| [vhffs-dev] [1008] All MySQL modifications are made through prefs.pl. |
[ Thread Index |
Date Index
| More vhffs.org/vhffs-dev Archives
]
Revision: 1008
Author: beuss
Date: 2007-10-19 06:05:38 +0000 (Fri, 19 Oct 2007)
Log Message:
-----------
All MySQL modifications are made through prefs.pl.
No more limitation on mysql password.
Modified Paths:
--------------
trunk/vhffs-api/src/Vhffs/Robots/Mysql.pm
trunk/vhffs-api/src/Vhffs/Services/Mysql.pm
trunk/vhffs-panel/Makefile.am
trunk/vhffs-panel/mysql/create.pl
trunk/vhffs-panel/mysql/prefs.pl
trunk/vhffs-panel/templates/mysql/prefs.tmpl
Removed Paths:
-------------
trunk/vhffs-panel/mysql/prefs_save.pl
Modified: trunk/vhffs-api/src/Vhffs/Robots/Mysql.pm
===================================================================
--- trunk/vhffs-api/src/Vhffs/Robots/Mysql.pm 2007-10-19 05:26:21 UTC (rev 1007)
+++ trunk/vhffs-api/src/Vhffs/Robots/Mysql.pm 2007-10-19 06:05:38 UTC (rev 1008)
@@ -146,10 +146,10 @@
my $dbi = mysql_admin_db_connect( $main );
if( $dbi != 1 )
{
- $query = "UPDATE user SET PASSWORD=PASSWORD('".$db->get_dbpassword."') WHERE User = '".$db->get_dbname."'";
- $dbi->do( $query ) or $db->add_history("Error while grant access to the database");
+ $query = 'UPDATE user SET PASSWORD=PASSWORD(?) WHERE user = ?';
+ $dbi->do( $query, undef, $db->get_dbpassword, $db->get_dbname) or $db->add_history("Error while grant access to the database");
- $dbi->do( "FLUSH PRIVILEGES" );
+ $dbi->do( 'FLUSH PRIVILEGES' );
$dbi->disconnect;
}
$db->add_history( "Robots changed the password for this database" );
Modified: trunk/vhffs-api/src/Vhffs/Services/Mysql.pm
===================================================================
--- trunk/vhffs-api/src/Vhffs/Services/Mysql.pm 2007-10-19 05:26:21 UTC (rev 1007)
+++ trunk/vhffs-api/src/Vhffs/Services/Mysql.pm 2007-10-19 06:05:38 UTC (rev 1008)
@@ -82,7 +82,7 @@
sub check_dbpass($) {
my $dbpass = shift;
- return ($dbpass =~ /^[a-zA-Z0-9]{3,}$/ );
+ return ($dbpass =~ /^.{3,}$/ );
}
sub delete
@@ -140,12 +140,11 @@
sub commit
{
- my $self = shift;
-
- my $request = $self->get_db_object()->prepare( 'UPDATE vhffs_mysql SET dbpass = ? WHERE dbname = ?' );
- $request->execute($self->{dbpass}, $self->{dbname});
-
- $self->SUPER::commit;
+ my $self = shift;
+ my $dbh = $self->get_db_object();
+ $dbh->do('UPDATE vhffs_mysql SET dbpass = ? WHERE dbname = ?', undef,
+ $self->{dbpass}, $self->{dbname}) or return -1;
+ return $self->SUPER::commit;
}
sub get_dbusername
@@ -203,10 +202,10 @@
sub set_dbpassword
{
- my ($self , $value) = @_;
- return -1 if( ! ( $value =~ /^[a-zA-Z0-9]+$/ ) );
+ my ($self , $value) = @_;
+ return -1 unless(check_dbpass($value));
$self->{'dbpass'} = $value;
- return 1;
+ return 1;
}
sub _new {
Modified: trunk/vhffs-panel/Makefile.am
===================================================================
--- trunk/vhffs-panel/Makefile.am 2007-10-19 05:26:21 UTC (rev 1007)
+++ trunk/vhffs-panel/Makefile.am 2007-10-19 06:05:38 UTC (rev 1008)
@@ -120,7 +120,6 @@
mysql/create.pl \
mysql/delete.pl \
mysql/index.pl \
- mysql/prefs_save.pl \
mysql/prefs.pl \
object/upavatar.pl \
object/resubmit.pl \
Modified: trunk/vhffs-panel/mysql/create.pl
===================================================================
--- trunk/vhffs-panel/mysql/create.pl 2007-10-19 05:26:21 UTC (rev 1007)
+++ trunk/vhffs-panel/mysql/create.pl 2007-10-19 06:05:38 UTC (rev 1008)
@@ -84,7 +84,7 @@
} elsif(!Vhffs::Services::Mysql::check_dbname($dbname)) {
