Remove definer from routine and event
This commit is contained in:
parent
ca32e71e42
commit
a4e38a266d
|
@ -48,14 +48,14 @@ SET sql_mode = 'NO_AUTO_VALUE_ON_ZERO';
|
||||||
foreach (array("FUNCTION", "PROCEDURE") as $routine) {
|
foreach (array("FUNCTION", "PROCEDURE") as $routine) {
|
||||||
foreach (get_rows("SHOW $routine STATUS WHERE Db = " . q($db), null, "-- ") as $row) {
|
foreach (get_rows("SHOW $routine STATUS WHERE Db = " . q($db), null, "-- ") as $row) {
|
||||||
$out .= ($style != 'DROP+CREATE' ? "DROP $routine IF EXISTS " . idf_escape($row["Name"]) . ";;\n" : "")
|
$out .= ($style != 'DROP+CREATE' ? "DROP $routine IF EXISTS " . idf_escape($row["Name"]) . ";;\n" : "")
|
||||||
. $connection->result("SHOW CREATE $routine " . idf_escape($row["Name"]), 2) . ";;\n\n";
|
. remove_definer($connection->result("SHOW CREATE $routine " . idf_escape($row["Name"]), 2)) . ";;\n\n";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ($_POST["events"]) {
|
if ($_POST["events"]) {
|
||||||
foreach (get_rows("SHOW EVENTS", null, "-- ") as $row) {
|
foreach (get_rows("SHOW EVENTS", null, "-- ") as $row) {
|
||||||
$out .= ($style != 'DROP+CREATE' ? "DROP EVENT IF EXISTS " . idf_escape($row["Name"]) . ";;\n" : "")
|
$out .= ($style != 'DROP+CREATE' ? "DROP EVENT IF EXISTS " . idf_escape($row["Name"]) . ";;\n" : "")
|
||||||
. $connection->result("SHOW CREATE EVENT " . idf_escape($row["Name"]), 3) . ";;\n\n";
|
. remove_definer($connection->result("SHOW CREATE EVENT " . idf_escape($row["Name"]), 3)) . ";;\n\n";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if ($out) {
|
if ($out) {
|
||||||
|
|
|
@ -574,7 +574,7 @@ username.form['auth[driver]'].onchange();
|
||||||
}
|
}
|
||||||
if ($is_view) {
|
if ($is_view) {
|
||||||
// remove DEFINER with current user
|
// remove DEFINER with current user
|
||||||
$create = preg_replace('~^([A-Z =]+) DEFINER=`' . preg_replace('~@(.*)~', '`@`(%|\\1)', logged_user()) . '`~', '\\1', $create); //! proper escaping of user
|
$create = remove_definer($create);
|
||||||
}
|
}
|
||||||
echo ($style != "CREATE+ALTER" ? $create : ($is_view ? substr_replace($create, " OR REPLACE", 6, 0) : substr_replace($create, " IF NOT EXISTS", 12, 0))) . ";\n\n";
|
echo ($style != "CREATE+ALTER" ? $create : ($is_view ? substr_replace($create, " OR REPLACE", 6, 0) : substr_replace($create, " IF NOT EXISTS", 12, 0))) . ";\n\n";
|
||||||
}
|
}
|
||||||
|
|
|
@ -357,6 +357,14 @@ function drop_create($drop, $create, $location, $message_drop, $message_alter, $
|
||||||
return $dropped;
|
return $dropped;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** Remove current user definer from SQL command
|
||||||
|
* @param string
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
function remove_definer($query) {
|
||||||
|
return preg_replace('~^([A-Z =]+) DEFINER=`' . preg_replace('~@(.*)~', '`@`(%|\\1)', logged_user()) . '`~', '\\1', $query); //! proper escaping of user
|
||||||
|
}
|
||||||
|
|
||||||
/** Get string to add a file in TAR
|
/** Get string to add a file in TAR
|
||||||
* @param string
|
* @param string
|
||||||
* @param string
|
* @param string
|
||||||
|
|
Loading…
Reference in a new issue