improve mysql8 support and user management

Author: Samnan

README.md

@@ -6,7 +6,7 @@ It has a simple and intuitive interface, quick record addition/editing/saving fe
 
 Database Support
 ================
-As of the current version, MyWebSQL works with MySQL4 / MySQL5 ,SQLite and PostgreSQL databases.
+As of the current version, MyWebSQL works with MySQL (version 4, 5 and 8), SQLite and PostgreSQL databases.
 
 Features
 ========

js/users.js

@@ -210,6 +210,7 @@ function addNewUser() {
 	hostname = $('#hostname').val();
 	password = $('#userpass').val();
 	password2 = $('#userpass2').val();
+	nativepass = $('#nativepass').prop('checked') ? '1' : '0';
 
 	if (username == '' || hostname == '' || password == '') {
 		jAlert(__("User information is incomplete or invalid"), __("User Manager"));
@@ -221,7 +222,7 @@ function addNewUser() {
 		return false;
 	}
 
-	json = {'username':username, 'hostname':hostname, 'pwd': password};
+	json = {'username':username, 'hostname':hostname, 'pwd': password, native: nativepass};
 	query = JSON.stringify(json);
 
 	setMessage(__('Please wait...'));
@@ -242,6 +243,7 @@ function updateUser() {
 	password = $('#userpass').val();
 	password2 = $('#userpass2').val();
 	removepass = $('#nopass').prop('checked') ? '1' : '0';
+	nativepass = $('#nativepass').prop('checked') ? '1' : '0';
 
 	if (removepass == '1')
 		password = password2 = '';
@@ -263,6 +265,7 @@ function updateUser() {
 		'hostname': hostname,
 		'password': password,
 		'removepass': removepass,
+		'native': nativepass,
 		'privileges': PRIVILEGES,
 		'db_privileges': DB_PRIVILEGES
 	};

lib/db/mysqli.php

@@ -29,7 +29,7 @@
 define("SET_FLAG",            2048);         /* Field is a set */
 
 class DB_Mysqli {
-	var $ip, $user, $password, $db;
+	var $ip, $user, $password, $db, $port;
 	var $conn;
 	var $result;		// array
 	var $errMsg;
@@ -126,7 +126,14 @@ function connect($ip, $user, $password, $db="")	{
 			return $this->error(str_replace('{{NAME}}', 'MySQLi', __('{{NAME}} client library is not installed')));
 		}
 
-		$this->conn = @mysqli_connect($ip, $user, $password);
+		$port = ini_get("mysqli.default_port");
+		if(strpos($ip, ':') !== FALSE) {
+			list($ip, $port) = explode(':', $ip);
+		} else {
+			$port = ini_get("mysqli.default_port");
+		}
+
+		$this->conn = mysqli_connect($ip, $user, $password, $db, $port);
 		if (!$this->conn)
 			return $this->error(__('Database connection failed to the server'));
 
@@ -137,6 +144,7 @@ function connect($ip, $user, $password, $db="")	{
 		$this->user = $user;
 		$this->password = $password;
 		$this->db = $db;
+		$this->port = $port;
 
 		$this->selectVersion();
 		$this->query("SET CHARACTER SET 'utf8'");

lib/user.php

@@ -43,11 +43,11 @@ public function __construct() {
 		$this->dbPrivileges     = array();
 	}
 
-	public abstract function add();
+	public abstract function add($native = false);
 
 	public abstract function update($newUsername, $newHost = '%');
 
-	public function updatePassword($newPassword = '') {
+	public function updatePassword($newPassword = '', $native = false) {
 		if( false == $this->userName || false == $this->host )
 			return false;
 
@@ -116,7 +116,7 @@ public function  __construct() {
 		parent::__construct();
 	}
 
-	public function add() {
+	public function add($native = false) {
 		if( false == $this->userName || false == $this->host )
 			return false;
 
@@ -161,15 +161,19 @@ public function  __construct() {
 		parent::__construct();
 	}
 
-	public function add() {
+	public function add($native = false) {
 		if( false == $this->userName || false == $this->host )
 			return false;
 
 		$userName = self::$dbManager->escape( $this->userName );
 		$host     = self::$dbManager->escape( $this->host );
 		$password = self::$dbManager->escape( $this->password );
 
