From 9386a0191bdad7c2d904b477602ee0953bbb9974 Mon Sep 17 00:00:00 2001
From: Stuart Olivera <stuart@stuartolivera.com>
Date: Tue, 10 Jun 2014 00:29:46 -0400
Subject: [PATCH] Added user & db length limit according to db type

MySQL: 16 characers
PostgreSQL: 63 characters

Alerts the user in the event their user or database is too long
---
 web/add/db/index.php            | 24 ++++++++++++++++++++
 web/templates/admin/add_db.html | 39 +++++++++++++++++++++++----------
 2 files changed, 51 insertions(+), 12 deletions(-)

diff --git a/web/add/db/index.php b/web/add/db/index.php
index a4c1e543e..f2ba11df1 100644
--- a/web/add/db/index.php
+++ b/web/add/db/index.php
@@ -51,6 +51,30 @@ if (!empty($_POST['ok'])) {
     $v_host = $_POST['v_host'];
     $v_db_email = $_POST['v_db_email'];
 
+    // Check database length
+    if (empty($_SESSION['error_msg'])) {
+        $db_len = strlen($user."_".$_POST['v_database']);
+        if ($_POST['v_type'] == 'pgsql')
+            $db_maxlen = 63;
+        elseif ($_POST['v_type'] == 'mysql')
+            $db_maxlen = 64;
+        else
+            $db_maxlen = true; // Allow any length by default
+        if ($db_len > $db_maxlen) $_SESSION['error_msg'] = __('Database is too long.',$error_msg);
+    }
+
+    // Check user length
+    if (empty($_SESSION['error_msg'])) {
+        $dbusr_len = strlen($user."_".$_POST['v_dbuser']);
+        if ($_POST['v_type'] == 'mysql')
+            $dbuser_maxlen = 16;
+        elseif ($_POST['v_type'] == 'pgsql')
+            $dbuser_maxlen = 63;
+        else
+            $dbuser_maxlen = true; // Allow any length by default
+        if ($dbusr_len > $dbuser_maxlen ) $_SESSION['error_msg'] = __('User is too long.',$error_msg);
+    }
+
     // Check password length
     if (empty($_SESSION['error_msg'])) {
         $pw_len = strlen($_POST['v_password']);
diff --git a/web/templates/admin/add_db.html b/web/templates/admin/add_db.html
index 438824ab3..933b10c12 100644
--- a/web/templates/admin/add_db.html
+++ b/web/templates/admin/add_db.html
@@ -5,7 +5,7 @@
                 } else {
                     $back = "location.href='".$back."'";
                 }
-            ?> 
+            ?>
             <table class="submenu">
                 <tr>
                     <td style="padding: 20px 10px;" ><a class="name"><b><?php print __('Adding database');?></b></a>
@@ -17,7 +17,7 @@
                                     echo "<span class=\"vst-ok\"> → ".$_SESSION['ok_msg']."</span>";
                                 }
                             }
-                        ?> 
+                        ?>
                     </td>
                 </tr>
             </table>
@@ -60,23 +60,38 @@
                             </tr>
                             <tr>
                                 <td class="vst-text" style="padding: 12px 0 0 0;">
-                                    <?php print __('Database');?> 
+                                    <?php print __('Database');?>
                                 </td>
                             </tr>
                             <tr>
                                 <td>
-                                    <input type="text" size="20" class="vst-input" name="v_database" <?php if (!empty($v_database)) echo "value=".$v_database; ?>>
+                                    <?php
+                                        exec (VESTA_CMD."v-list-database-types", $output);
+                                        if (strpos($output, "postgresql") !== false)
+                                            $database_maxlength = 63  - strlen($user."_");
+                                        elseif (strpos($output, "mysql") !== false)
+                                            $database_maxlength = 64 - strlen($user."_");
+                                    ?>
+                                    <?php $database_maxlength = 64 - strlen($user."_"); ?>
+                                    <input type="text" size="20" class="vst-input" name="v_database" <?php if (!empty($database_maxlength)) echo "maxlength=".$database_maxlength; if (!empty($v_database)) echo "value=".$v_database; ?>>
                                     <small class="hint"></small>
                                 </td>
                             </tr>
                             <tr>
                                 <td class="vst-text" style="padding: 12px 0 0 0;">
-                                    <?php print __('User');?> 
+                                    <?php print __('User');?>
                                 </td>
                             </tr>
                             <tr>
                                 <td>
-                                    <input type="text" size="20" class="vst-input" name="v_dbuser" <?php if (!empty($v_dbuser)) echo "value=".$v_dbuser; ?>>
+                                    <?php
+                                        exec (VESTA_CMD."v-list-database-types", $output);
+                                        if (strpos($output, "mysql") !== false)
+                                            $dbuser_maxlength = 16 - strlen($user."_");
+                                        elseif (strpos($output, "postgresql") !== false)
+                                            $dbuser_maxlength = 63  - strlen($user."_");
+                                    ?>
+                                    <input type="text" size="20" class="vst-input" name="v_dbuser" <?php if (!empty($dbuser_maxlength)) echo "maxlength=".$dbuser_maxlength; if (!empty($v_dbuser)) echo "value=".$v_dbuser; ?>>
                                     <small class="hint"></small>
                                 </td>
                             </tr>
@@ -92,7 +107,7 @@
                             </tr>
                             <tr>
                                 <td class="vst-text" style="padding: 12px 0 0 0;">
-                                    <?php print __('Type');?> 
+                                    <?php print __('Type');?>
                                 </td>
                             </tr>
                             <tr>
@@ -104,13 +119,13 @@
                                                 if ((!empty($v_type)) && ( $value == $v_type )) echo ' selected';
                                                 echo ">".$value."</option>";
                                             }
-                                        ?> 
+                                        ?>
                                     </select>
                                 </td>
                             </tr>
                             <tr>
                                 <td class="vst-text" style="padding: 12px 0 0 0;">
-                                    <?php print __('Host');?> 
+                                    <?php print __('Host');?>
                                 </td>
                             </tr>
                             <tr>
@@ -122,14 +137,14 @@
                                                 if ((!empty($v_host)) && ( $key == $v_host )) echo ' selected';
                                                 echo ">".$key."</option>";
                                             }
-                                        ?> 
+                                        ?>
                                     </select>
                                 </td>
                             </tr>
 
                             <tr>
                                 <td class="vst-text" style="padding: 12px 0 0 0;">
-                                    <?php print __('Charset');?> 
+                                    <?php print __('Charset');?>
                                 </td>
                             </tr>
                             <tr>
@@ -175,7 +190,7 @@
                                 </td>
                             <tr>
                                 <td class="vst-text" style="padding: 12px 0 0 0;">
-                                    <?php print __('Send login credentials to email address') ?> 
+                                    <?php print __('Send login credentials to email address') ?>
                                 </td>
                             </tr>
                             <tr>