From 2bbc4c7761a6d0e97cc8f22bccbea94835fcbc7d Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Fri, 28 Aug 2009 06:55:06 -0400
Subject: [PATCH] Add the website user and group also to the passwd and group files in chroot enviroment.

---
 interface/lib/classes/db_mysql.inc.php |   57 ++++++++++++++++++++++++++++-----------------------------
 1 files changed, 28 insertions(+), 29 deletions(-)

diff --git a/interface/lib/classes/db_mysql.inc.php b/interface/lib/classes/db_mysql.inc.php
index eaa57b0..ed35b41 100644
--- a/interface/lib/classes/db_mysql.inc.php
+++ b/interface/lib/classes/db_mysql.inc.php
@@ -1,14 +1,7 @@
 <?php
-/**
- * mySQL Database class
- * 
- * @author Till Brehm
- * @copyright  2005, Till Brehm, projektfarm Gmbh
- * @version 0.2
- * @package ISPConfig
- */
+
 /*
-Copyright (c) 2005, Till Brehm, projektfarm Gmbh
+Copyright (c) 2007, Till Brehm, projektfarm Gmbh
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification,
@@ -35,20 +28,20 @@
 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
 
-class db
-{
-	private $dbHost = '';		// hostname of the MySQL server
-	private $dbName = '';		// logical database name on that server
-	private $dbUser = '';		// database authorized user
-	private $dbPass = '';		// user's password
-	private $linkId = 0;		// last result of mysql_connect()
-	private $queryId = 0;		// last result of mysql_query()
-	private $record	= array();	// last record fetched
-    private $autoCommit = 1;    // Autocommit Transactions
-	private $currentRow;		// current row number
-	private $errorNumber = 0;	// last error number
-	public $errorMessage = '';	// last error message
-	private $errorLocation = '';// last error location
+class db {
+	private $dbHost = '';		   // hostname of the MySQL server
+	private $dbName = '';		   // logical database name on that server
+	private $dbUser = '';		   // database authorized user
+	private $dbPass = '';		   // user's password
+    private $dbCharset = "";       // what charset comes and goes to mysql: utf8 / latin1
+	private $linkId = 0;		   // last result of mysql_connect()
+	private $queryId = 0;		   // last result of mysql_query()
+	private $record	= array();	   // last record fetched
+    private $autoCommit = 1;       // Autocommit Transactions
+	private $currentRow;		   // current row number
+	private $errorNumber = 0;	   // last error number
+	public $errorMessage = '';	   // last error message
+	private $errorLocation = '';   // last error location
 	public $show_error_messages = false;
 
 	public function __construct()
@@ -58,6 +51,7 @@
 		$this->dbName = $conf['db_database'];
 		$this->dbUser = $conf['db_user'];
 		$this->dbPass = $conf['db_password'];
+		$this->dbCharset = $conf['db_charset'];
 		//$this->connect();
 	}
 
@@ -81,6 +75,7 @@
 				$this->updateError('DB::connect()<br />mysql_connect');
 				return false;
 			}
+    		$this->queryId = @mysql_query('SET NAMES '.$this->dbCharset, $this->linkId);
 		}
 		return true;
 	}
@@ -160,10 +155,14 @@
         return $this->quote($formfield);
     }
 		
-	/** Escapes quotes in variable. addslashes() */
+	/** Escapes quotes in variable. mysql_real_escape_string() */
     public function quote($formfield)
-    {
-        return addslashes($formfield);
+    {	
+		if(!$this->connect()){
+			$this->updateError('WARNING: mysql_connect: Used addslashes instead of mysql_real_escape_string');
+			return addslashes($formfield);
+		}
+        return mysql_real_escape_string($formfield, $this->linkId);
     }
 		
 	/** Unquotes a variable, strip_slashes() */
@@ -246,10 +245,10 @@
 			}
 		} elseif(is_array($record_new)) {
 			foreach($record_new as $key => $val) {
-				if(isset($record_new[$key]) && $record_old[$key] != $val) {
+				if(isset($record_new[$key]) && @$record_old[$key] != $val) {
 					// Record has changed
 					$diffrec_full['new'][$key] = $val;
-					$diffrec_full['old'][$key] = $record_old[$key];
+					$diffrec_full['old'][$key] = @$record_old[$key];
 					$diff_num++;
 				} else {
 					$diffrec_full['new'][$key] = $val;
@@ -288,7 +287,7 @@
 		$new_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
 		$this->datalogSave($tablename, 'INSERT', $index_field, $index_value, $old_rec, $new_rec);
 		
-		return true;
+		return $index_value;
 	}
 	
 	//** Updates a record and saves the changes into the datalog

--
Gitblit v1.9.1