Create Database API

[SeLLeRoNe]

Hi,

im having a strange bug with the API for create a DB for one user.

Here the code:

<?php

include 'httpsocket.php';

$dbuser = "databaseuser";
$dbname = "databasebname";
$dbpass = "databasepass";

$sock = new HTTPSocket;
$sock->connect('localhost',2222);

$sock->set_login("admin|cn_user","password");

$sock->set_method('POST');

$sock->query('/CMD_API_DATABASES',
        array(
                'action' => 'create',
                'name' => $dbname,
                'user' => $dbuser,
                'passwd' => $dbpass,
                'passwd2' => $dbpass,
                'create' => 'Create'
    ));

$result = $sock->fetch_body();

?>

The bug is this.

When DB get created (the API work correctly) the user account pass get changed to the DB pass aswell O_O

So, if user have userpass "AAA" and dbpass is "BBB" after the db get created userpass is "BBB" and dbpass is "BBB".

Hope someone can help me on it, or, DA Staff solve this issue/bug.

Thanks

Regards

 

[Acceleratic]

don't set "Create"

This works for me:

array(
 "action" => "create",
 "name" => $db_name,
 "user" => $db_user,
 "passwd" => $db_pass,
 "passwd2" => $db_pass_validated
));

Add:
what is the | standing for in username? (curious )

 

[SeLLeRoNe]

i dont have every user password, the admin|USER with admin password let you log as username using admin credentials

Regards

 

[Acceleratic]

nice feature, wasn't aware of it thanks for clearing that up!

Let me know if my solution worked oki

 

[SeLLeRoNe]

Removing

'create' => 'Create'

Solved the problem


Thanks a lot

Regards

 

[SeLLeRoNe]

Mmmh, didnt totally solved.

The DA Login Password isnt changed.

But the password for user (not user_db) is changed with the user_db password.

Any idea?

Regards

 

[DirectAdmin Support]

Hello,

When DB get created (the API work correctly) the user account pass get changed to the DB pass aswell O_O

That's a normal behavior. The reason is that DA has no way of knowing the User account password if you're using the login-as system. Since we don't want to set the password to the admin's value (from the session, which is where the User pass normally come from), DA has no choice but to use the same password as the new db_user.

Quirky yes, but due the fact that DA doesn't have a way to get the plaintext User pass, it reverts to this method.

Using the direct method would work:

$sock->set_login("[b]cn_user[/b]","password");

John

 

[SeLLeRoNe]

yes but i cannot know everytime the customer password, and would prefer to dont edit his own password everytime i create a DB.

Why is needed to change user mysql password? Should just use da_admin for crete user's database credentials and set permissions?

Cause with this i force user to re-set his mysql main password each time if he need/use it different from db_pass

Regards

 

[DirectAdmin Support]

Hello,

If there is already a database, then I could add a check to prevent the reset of the main account. The actual "GRANT" command for the username on the DB contains the "IDENTIFIED BY" option, hence it's being set. I can add a check to see if the username already exists, and remove the IDENTIFIED BY option.

However, if there are not already any other databases, then there wouldn't be any choice but to use the db_user pass, as the username password needs to be set to something else.

John

 

[SeLLeRoNe]

But when i use control panel logged as admin and then logged as user that doesnt happen, so, the cp is working differntly from the api?

 

[DirectAdmin Support]

Hello,

But when i use control panel logged as admin and then logged as user that doesnt happen, so, the cp is working differntly from the api?

It should be the same for both (same code is used)... I can recheck, but it's always been that way (unless I fixed it somehow, but forgot).

Been that way since this:
http://www.directadmin.com/features.php?id=428

John

 

[SeLLeRoNe]

Oh,

you're right, ive never noticed that.

What about exclude the main user pass from the db access? That would be an bigger security for have different password for mysql access and account access or there are other needs for this?

Regards

 

[DirectAdmin Support]

Hello,

Although I agree that fewer Users with access to a database is more secure, for those who have several databases, they'd complain fairly quickly if they didn't have access to all of them under one User... and although they can create a user_dbname which spans all databases, the ability to use the same username/pass combo across the board (email, ftp, DA, DB), was demanded quite heavily, hence it's there. It's not my first choice but for clients who can't keep track of many username/passwords, it's somewhat of a necessity.

John

 

[SeLLeRoNe]

I see, so there no way to solve/bypass that right? Except for already existing db.

But, on second db created how will take credentials? The main db pass will be set to latest db created?

 

[SeLLeRoNe]

First db create the password for db main account if i understand well, while all other keep the already existing user, so, if im right, why dont just create the main db user on user creation?

Regards

 

[DirectAdmin Support]

I see, so there no way to solve/bypass that right? Except for already existing db

correct, since the plaintext password is not stored anywhere on the system, and the other places where it is stored, it's in MD5, something that mysql doesn't use.

But, on second db created how will take credentials? The main db pass will be set to latest db created?

The username won't be set to anything, thus retaining the previous value (assumed to have been created by the User). The 2nd DB was overwriting the username value in the mysql.user table. But this change will mean it won't touch that table, but will still add the main account to the mysql.db table, so it's linked up to the new DB.

You won't change anything you're doing.

so, if im right, why dont just create the main db user on user creation?

Yes, that would be another option. Should be easy enough to throw in.

John

 

[SeLLeRoNe]

This will defintly solve this issue i think

The only problem would be that user can access phpmyadmin when no-db has been created, but thats doesnt seems to be a big proble.

Hope that can be done soon if you and community agree with this.

Regards

EDIT. Should be done with create_user_post.sh aswell right? Have you the mysql syntax for that so i can (at least for now) do it with script?

Regads

 

[balaonline]

Hello,i want to connect my desktop application remotely on db created in direct admin,the problem is after creating a user for my db, the link given is localhost instead of www.mydb_connect.com which i would use in the connection string in my java application, please how can i connect remotely in direct admin? Regards

 

[Zhenyapan]

Hello,i want to connect my desktop application remotely

you must set in directadmin access hosts for this DB user your home IP (if it static) or symbol % for any IPs. this will allow remote connections.
then in your Java use server IP as host, or any domain that points to this server directly (by A or NS record)