From e100654e771f44a7751f8b70cc5c13924ac78669 Mon Sep 17 00:00:00 2001
From: szabomarton <szabomarton@gszi.edu.hu>
Date: Wed, 29 Jan 2025 09:15:07 +0100
Subject: [PATCH 1/3] TODO finish this shit
---
SQL_20250122/index.php | 37 +++++++++++++++++++++++++++++++++++--
1 file changed, 35 insertions(+), 2 deletions(-)
diff --git a/SQL_20250122/index.php b/SQL_20250122/index.php
index 1181bd2..a839f50 100644
--- a/SQL_20250122/index.php
+++ b/SQL_20250122/index.php
@@ -1,5 +1,23 @@
<?php
require_once('config.php');
+
+function parseGrant($grant) {
+ if (preg_match("/GRANT (.*?) ON `(.*?)`\.`(.*?)`(?: \((.*?)\))?/", $grant, $matches)) {
+ $permissions = preg_replace("/\(.*?\)/", "", $matches[1]);
+ $database = htmlspecialchars($matches[2]);
+ $table = htmlspecialchars($matches[3]);
+ $columns = !empty($matches[4]) ? array_map('htmlspecialchars', array_map('trim', explode(',', $matches[4]))) : ["-"];
+ return [$permissions, $database, $table, $columns];
+ } elseif (preg_match("/GRANT (.*?) ON `(.*?)`\.\*/", $grant, $matches)) {
+ $permissions = preg_replace("/\(.*?\)/", "", $matches[1]);
+ $database = htmlspecialchars($matches[2]);
+ return [$permissions, $database, "Minden tábla", ["-"]];
+ }
+ return ["Ismeretlen", "-", "-", ["-"]];
+}
+
+
+
?>
<!DOCTYPE html>
<html lang="en">
@@ -24,15 +42,30 @@ require_once('config.php');
$result = $conn->query($sql);
if ($result) {
- // Bejárjuk az eredményhalmazt
+ echo "<table border='1'>";
+ echo "<tr><th>Felhasználó</th><th>Jogosultság</th><th>Adatbázis</th><th>Tábla</th><th>Oszlop</th></tr>";
+
while ($row = $result->fetch_array(MYSQLI_NUM)) {
foreach ($row as $grant) {
- echo $grant . "<br>";
+ list($permissions, $database, $table, $columns) = parseGrant($grant);
+ echo "<tr>";
+ echo "<td>" . htmlspecialchars($_POST["user"]) . "</td>";
+ echo "<td>" . htmlspecialchars($permissions) . "</td>";
+ echo "<td>" . htmlspecialchars($database) . "</td>";
+ echo "<td>" . htmlspecialchars($table) . "</td>";
+ echo "<td>" . htmlspecialchars(implode(", ", $columns)) . "</td>";
+ echo "</tr>";
}
}
+
+ echo "</table>";
} else {
echo "Hiba a lekérdezésben: " . $conn->error;
}
+
+ $conn->close();
+
+
}
?>
From 81f7f2d79b31d37075b975e83705031dfdbace1e Mon Sep 17 00:00:00 2001
From: Digi <marton@szabomarci.hu>
Date: Wed, 5 Feb 2025 06:42:39 +0100
Subject: [PATCH 2/3] ads
---
SQL_20250122/{index.php => asd.php} | 9 +++------
SQL_20250122/{html.html => index.html} | 7 +++++--
2 files changed, 8 insertions(+), 8 deletions(-)
rename SQL_20250122/{index.php => asd.php} (91%)
rename SQL_20250122/{html.html => index.html} (51%)
diff --git a/SQL_20250122/index.php b/SQL_20250122/asd.php
similarity index 91%
rename from SQL_20250122/index.php
rename to SQL_20250122/asd.php
index a839f50..d597282 100644
--- a/SQL_20250122/index.php
+++ b/SQL_20250122/asd.php
@@ -29,13 +29,10 @@ function parseGrant($grant) {
</head>
<body>
<?php if(!isset($_POST["user"])) {
+ echo "Térj vissza az előző oldalra, és adj meg egy ténlyeges felhasználót!";
?>
-
- <form action="" method="POST">
- <label>felhasználó neve: </label>
