Created
March 23, 2013 12:50
-
-
Save ss23/5227621 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// Return $success depending on whether the user has permission to run ALTER TABLE | |
function requireDatabaseAlterPermissions($databaseConfig) { | |
$success = false; | |
$conn = new MySQLi($databaseConfig['server'], $databaseConfig['username'], $databaseConfig['password']); | |
if($conn) { | |
if ($res = $conn->query('SHOW GRANTS')) { | |
// Annoyingly, MySQL 'escapes' the database, so we need to do it too. | |
$db = str_replace(array('%', '_', '`'), array('\%', '\_', '``'), $databaseConfig['database']); | |
var_dump($db); | |
while ($row = $res->fetch_array()) { | |
preg_match('/^GRANT (.+) ON (.+) TO/', $row[0], $matches); | |
// Need to change to an array of permissions, because ALTER is contained in ALTER ROUTINES. | |
$permission = array_map('trim', explode(',', $matches[1])); | |
$on_database = $matches[2]; | |
var_dump($matches); | |
# The use of both ` and " is because of ANSI mode. | |
if (in_array('ALL PRIVILEGES', $permission) and ( | |
($on_database == '*.*') or ($on_database == '`' . $db . '`.*') | |
or ($on_database == '"' . $db . '".*'))) { | |
$success = true; | |
break; | |
} | |
if (in_array('ALTER', $permission) and ( | |
($on_database == '*.*') or ($on_database == '`' . $db . '`.*') | |
or ($on_database == '"' . $db . '".*'))) { | |
$success = true; | |
break; | |
} | |
} | |
} | |
} | |
return $success; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment