new file mode 100644 index 00000000..f18b675e --- /dev/null +++ b/modules/mysql/mysql_servers_admin_user_migration.sql @@ -0,0 +1,11 @@ +-- GSP MySQL module migration: support configurable admin user and longer admin password. +-- Execute against the panel database (gsp_ prefix shown below). + +ALTER TABLE `gsp_mysql_servers` + ADD COLUMN `mysql_admin_user` varchar(64) NOT NULL DEFAULT 'root' AFTER `mysql_port`; + +ALTER TABLE `gsp_mysql_servers` + MODIFY COLUMN `mysql_root_passwd` varchar(255) NULL; + +-- Optional: set current rows to your preferred admin user (example: remoteuser) +-- UPDATE `gsp_mysql_servers` SET `mysql_admin_user` = 'remoteuser' WHERE `mysql_admin_user` = 'root' OR `mysql_admin_user` = ''; diff --git a/modules/mysql/mysqli_database.php b/modules/mysql/mysqli_database.php index 2618eba4..ef5f51df 100644 --- a/modules/mysql/mysqli_database.php +++ b/modules/mysql/mysqli_database.php @@ -46,7 +46,14 @@ class MySQLModuleDatabase extends OGPDatabaseMySQL // Use the port from config.inc.php if provided (supports non-standard ports e.g. 3307) $port = !empty($db_port) ? (int)$db_port : 3306; - $this->link = mysqli_connect($db_host, $db_user, $db_pass, $db_name, $port); + mysqli_report(MYSQLI_REPORT_OFF); + try { + $this->link = mysqli_connect($db_host, $db_user, $db_pass, $db_name, $port); + } catch (Exception $e) { + $this->link = false; + } catch (Throwable $e) { + $this->link = false; + } if ( $this->link === FALSE ) return -11; @@ -80,22 +87,25 @@ class MySQLModuleDatabase extends OGPDatabaseMySQL return $results; } - public function addMysqlServer($remote_server_id,$mysql_name,$mysql_ip,$mysql_port,$mysql_root_passwd,$privilegies_str) + public function addMysqlServer($remote_server_id,$mysql_name,$mysql_ip,$mysql_port,$mysql_admin_user,$mysql_root_passwd,$privilegies_str) { if ( empty($mysql_ip) ) return false; else if ( empty($mysql_port) ) + return false; + else if ( empty($mysql_admin_user) ) return false; else if ( empty($mysql_root_passwd) ) return false; - $query = sprintf("INSERT INTO `%smysql_servers` (`remote_server_id`,`mysql_name`,`mysql_ip`,`mysql_port`,`mysql_root_passwd`,`privilegies_str`) - VALUES('%s','%s','%s','%s','%s','%s');", + $query = sprintf("INSERT INTO `%smysql_servers` (`remote_server_id`,`mysql_name`,`mysql_ip`,`mysql_port`,`mysql_admin_user`,`mysql_root_passwd`,`privilegies_str`) + VALUES('%s','%s','%s','%s','%s','%s','%s');", $this->table_prefix, mysqli_real_escape_string($this->link,$remote_server_id), mysqli_real_escape_string($this->link,$mysql_name), mysqli_real_escape_string($this->link,$mysql_ip), mysqli_real_escape_string($this->link,$mysql_port), + mysqli_real_escape_string($this->link,$mysql_admin_user), mysqli_real_escape_string($this->link,$mysql_root_passwd), mysqli_real_escape_string($this->link,$privilegies_str)); ++$this->queries_; @@ -109,17 +119,18 @@ class MySQLModuleDatabase extends OGPDatabaseMySQL return mysqli_insert_id($this->link); } - public function editMysqlServer($mysql_server_id,$remote_server_id,$mysql_name,$mysql_ip,$mysql_port,$mysql_root_passwd,$privilegies_str) + public function editMysqlServer($mysql_server_id,$remote_server_id,$mysql_name,$mysql_ip,$mysql_port,$mysql_admin_user,$mysql_root_passwd,$privilegies_str) { $query = sprintf("UPDATE `%smysql_servers` SET `remote_server_id` = '%s', `mysql_name` = '%s', `mysql_ip` = '%s', `mysql_port` = '%s', - `mysql_root_passwd` = '%s', `privilegies_str` = '%s' + `mysql_admin_user` = '%s', `mysql_root_passwd` = '%s', `privilegies_str` = '%s' WHERE `mysql_server_id` = %s;", $this->table_prefix, mysqli_real_escape_string($this->link,$remote_server_id), mysqli_real_escape_string($this->link,$mysql_name), mysqli_real_escape_string($this->link,$mysql_ip), mysqli_real_escape_string($this->link,$mysql_port), + mysqli_real_escape_string($this->link,$mysql_admin_user), mysqli_real_escape_string($this->link,$mysql_root_passwd), mysqli_real_escape_string($this->link,$privilegies_str), mysqli_real_escape_string($this->link,$mysql_server_id)); diff --git a/modules/mysql/servers.php b/modules/mysql/servers.php index 196caa81..1429c344 100644 --- a/modules/mysql/servers.php +++ b/modules/mysql/servers.php @@ -45,6 +45,25 @@ if ( function_exists('mysqli_connect') ) else require_once("modules/mysql/mysql_database.php"); +function get_mysql_admin_user(array $mysql_server) { + return !empty($mysql_server['mysql_admin_user']) ? $mysql_server['mysql_admin_user'] : 'root'; +} + +function mysqli_connect_safe($host, $user, $pass, $db = "", $port = null) { + if (!function_exists('mysqli_connect')) { + return false; + } + + mysqli_report(MYSQLI_REPORT_OFF); + try { + return mysqli_connect($host, $user, $pass, $db, $port); + } catch (Exception $e) { + return false; + } catch (Throwable $e) { + return false; + } +} + function exec_ogp_module() { $modDb = new MySQLModuleDatabase(); @@ -65,6 +84,10 @@ function exec_ogp_module() { if ( empty($get['mysql_ip']) ){ print_failure(get_lang('enter_mysql_ip')); } + + if ( empty($get['mysql_admin_user']) ){ + print_failure(get_lang('enter_mysql_admin_user')); + } if ( !isPortValid($get['mysql_port']) ){ print_failure(get_lang('enter_valid_port')); @@ -83,7 +106,7 @@ function exec_ogp_module() { { $priv = $get; $privilegies_str = ""; - unset($priv['m'],$priv['p'],$priv['remote_server_id'],$priv['mysql_ip'],$priv['mysql_port'],$priv['mysql_root_passwd'],$priv['mysql_name'],$priv['privilegies'],$priv['add_mysql_server']); + unset($priv['m'],$priv['p'],$priv['remote_server_id'],$priv['mysql_ip'],$priv['mysql_port'],$priv['mysql_admin_user'],$priv['mysql_root_passwd'],$priv['mysql_name'],$priv['privilegies'],$priv['add_mysql_server']); foreach ((array)$priv as $name => $value) { $privilegies_str .= str_replace("_"," ",$name).", "; @@ -96,7 +119,7 @@ function exec_ogp_module() { $privilegies_str = rtrim( $privilegies_str , ', ' ); - $mysql_server_id = $modDb->addMysqlServer($get['remote_server_id'],$get['mysql_name'],$get['mysql_ip'],$get['mysql_port'],$get['mysql_root_passwd'],$privilegies_str); + $mysql_server_id = $modDb->addMysqlServer($get['remote_server_id'],$get['mysql_name'],$get['mysql_ip'],$get['mysql_port'],$get['mysql_admin_user'],$get['mysql_root_passwd'],$privilegies_str); if ( !$mysql_server_id ) { print_failure(get_lang('could_not_add_mysql_server')); @@ -132,6 +155,7 @@ function exec_ogp_module() { $ft->add_field('string','mysql_name',isset($_GET['mysql_name']) ? $_GET['mysql_name'] : ""); $ft->add_field('string','mysql_ip',isset($_GET['mysql_ip']) ? $_GET['mysql_ip'] : "localhost"); $ft->add_field('string','mysql_port',isset($_GET['mysql_port']) ? $_GET['mysql_port'] : "3306"); + $ft->add_field('string','mysql_admin_user',isset($_GET['mysql_admin_user']) ? $_GET['mysql_admin_user'] : (isset($db_user) ? $db_user : 'root')); $ft->add_field('string','mysql_root_passwd',isset($_GET['mysql_root_passwd']) ? $_GET['mysql_root_passwd'] : ""); $ft->add_custom_field('privilegies', create_drop_box_from_array(array('all' => get_lang('all'), 'custom' => get_lang('custom')),"privilegies",isset($_GET['privilegies']) ? $_GET['privilegies'] : "all",false)); @@ -174,6 +198,7 @@ function exec_ogp_module() { if($mysql_server['remote_server_id'] != 0) { + $mysql_admin_user = get_mysql_admin_user($mysql_server); $remote_server = $db->getRemoteServer($mysql_server['remote_server_id']); $remote = new OGPRemoteLibrary($remote_server['agent_ip'],$remote_server['agent_port'],$remote_server['encryption_key'],$remote_server['timeout']); $host_stat = $remote->status_chk(); @@ -184,7 +209,7 @@ function exec_ogp_module() { elseif( $host_stat === 1) { $server_status = "".get_lang('online').""; - $command = "mysql -h ".$mysql_server['mysql_ip']." -P ".$mysql_server['mysql_port']." -u root -p".$mysql_server['mysql_root_passwd'].' -e exit; echo $?'; + $command = "mysql -h ".$mysql_server['mysql_ip']." -P ".$mysql_server['mysql_port']." -u ".$mysql_admin_user." -p".$mysql_server['mysql_root_passwd'].' -e exit; echo $?'; $test_mysql_conn = $remote->exec($command); if($test_mysql_conn == 0) @@ -208,9 +233,10 @@ function exec_ogp_module() { } else { + $mysql_admin_user = get_mysql_admin_user($mysql_server); if( function_exists('mysqli_connect') ) { - @$link = mysqli_connect($mysql_server['mysql_ip'], 'root', $mysql_server['mysql_root_passwd'], "", $mysql_server['mysql_port']); + $link = mysqli_connect_safe($mysql_server['mysql_ip'], $mysql_admin_user, $mysql_server['mysql_root_passwd'], "", $mysql_server['mysql_port']); if ( $link === FALSE ) { @@ -224,7 +250,7 @@ function exec_ogp_module() { } else { - @$link = mysql_connect($mysql_server['mysql_ip'].':'.$mysql_server['mysql_port'], 'root', $mysql_server['mysql_root_passwd']); + @$link = mysql_connect($mysql_server['mysql_ip'].':'.$mysql_server['mysql_port'], $mysql_admin_user, $mysql_server['mysql_root_passwd']); if ( $link === FALSE ) { @@ -270,6 +296,7 @@ function exec_ogp_module() { $data = " ".get_lang('mysql_ip_port').": ".$mysql_server['mysql_ip'].":".$mysql_server['mysql_port']."
