From 0935854d49e3a269a83b81f764147853a04b711c Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Sat, 20 Sep 2008 04:20:06 -0400
Subject: [PATCH] Fixed a bug in tform.inc.php
---
interface/lib/classes/db_mysql.inc.php | 161 +++++++++++++++++++++++++++++++++++++++++++++++------
1 files changed, 142 insertions(+), 19 deletions(-)
diff --git a/interface/lib/classes/db_mysql.inc.php b/interface/lib/classes/db_mysql.inc.php
index 564b7b6..ca3b38c 100644
--- a/interface/lib/classes/db_mysql.inc.php
+++ b/interface/lib/classes/db_mysql.inc.php
@@ -4,7 +4,7 @@
*
* @author Till Brehm
* @copyright 2005, Till Brehm, projektfarm Gmbh
- * @version 0.1
+ * @version 0.2
* @package ISPConfig
*/
/*
@@ -49,7 +49,7 @@
private $errorNumber = 0; // last error number
public $errorMessage = ''; // last error message
private $errorLocation = '';// last error location
- private $show_error_messages = false;
+ public $show_error_messages = false;
public function __construct()
{
@@ -160,10 +160,14 @@
return $this->quote($formfield);
}
- /** Escapes quotes in variable. addslashes() */
+ /** Escapes quotes in variable. mysql_real_escape_string() */
public function quote($formfield)
- {
- return addslashes($formfield);
+ {
+ if(!$this->connect()){
+ $this->updateError('WARNING: mysql_connect: Used addslashes instead of mysql_real_escape_string');
+ return addslashes($formfield);
+ }
+ return mysql_real_escape_string($formfield, $this->linkId);
}
/** Unquotes a variable, strip_slashes() */
@@ -183,7 +187,8 @@
return $out;
}
-
+ // deprecated
+ /*
public function insert($tablename, $form, $debug = 0)
{
if(is_array($form)){
@@ -200,7 +205,8 @@
if($debug == 1){ echo 'mySQL Error Message: '.$this->errorMessage; }
}
}
-
+
+ // Deprecated
public function update($tablename, $form, $bedingung, $debug = 0)
{
if(is_array($form)){
@@ -214,23 +220,138 @@
if($debug == 1){ echo 'mySQL Error Message: '.$this->errorMessage; }
}
}
+ */
+
+ //** Function to fill the datalog with a full differential record.
+ public function datalogSave($db_table, $action, $primary_field, $primary_id, $record_old, $record_new) {
+ global $app,$conf;
+
+ // Insert backticks only for incomplete table names.
+ if(stristr($db_table,'.')) {
+ $escape = '';
+ } else {
+ $escape = '`';
+ }
+
+ $diffrec_full = array();
+ $diff_num = 0;
+
+ if(is_array($record_old) && count($record_old) > 0) {
+ foreach($record_old as $key => $val) {
+ if(!isset($record_new[$key]) || $record_new[$key] != $val) {
+ // Record has changed
+ $diffrec_full['old'][$key] = $val;
+ $diffrec_full['new'][$key] = $record_new[$key];
+ $diff_num++;
+ } else {
+ $diffrec_full['old'][$key] = $val;
+ $diffrec_full['new'][$key] = $val;
+ }
+ }
+ } elseif(is_array($record_new)) {
+ foreach($record_new as $key => $val) {
+ if(isset($record_new[$key]) && $record_old[$key] != $val) {
+ // Record has changed
+ $diffrec_full['new'][$key] = $val;
+ $diffrec_full['old'][$key] = $record_old[$key];
+ $diff_num++;
+ } else {
+ $diffrec_full['new'][$key] = $val;
+ $diffrec_full['old'][$key] = $val;
+ }
+ }
+ }
+
+ // Insert the server_id, if the record has a server_id
+ $server_id = (isset($record_old["server_id"]) && $record_old["server_id"] > 0)?$record_old["server_id"]:0;
+ if(isset($record_new["server_id"])) $server_id = $record_new["server_id"];
+
+
+ if($diff_num > 0) {
+ $diffstr = $app->db->quote(serialize($diffrec_full));
+ $username = $app->db->quote($_SESSION["s"]["user"]["username"]);
+ $dbidx = $primary_field.":".$primary_id;
+
+ if($action == 'INSERT') $action = 'i';
+ if($action == 'UPDATE') $action = 'u';
+ if($action == 'DELETE') $action = 'd';
+ $sql = "INSERT INTO sys_datalog (dbtable,dbidx,server_id,action,tstamp,user,data) VALUES ('".$db_table."','$dbidx','$server_id','$action','".time()."','$username','$diffstr')";
+ $app->db->query($sql);
+ }
+
+ return true;
+ }
+
+ //** Inserts a record and saves the changes into the datalog