$panel->add_error( gettext('Invalid database name, it must contain only numbers, lowercase letters and underscore (the latter isn\'t allowed in first or last position) and be between 3 and 32 characters.') );
} elsif(!Vhffs::Services::Mysql::check_dbpass($dbpass)) {
- $panel->add_error( gettext('Invalid password. It must be at least 3 characters and contain only letters (lower and uppercase) and numbers') );
+ $panel->add_error( gettext('Invalid password. It must contain at least 3 characters') );
} elsif(defined Vhffs::Panel::Mysql::create_mysql($vhffs, $dbname, $user, $group, $dbuser, $dbpass, $description)) {
my $url = '/group/view.pl?project='.$panel->{groupname}.'&msg='.gettext('The MySQL DB was successfully created !');
$panel->redirect($url);
Modified: trunk/vhffs-panel/mysql/prefs.pl
===================================================================
--- trunk/vhffs-panel/mysql/prefs.pl 2007-10-19 05:26:21 UTC (rev 1007)
+++ trunk/vhffs-panel/mysql/prefs.pl 2007-10-19 06:05:38 UTC (rev 1008)
@@ -44,6 +44,7 @@
use Vhffs::Main;
use Vhffs::Panel::Main;
use Vhffs::Panel::Menu;
+use Vhffs::Panel::Template;
my $panel = new Vhffs::Panel::Main();
exit 0 unless $panel;
@@ -91,11 +92,17 @@
}
else
{
- $template = new HTML::Template( filename => $templatedir."/panel/mysql/prefs.tmpl" );
- $template->param( TEXT_TITLE => gettext("MySQL Administration") );
- $template->param( TEXT_AVERT => gettext("Be careful ! If you click on modify, VHFFS will stop the database and set a new password for this database.") );
+ if(defined($cgi->param('save_prefs_submit'))) {
+ if(save_prefs()) {
+ # If successful, save_prefs issues a redirect.
+ exit;
+ }
+ }
+ $template = new Vhffs::Panel::Template( filename => $templatedir."/panel/mysql/prefs.tmpl" );
+ $panel->set_title( gettext("MySQL Administration") );
+
$template->param( TEXT_DBNAME => gettext("Name of the database") );
$template->param( VALUE_DBNAME => $mysql->get_dbname );
@@ -121,3 +128,31 @@
$panel->build( $template );
$panel->display;
+
+sub save_prefs {
+ if(!$user->can_modify($mysql)) {
+ $panel->add_error('You are not allowed to modify this MySQL object (ACL rights)');
+ return 0;
+ }
+
+ my $new_passwd = $cgi->param('newpassword');
+ if(!defined $new_passwd) {
+ $panel->add_error( gettext('CGI Error') );
+ return 0;
+ }
+
+ if($mysql->set_dbpassword($new_passwd) < 0) {
+ $panel->add_error( gettext('Bad password, should be at least 3 chars') );
+ } else {
+ $mysql->set_status( Vhffs::Constants::WAITING_FOR_MODIFICATION);
+ if($mysql->commit < 0) {
+ $panel->add_error( gettext('Unable to apply changes') );
+ $mysql->blank_password;
+ return 0;
+ } else {
+ my $url = '/group/view.pl?project='.$panel->{groupname}.'&msg='.gettext('Password change request taken in account, please wait for processing');
+ $panel->redirect($url);
+ return 1;
+ }
+ }
+}
Deleted: trunk/vhffs-panel/mysql/prefs_save.pl
===================================================================
--- trunk/vhffs-panel/mysql/prefs_save.pl 2007-10-19 05:26:21 UTC (rev 1007)
+++ trunk/vhffs-panel/mysql/prefs_save.pl 2007-10-19 06:05:38 UTC (rev 1008)
@@ -1,115 +0,0 @@
-#!%PERL% -w
-# Copyright (c) vhffs project and its contributors
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# 1. Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#2. Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#3. Neither the name of vhffs nor the names of its contributors
-# may be used to endorse or promote products derived from this
-# software without specific prior written permission.
