table maintenance in admin CP

[Thoronador]

The attached acp script allows to do some simple maintenance operations on Frogsystem's tables (check, repair, analyze, optimize).

[mrgrain]

The script shows all available tables for user. In my opinion, it would be better to show only the tables of the fs2-database. (maybe limited to fs2 tables only, but in most cases other tables in the same database are at least related to the specific website.)

nice work anyway.

[Thoronador]

The script should only show the FS2 tables, or more specific the tables whose name starts with the table prefix for FS2, the query selects only those: 'SELECT * FROM information_schema.tables WHERE table_name LIKE \''.$FD->config('pref').'%\' ORDER BY table_name ASC'

However, that does not prevent the user from performing check/repair/analyze/optimize on other tables in the DB, if he/she sends a crafted POST request to the script and the DB user given in FS2's login script has the privileges to do so. But that does not do any severe damage like altering/deleting data in the tables. The worst thing a malicious user could possibly do is send check requests for all tables in the DB again and again and again..., thus slowing the DB server down. But even with checking whether the tables really belong to fs2, somebody could still do that - FS2 has enough tables to keep a MySQL server busy with that method.

But maybe I'll implement such a check later.

[Thoronador]

Alright, I've implemented a check for table names. That way we also avoid error messages when someone tries to operate on non-existing tables (via forged form data).

Please pull again from branch feature-table-admin.

[mrgrain]

Seems fine now.