Results 1 to 4 of 4

Thread: BIG BUG in deleting accounts

  1. #1
    Registered Member
    Join Date
    May 2003
    Posts
    93

    Default BIG BUG in deleting accounts

    i discovered today that /scripts/killacct has this code:

    Code:
    else {
        my $mysql = cPScript::Mysql->new;
        $mysql->sendmysql("DELETE FROM user WHERE user='$user';");
        $mysql->sendmysql("DELETE FROM user WHERE user LIKE '${user}_%';");
        $mysql->sendmysql("DELETE FROM db WHERE user='$user';");
        $mysql->sendmysql("DELETE FROM db WHERE user LIKE '${user}_%';");
        $mysql->sendmysql("DELETE FROM tables_priv WHERE user='$user';");
        $mysql->sendmysql("DELETE FROM tables_priv WHERE user LIKE '${user}_%';");
        $mysql->sendmysql("DELETE FROM columns_priv WHERE user='$user';");
        $mysql->sendmysql("DELETE FROM columns_priv WHERE user LIKE '${user}_%';");
        $mysql->sendmysql("FLUSH PRIVILEGES;");
        exit();
    }
    thanks to this when deleting account "rage", it deleted all mysql users in accounts rage2, rage3, rage4, rage5

    i understand why it is deleting like this but there should be warning - DO NOT CREATE(or delete ) ACCOUNTS WITH THE SAME USERNAME<number>

    that took me little over hour to track why suddently my mysql users were gone - not cool i started to think HACKED - checked all apache logs first :/

    can someone from cpanel think of better way to delete db?

  2. #2
    Registered Member h2oski's Avatar
    Join Date
    Dec 2001
    Posts
    71

    Default

    looks like they just need to escape the _
    In the query above it is being interpreted as a single character wildcard, but I assume cpanel wants it to be interpreted as a literal underscore

  3. #3
    Registered Member hostmedic's Avatar
    Join Date
    Apr 2003
    Location
    Washington Court House, Ohio, United States
    Posts
    559
    cPanel/WHM Access Level

    DataCenter Provider

    Thumbs up i was going to add to bugtrack - - but

    I was going to add this to bugtrack - looked to see if you did and did not see it - but a worth while suggestion.

    thanks for the FYI
    have a few clients that resell doing this method
    OUCH



    Feel like your Cloud Provider's just weathering the storm? Hop Off the Cloud - The Weathers nicer over here.

  4. #4
    Registered Member
    Join Date
    May 2003
    Posts
    93

    Default

    added Bugzilla Bug 3859

    and no problem - it is good to leave info for someone looking for help - it saves people time
    Last edited by heavypredator; 02-03-2006 at 08:48 AM.

Similar Threads

  1. Deleting not working accounts (bug?)
    By Danny_T in forum cPGS Discussions
    Replies: 3
    Last Post: 09-12-2007, 02:19 PM
  2. A big bug
    By mahdionline in forum cPanel & WHM Discussions
    Replies: 4
    Last Post: 10-27-2004, 08:29 PM
  3. Big Bug?
    By r00t316 in forum cPanel & WHM Discussions
    Replies: 1
    Last Post: 07-27-2004, 12:01 AM
  4. big bug cpanel user
    By mambix in forum cPanel & WHM Discussions
    Replies: 5
    Last Post: 06-16-2004, 05:53 PM
  5. BUG - Big problem
    By Custom-Hosting in forum cPanel & WHM Discussions
    Replies: 9
    Last Post: 03-22-2004, 12:32 PM
bargain