+ ".get_lang('mysql_admin_user').": ".get_mysql_admin_user($mysql_server)."
".get_lang('mysql_root_passwd').": ".$mysql_server['mysql_root_passwd']."
".get_lang('connection_method').": ".$conection_type."
".get_lang('user_privilegies').": ".$mysql_server['privilegies_str']."
diff --git a/modules/mysql/user_db.php b/modules/mysql/user_db.php index fe230dbc..491059aa 100644 --- a/modules/mysql/user_db.php +++ b/modules/mysql/user_db.php @@ -37,6 +37,25 @@ if ( function_exists('mysqli_connect') ) else require_once("modules/mysql/mysql_database.php"); +function get_mysql_admin_user(array $mysql_server) { + return !empty($mysql_server['mysql_admin_user']) ? $mysql_server['mysql_admin_user'] : 'root'; +} + +function mysqli_connect_safe($host, $user, $pass, $db = "", $port = null) { + if (!function_exists('mysqli_connect')) { + return false; + } + + mysqli_report(MYSQLI_REPORT_OFF); + try { + return mysqli_connect($host, $user, $pass, $db, $port); + } catch (Exception $e) { + return false; + } catch (Throwable $e) { + return false; + } +} + function exec_ogp_module() { $modDb = new MySQLModuleDatabase(); @@ -95,7 +114,7 @@ function exec_ogp_module() { $host_stat = $remote->status_chk(); if($host_stat === 1 ) { - $command = "mysql -h localhost -P ".$mysql_db['mysql_port']." -u root -p".$mysql_db['mysql_root_passwd'].' -e exit; echo $?'; + $command = "mysql -h localhost -P ".$mysql_db['mysql_port']." -u ".get_mysql_admin_user($mysql_db)." -p".$mysql_db['mysql_root_passwd'].' -e exit; echo $?'; $test_mysql_conn = $remote->exec($command); if($test_mysql_conn == 0) @@ -113,7 +132,7 @@ function exec_ogp_module() { { if( function_exists('mysqli_connect') ) { - $link = mysqli_connect($mysql_db['mysql_ip'], $mysql_db['db_user'], $mysql_db['db_passwd'], $mysql_db['db_name'], $mysql_db['mysql_port']); + $link = mysqli_connect_safe($mysql_db['mysql_ip'], $mysql_db['db_user'], $mysql_db['db_passwd'], $mysql_db['db_name'], $mysql_db['mysql_port']); if ( $link !== FALSE ) { $server_online = TRUE; @@ -248,7 +267,7 @@ function exec_ogp_module() { "GRANT ".$mysql_db['privilegies_str']." ON \\`".$mysql_db['db_name']."\\`.* TO '".$mysql_db['db_user']."'@'%' IDENTIFIED BY '".$post_db_passwd."';". "FLUSH PRIVILEGES;"; - $command = "mysql --host=localhost --port=".$mysql_db['mysql_port']." -uroot -p".$mysql_db['mysql_root_passwd']." -e \"".$SQL."\""; + $command = "mysql --host=localhost --port=".$mysql_db['mysql_port']." -u".get_mysql_admin_user($mysql_db)." -p".$mysql_db['mysql_root_passwd']." -e \"".$SQL."\""; $remote->exec($command); } } @@ -256,7 +275,7 @@ function exec_ogp_module() { { if( function_exists('mysqli_connect') ) { - @$link = mysqli_connect($mysql_db['mysql_ip'], 'root', $mysql_db['mysql_root_passwd'], "", $mysql_db['mysql_port']); + $link = mysqli_connect_safe($mysql_db['mysql_ip'], get_mysql_admin_user($mysql_db), $mysql_db['mysql_root_passwd'], "", $mysql_db['mysql_port']); if ( $link !== FALSE ) { @@ -275,7 +294,7 @@ function exec_ogp_module() { } else { - @$link = mysql_connect($mysql_db['mysql_ip'].':'.$mysql_db['mysql_port'], 'root', $mysql_db['mysql_root_passwd']); + @$link = mysql_connect($mysql_db['mysql_ip'].':'.$mysql_db['mysql_port'], get_mysql_admin_user($mysql_db), $mysql_db['mysql_root_passwd']); if ( $link !== FALSE ) {