From f8b374866826cad80a4c893172abea4bd555770d Mon Sep 17 00:00:00 2001
From: Daniel Winzen <d@winzen4.de>
Date: Thu, 21 Feb 2019 21:50:23 +0100
Subject: [PATCH] Allow users to delete their databases

---
 var/www/common.php    | 14 ++++++++++++++
 var/www/html/home.php | 33 +++++++++++++++++++++++++++++++--
 2 files changed, 45 insertions(+), 2 deletions(-)

diff --git a/var/www/common.php b/var/www/common.php
index 42dbd6c..242b2bf 100644
--- a/var/www/common.php
+++ b/var/www/common.php
@@ -516,6 +516,20 @@ function add_user_db(PDO $db, int $user_id) : ?string {
 	return $mysql_db;
 }
 
+function del_user_db(PDO $db, int $user_id, string $mysql_db) {
+	$stmt = $db->prepare('SELECT mysql_user FROM users WHERE id = ?;');
+	$stmt->execute([$user_id]);
+	$user = $stmt->fetch(PDO::FETCH_ASSOC);
+	$stmt = $db->prepare('SELECT null FROM mysql_databases WHERE user_id = ? AND mysql_database = ?;');
+	$stmt->execute([$user_id, $mysql_db]);
+	if($stmt->fetch()){
+		$db->exec('REVOKE ALL PRIVILEGES ON `'.preg_replace('/[^a-z0-9]/i', '', $mysql_db)."`.* FROM '".preg_replace('/[^a-z0-9]/i', '', $user['mysql_user'])."'@'%';");
+		$db->exec('DROP DATABASE IF EXISTS `'.preg_replace('/[^a-z0-9]/i', '', $mysql_db).'`;');
+		$stmt = $db->prepare('DELETE FROM mysql_databases WHERE user_id = ? AND mysql_database = ?;');
+		$stmt->execute([$user_id, $mysql_db]);
+	}
+}
+
 function check_csrf_error(){
 	if(empty($_POST['csrf_token']) || $_POST['csrf_token'] !== $_SESSION['csrf_token']){
 		return 'Invalid CSRF token, please try again.';
diff --git a/var/www/html/home.php b/var/www/html/home.php
index 75dab22..1d19e0d 100644
--- a/var/www/html/home.php
+++ b/var/www/html/home.php
@@ -13,6 +13,31 @@ if(isset($_POST['action']) && $_POST['action']==='add_db'){
 	}
 	add_user_db($db, $user['id']);
 }
+if(isset($_POST['action']) && $_POST['action']==='del_db' && !empty($_POST['db'])){
+	if($error=check_csrf_error()){
+		die($error);
+	} ?>
+<!DOCTYPE html><html><head>
+<title>Daniel's Hosting - Delete database</title>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<meta name="author" content="Daniel Winzen">
+<meta name="viewport" content="width=device-width, initial-scale=1">
+</head><body>
+<p>This will delete your database <?php echo htmlspecialchars($_POST['db']); ?> and all data asociated with it. It can't be un-done. Are you sure?</p>
+<form method="post" action="home.php"><input type="hidden" name="csrf_token" value="<?php echo $_SESSION['csrf_token']; ?>">
+<input type="hidden" name="db" value="<?php echo htmlspecialchars($_POST['db']); ?>">
+<button type="submit" name="action" value="del_db_2">Yes, delete</button>
+</form>
+<p><a href="home.php">No, don't delete.</a></p>
+</body></html><?php
+exit;
+}
+if(isset($_POST['action']) && $_POST['action']==='del_db_2' && !empty($_POST['db'])){
+	if($error=check_csrf_error()){
+		die($error);
+	}
+	del_user_db($db, $user['id'], $_POST['db']);
+}
 if(isset($_REQUEST['action']) && isset($_REQUEST['onion']) && $_REQUEST['action']==='edit'){
 	if($error=check_csrf_error()){
 		die($error);
@@ -82,13 +107,17 @@ while($onion=$stmt->fetch(PDO::FETCH_ASSOC)){
 echo '</table>';
 echo '<h3>MySQL Database</h3>';
 echo '<table border="1">';
-echo '<tr><th>Database</th><th>Host</th><th>User</th></tr>';
+echo '<tr><th>Database</th><th>Host</th><th>User</th><th>Action</th></tr>';
 $stmt=$db->prepare('SELECT mysql_database FROM mysql_databases WHERE user_id = ?;');
 $stmt->execute([$user['id']]);
 $count_dbs = 0;
 while($mysql=$stmt->fetch(PDO::FETCH_ASSOC)){
 	++$count_dbs;
-	echo "<tr><td>$mysql[mysql_database]</td><td>localhost</td><td>$user[mysql_user]</td></tr>";
+	echo '<form action="home.php" method="post">';
+	echo '<input type="hidden" name="csrf_token" value="'.$_SESSION['csrf_token'].'">';
+	echo '<input type="hidden" name="db" value="'.$mysql['mysql_database'].'">';
+	echo "<tr><td>$mysql[mysql_database]</td><td>localhost</td><td>$user[mysql_user]</td><td><button type=\"submit\" name=\"action\" value=\"del_db\">Delete</button></td></tr>";
+	echo '</form>';
 }
 echo '</table>';
 if($count_dbs<MAX_NUM_USER_DBS){