+ public function datalogInsert($tablename, $insert_data, $index_field) {
+ global $app;
+
+ $old_rec = array();
+ $this->query("INSERT INTO $tablename $insert_data");
+ $index_value = $this->insertID();
+ $new_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
+ $this->datalogSave($tablename, 'INSERT', $index_field, $index_value, $old_rec, $new_rec);
+
+ return true;
+ }
+
+ //** Updates a record and saves the changes into the datalog
+ public function datalogUpdate($tablename, $update_data, $index_field, $index_value) {
+ global $app;
+
+ $old_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
+ $this->query("UPDATE $tablename SET $update_data WHERE $index_field = '$index_value'");
+ $new_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
+ $this->datalogSave($tablename, 'UPDATE', $index_field, $index_value, $old_rec, $new_rec);
+
+ return true;
+ }
+
+ //** Deletes a record and saves the changes into the datalog
+ public function datalogDelete($tablename, $index_field, $index_value) {
+ global $app;
+
+ $old_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
+ $this->query("DELETE FROM $tablename WHERE $index_field = '$index_value'");
+ $new_rec = array();
+ $this->datalogSave($tablename, 'DELETE', $index_field, $index_value, $old_rec, $new_rec);
+
+ return true;
+ }
+
+
public function closeConn()
{
+ if($this->linkId)
+ {
+ mysql_close($this->linkId);
+ return true;
+ } else { return false; }
}
- public function freeResult()
+ public function freeResult($query)
{
+ if(mysql_free_result($query))
+ {
+ return true;
+ } else {
+ return false;
+ }
}
-
+
+ /*
public function delete()
{
}
-
+ */
+
+ /*
public function Transaction($action)
{
//action = begin, commit oder rollback
}
+ */
/** Creates a database table with the following format for the $columns array
* <code>
@@ -245,6 +366,8 @@
* option => unique | primary | index)
* </code>
*/
+
+
public function createTable($table_name, $columns)
{
$index = '';
@@ -252,7 +375,7 @@
foreach($columns as $col){
$sql .= $col['name'].' '.$this->mapType($col['type'], $col['typeValue']).' ';
//* Set default value
- if($col['defaultValue'] != '') {
+ if(isset($col['defaultValue']) && $col['defaultValue'] != '') {
if($col['defaultValue'] == 'NULL' or $col['defaultValue'] == 'NOT NULL') {
$sql .= 'DEFAULT '.$col['defaultValue'].' ';
} else {
@@ -261,19 +384,19 @@
} elseif($col['defaultValue'] != false) {
$sql .= "DEFAULT '' ";
}
- if($col['defaultValue'] != 'NULL' && $col['defaultValue'] != 'NOT NULL') {
+ if(isset($col['defaultValue']) && $col['defaultValue'] != 'NULL' && $col['defaultValue'] != 'NOT NULL') {
if($col['notNull'] == true) {
$sql .= 'NOT NULL ';
} else {
$sql .= 'NULL ';
}
}
- if($col['autoInc'] == true){ $sql .= 'auto_increment '; }
+ if(isset($col['autoInc']) && $col['autoInc'] == true){ $sql .= 'auto_increment '; }
$sql.= ',';
//* Index Definitions
- if($col['option'] == 'primary'){ $index .= 'PRIMARY KEY ('.$col['name'].'),'; }
- if($col['option'] == 'index'){ $index .= 'INDEX ('.$col['name'].'),'; }
- if($col['option'] == 'unique'){ $index .= 'UNIQUE ('.$col['name'].'),'; }
+ if(isset($col['option']) && $col['option'] == 'primary'){ $index .= 'PRIMARY KEY ('.$col['name'].'),'; }
+ if(isset($col['option']) && $col['option'] == 'index'){ $index .= 'INDEX ('.$col['name'].'),'; }
+ if(isset($col['option']) && $col['option'] == 'unique'){ $index .= 'UNIQUE ('.$col['name'].'),'; }
}
$sql .= $index;
$sql = substr($sql,0,-1);
@@ -341,10 +464,10 @@
if($database_name == ''){
$database_name = $this->dbName;
}
- $result = mysql_list_tables($database_name);
+ $result = @mysql_list_tables($database_name);
$tb_names = array();
- for ($i = 0; $i < mysql_num_rows($result); $i++) {
- $tb_names[$i] = mysql_tablename($result, $i);
+ for ($i = 0; $i < @mysql_num_rows($result); $i++) {
+ $tb_names[$i] = @mysql_tablename($result, $i);
}
return $tb_names;
}
--
Gitblit v1.9.1