-#
-#THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-#"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-#LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-#FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-#COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-#INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-#BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-#LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-#CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-
-
-use POSIX qw(locale_h);
-use HTML::Template;
-use locale;
-use Locale::gettext;
-use CGI;
-use CGI::Session;
-use strict;
-
-use lib '%VHFFS_LIB_DIR%';
-use Vhffs::User;
-use Vhffs::Main;
-use Vhffs::Group;
-use Vhffs::Panel::Main;
-use Vhffs::Panel::Menu;
-use Vhffs::Panel::Group;
-use Vhffs::Services::Mysql;
-
-my $panel = new Vhffs::Panel::Main();
-exit 0 unless $panel;
-my $session = $panel->get_session;
-exit 0 unless $session;
-
-my $vhffs = $panel->{'vhffs'};
-my $maintemplate = $panel->{'template'};
-my $user = $panel->{'user'};
-my $group = $panel->{'group'};
-my $cgi = $panel->{'cgi'};
-my $message;
-my $owner = $cgi->param("PROJECT_OWNER");
-my $pass = $cgi->param("DBPASS");
-my $templatedir = $vhffs->get_config->get_templatedir;
-
-#We test if the owner exist
-
-my $dbname = $cgi->param("name");
-
-my $mysql = Vhffs::Services::Mysql::get_by_dbname( $vhffs , $dbname );
-
-
-if ( ! defined( $mysql ) )
-{
- $message = gettext("This database doesn't exist on VHFFS");
-}
-elsif( ! defined $pass )
-{
- $message = gettext( "CGI Error !");
-}
-elsif( ! ( $pass =~ /^[a-zA-Z0-9]+$/ ) )
-{
- $message = gettext( "Error, password can be only alphanumeric caracters");
-}
-elsif( ( Vhffs::Acl::what_perm_for_user( $user , $mysql , $vhffs ) < Vhffs::Constants::ACL_MODIFY ) && ( $user->is_admin != 1 ) )
-{
- $message = gettext( "You're not allowed to do this (ACL rights)" );
-}
-elsif( $mysql->get_status != Vhffs::Constants::ACTIVATED )
-{
- $message = gettext( "This object is not functionnal yet. Please wait creation or moderation.");
-}
-elsif( $mysql->set_dbpassword( $pass ) < 0)
-{
- $message = gettext( "Unable to change this database's password");
-}
-else
-{
- $mysql->set_status( Vhffs::Constants::WAITING_FOR_MODIFICATION);
- if( $mysql->commit < 0 )
- {
- $message = "No modification can be applied. Please check your fields.";
- }
- else
- {
- $message = "Modifications applied to your database";
- }
-}
-
-
-my $template = new HTML::Template( filename => $templatedir."/panel/misc/simplemsg.tmpl" );
-$template->param( MESSAGE => $message );
-
-$panel->set_refresh_url( "/mysql/prefs.pl?name=$dbname" );
-$panel->build( $template );
-$panel->display;
Modified: trunk/vhffs-panel/templates/mysql/prefs.tmpl
===================================================================
--- trunk/vhffs-panel/templates/mysql/prefs.tmpl 2007-10-19 05:26:21 UTC (rev 1007)
+++ trunk/vhffs-panel/templates/mysql/prefs.tmpl 2007-10-19 06:05:38 UTC (rev 1008)
@@ -1,6 +1,6 @@
-<h1><tmpl_var name="TEXT_TITLE"></h1>
-
-<form method="post" action="/mysql/prefs_save.pl">
+<fieldset>
+<legend><TMPL_I18N KEY="Options"></legend>
+<form method="post" action="/mysql/prefs.pl">
<p>
<label for="name">
<tmpl_var name="TEXT_DBNAME"> :
@@ -15,19 +15,20 @@
<tmpl_var name="VALUE_DBUSER">
<input type="hidden" name="DBUSER" id="DBUSER" value="<tmpl_var name="VALUE_DBUSER">"/>
</p>
+ <p class="info">
+ <TMPL_I18N KEY="Warning, password change isn't immediate, you've to check periodically to see if it's done">
+ </p>
<p>
- <label for="DBPASS">
+ <label for="newpassword">
<tmpl_var name="TEXT_DBPASS"> :
</label>
- <input type="PASSWORD" name="DBPASS" id="DBPASS" value="<tmpl_var name="VALUE_DBPASS">"/>
+ <input type="password" name="newpassword" id="newpassword" value="<tmpl_var name="VALUE_DBPASS">"/>
</p>
- <p class="button" id="buttonModify">
- <input type="submit" value="<tmpl_var name="TEXT_SEND">"/>
+ <p class="button">
+ <input type="submit" value="<tmpl_var name="TEXT_SEND">" name="save_prefs_submit"/>
</p>
- <p>
- <tmpl_var name="TEXT_AVERT">
- </p>
</form>
+</fieldset>
<h2><tmpl_var name="TEXT_ACL_ADMIN"></h2>