Results 1 to 4 of 4

Thread: BIG BUG in deleting accounts

  1. #1
    Registered Member
    Join Date
    May 2003

    Default BIG BUG in deleting accounts

    i discovered today that /scripts/killacct has this code:

    else {
        my $mysql = cPScript::Mysql->new;
        $mysql->sendmysql("DELETE FROM user WHERE user='$user';");
        $mysql->sendmysql("DELETE FROM user WHERE user LIKE '${user}_%';");
        $mysql->sendmysql("DELETE FROM db WHERE user='$user';");
        $mysql->sendmysql("DELETE FROM db WHERE user LIKE '${user}_%';");
        $mysql->sendmysql("DELETE FROM tables_priv WHERE user='$user';");
        $mysql->sendmysql("DELETE FROM tables_priv WHERE user LIKE '${user}_%';");
        $mysql->sendmysql("DELETE FROM columns_priv WHERE user='$user';");
        $mysql->sendmysql("DELETE FROM columns_priv WHERE user LIKE '${user}_%';");
        $mysql->sendmysql("FLUSH PRIVILEGES;");
    thanks to this when deleting account "rage", it deleted all mysql users in accounts rage2, rage3, rage4, rage5

    i understand why it is deleting like this but there should be warning - DO NOT CREATE(or delete ) ACCOUNTS WITH THE SAME USERNAME<number>

    that took me little over hour to track why suddently my mysql users were gone - not cool i started to think HACKED - checked all apache logs first :/

    can someone from cpanel think of better way to delete db?

  2. #2
    Registered Member h2oski's Avatar
    Join Date
    Dec 2001


    looks like they just need to escape the _
    In the query above it is being interpreted as a single character wildcard, but I assume cpanel wants it to be interpreted as a literal underscore

  3. #3
    Registered Member hostmedic's Avatar
    Join Date
    Apr 2003
    Washington Court House, Ohio, United States
    cPanel Access Level

    DataCenter Provider

    Thumbs up i was going to add to bugtrack - - but

    I was going to add this to bugtrack - looked to see if you did and did not see it - but a worth while suggestion.

    thanks for the FYI
    have a few clients that resell doing this method

    Feel like your Cloud Provider's just weathering the storm? Hop Off the Cloud - The Weathers nicer over here.

  4. #4
    Registered Member
    Join Date
    May 2003


    added Bugzilla Bug 3859

    and no problem - it is good to leave info for someone looking for help - it saves people time
    Last edited by heavypredator; 02-03-2006 at 09:48 AM.

Similar Threads

  1. A big bug
    By mahdionline in forum General Discussion
    Replies: 4
    Last Post: 10-27-2004, 09:29 PM
  2. Big Bug?
    By r00t316 in forum General Discussion
    Replies: 1
    Last Post: 07-27-2004, 01:01 AM
  3. big bug cpanel user
    By mambix in forum General Discussion
    Replies: 5
    Last Post: 06-16-2004, 06:53 PM
  4. BUG - Big problem
    By Custom-Hosting in forum General Discussion
    Replies: 9
    Last Post: 03-22-2004, 01:32 PM