-		$sql = "CREATE USER '$userName'@'$host' IDENTIFIED BY '$password'";
+		$sql = "CREATE USER '$userName'@'$host' IDENTIFIED";
+		if($native) {
+			$sql .= " WITH mysql_native_password";
+		}
+		$sql .= " BY '$password'";
 
 		return self::$dbManager->query( $sql );
 	}
@@ -191,4 +195,26 @@ public function update($newUsername, $newHost = '%') {
 
 		return true;
 	}
+
+	public function updatePassword($newPassword = '', $native = false) {
+		if( false == $this->userName || false == $this->host )
+			return false;
+
+		$userName = self::$dbManager->escape( $this->userName );
+		$host     = self::$dbManager->escape( $this->host );
+		$password = self::$dbManager->escape( $newPassword );
+
+		$sql = "ALTER USER '$userName'@'$host' IDENTIFIED";
+		if($native) {
+			$sql .= " WITH mysql_native_password";
+		}
+		$sql .= " BY '$password'";
+
+		if( false == self::$dbManager->query( $sql ) )
+			return false;
+
+		$this->password  = $newPassword;
+
+		return true;
+	}
 }

lib/usermanager.php

@@ -33,14 +33,14 @@ public function getUser($userName, $host = '%') {
 		return $user;
 	}
 
-	public function add($userName, $host = '%', $password = '') {
+	public function add($userName, $host = '%', $password = '', $native = false) {
 		$user = User::factory( $this->legacy );
 
 		$user->userName = $userName;
 		$user->host     = $host;
 		$user->password = $password;
 
-		return $user->add();
+		return $user->add($native);
 	}
 
 	public function update($currUsername, $currHost, $newUsername, $newHost) {
@@ -52,13 +52,13 @@ public function update($currUsername, $currHost, $newUsername, $newHost) {
 		return $user->update( $newUsername, $newHost );
 	}
 
-	public function updatePassword($userName, $host, $newPassword) {
+	public function updatePassword($userName, $host, $newPassword, $native = false) {
 		$user = User::factory( $this->legacy );
 
 		$user->userName = $userName;
 		$user->host     = $host;
 
-		return $user->updatePassword( $newPassword );
+		return $user->updatePassword( $newPassword, $native );
 	}
 
 	public function delete($userName, $host) {
@@ -73,7 +73,7 @@ public function delete($userName, $host) {
 	public function getUsersList() {
 		$tblName = Privileges::$privilegesTable;
 
-		$sql = "SELECT `User`, `Host`, `Password` FROM $tblName ORDER BY `User`, `Host`";
+		$sql = "SELECT `User`, `Host` FROM $tblName ORDER BY `User`, `Host`";
 
 		if( false == $this->db->query( $sql ) )
 			return array();
@@ -84,7 +84,7 @@ public function getUsersList() {
 
 			$user->userName = $row['User'];
 			$user->host     = $row['Host'];
-			$user->password = $row['Password'];
+			$user->password = '';
 
 			$users[] = $user;
 		}

modules/usermanager.php

@@ -94,7 +94,7 @@ function addUser(&$db, $info, &$editor) {
 		if (!is_object($info))
 			return false;
 
-		return $editor->add($info->username, $info->hostname, $info->pwd);
+		return $editor->add($info->username, $info->hostname, $info->pwd, v($info->native));
 	}
 
 	function deleteUser(&$db, $info, &$editor) {
@@ -120,7 +120,7 @@ function updateUser(&$db, $info, &$editor) {
 
 		// change password only if requested
 		if (isset($info->password) && $info->password != '') {
-			$result = $editor->updatePassword($info->username, $info->hostname, $info->password);
+			$result = $editor->updatePassword($info->username, $info->hostname, $info->password, v($info->native));
 			if (!$result)
 				return false;
 		} else if (isset($info->removepass) && $info->removepass == '1') {

modules/views/usermanager.php

@@ -25,6 +25,7 @@
 					<div class="input"><span><?php echo __('Host'); ?>:</span><span><input type="text" size="30" name="hostname" id="hostname" /><span></div>
 					<div class="input"><span><?php echo __('Password'); ?>:</span><span><input autocomplete="off" type="password" size="30" name="userpass" id="userpass" /><span></div>
 					<div class="input"><span><?php echo __('Confirm Password'); ?>:</span><span><input autocomplete="off" type="password" size="30" name="userpass2" id="userpass2" /><span></div>
+					<div class="input"><span><input type="checkbox" name="nativepass" id="nativepass" /><label class="right" for="nativepass"><?php echo __('Use Native Password'); ?></label></span></div>
 					<div class="input"><span><input type="checkbox" name="nopass" id="nopass" /><label class="right" for="nopass"><?php echo __('Remove Password'); ?></label></span></div>
 				</div>
 				<div id="tab-global">