- <input type="text" name="user">
- <button type="submit">Felhasználó adatainak megjelenítése</button>
- </form>
+
+
<?php } else {
$sql = "SHOW GRANTS FOR ".$_POST["user"].";";
diff --git a/SQL_20250122/html.html b/SQL_20250122/index.html
similarity index 51%
rename from SQL_20250122/html.html
rename to SQL_20250122/index.html
index cb489c5..fece754 100644
--- a/SQL_20250122/html.html
+++ b/SQL_20250122/index.html
@@ -7,7 +7,10 @@
<link rel="stylesheet" href="style.css">
</head>
<body>
- <h1>SZIA!</h1>
- <a href="index.php">Ha le akarsz kérdezni akkor kattints!</a>
+ <form action="asd.php" method="POST">
+ <label>felhasználó neve: </label>
+ <input type="text" name="user">
+ <button type="submit">Felhasználó adatainak megjelenítése</button>
+ </form>
</body>
</html>
\ No newline at end of file
From 5b582005f1feb7cf3fd7a12aae1d65b959181839 Mon Sep 17 00:00:00 2001
From: szabomarton <szabomarton@gszi.edu.hu>
Date: Wed, 12 Feb 2025 07:49:03 +0100
Subject: [PATCH 3/3] asd
---
SQL_20250122/index.html | 2 +-
SQL_20250122/{asd.php => results.php} | 17 +++++++++++++----
2 files changed, 14 insertions(+), 5 deletions(-)
rename SQL_20250122/{asd.php => results.php} (79%)
diff --git a/SQL_20250122/index.html b/SQL_20250122/index.html
index fece754..933af52 100644
--- a/SQL_20250122/index.html
+++ b/SQL_20250122/index.html
@@ -7,7 +7,7 @@
<link rel="stylesheet" href="style.css">
</head>
<body>
- <form action="asd.php" method="POST">
+ <form action="results.php" method="POST">
<label>felhasználó neve: </label>
<input type="text" name="user">
<button type="submit">Felhasználó adatainak megjelenítése</button>
diff --git a/SQL_20250122/asd.php b/SQL_20250122/results.php
similarity index 79%
rename from SQL_20250122/asd.php
rename to SQL_20250122/results.php
index d597282..2b46a1c 100644
--- a/SQL_20250122/asd.php
+++ b/SQL_20250122/results.php
@@ -3,21 +3,30 @@ require_once('config.php');
function parseGrant($grant) {
if (preg_match("/GRANT (.*?) ON `(.*?)`\.`(.*?)`(?: \((.*?)\))?/", $grant, $matches)) {
- $permissions = preg_replace("/\(.*?\)/", "", $matches[1]);
+ $permissions = trim($matches[1]);
+
+ // Új elágazás az oszlopok kezelésére
+ if (preg_match("/(\w+) \((.*?)\)/", $permissions, $permMatches)) {
+ $permissions = trim($permMatches[1]);
+ $columns = array_map('htmlspecialchars', array_map('trim', explode(',', $permMatches[2])));
+ } else {
+ $columns = ["*"];
+ }
+
$database = htmlspecialchars($matches[2]);
$table = htmlspecialchars($matches[3]);
- $columns = !empty($matches[4]) ? array_map('htmlspecialchars', array_map('trim', explode(',', $matches[4]))) : ["-"];
return [$permissions, $database, $table, $columns];
} elseif (preg_match("/GRANT (.*?) ON `(.*?)`\.\*/", $grant, $matches)) {
- $permissions = preg_replace("/\(.*?\)/", "", $matches[1]);
+ $permissions = trim($matches[1]);
$database = htmlspecialchars($matches[2]);
- return [$permissions, $database, "Minden tábla", ["-"]];
+ return [$permissions, $database, "Minden tábla", ["Minden oszlop"]];
}
return ["Ismeretlen", "-", "-", ["-"]];
}
+
?>
<!DOCTYPE html>
<html lang="en">