From 3e52c062a8742605d5be6ed2a2d83686130943db Mon Sep 17 00:00:00 2001
From: dxr <dxr@ispconfig3>
Date: Mon, 23 Nov 2009 04:43:13 -0500
Subject: [PATCH] Update CHROOTED_DEBIAN_5.0.txt_beta
---
interface/lib/classes/remoting_lib.inc.php | 88 ++++++++++++++++++++++++++++++++++++++------
1 files changed, 76 insertions(+), 12 deletions(-)
diff --git a/interface/lib/classes/remoting_lib.inc.php b/interface/lib/classes/remoting_lib.inc.php
index 0908275..f5b88a5 100644
--- a/interface/lib/classes/remoting_lib.inc.php
+++ b/interface/lib/classes/remoting_lib.inc.php
@@ -26,6 +26,12 @@
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+--UPDATED 08.2009--
+Full SOAP support for ISPConfig 3.1.4 b
+Updated by Arkadiusz Roch & Artur Edelman
+Copyright (c) Tri-Plex technology
+
*/
/**
@@ -58,14 +64,10 @@
*
* Hinweis:
* Das ID-Feld ist nicht bei den Table Values einzuf�gen.
-*
-* @package form
-* @author Till Brehm
-* @version 1.1
*/
class remoting_lib {
-
+
/**
* Definition of the database atble (array)
* @var tableDef
@@ -291,14 +293,14 @@
switch ($field['datatype']) {
case 'VARCHAR':
if(!@is_array($record[$key])) {
- $new_record[$key] = (isset($record[$key]))?addslashes($record[$key]):'';
+ $new_record[$key] = (isset($record[$key]))?mysql_real_escape_string($record[$key]):'';
} else {
$new_record[$key] = implode($field['separator'],$record[$key]);
}
break;
case 'TEXT':
if(!is_array($record[$key])) {
- $new_record[$key] = addslashes($record[$key]);
+ $new_record[$key] = mysql_real_escape_string($record[$key]);
} else {
$new_record[$key] = implode($field['separator'],$record[$key]);
}
@@ -317,7 +319,7 @@
//if($key == 'refresh') die($record[$key]);
break;
case 'DOUBLE':
- $new_record[$key] = addslashes($record[$key]);
+ $new_record[$key] = mysql_real_escape_string($record[$key]);
break;
case 'CURRENCY':
$new_record[$key] = str_replace(",",".",$record[$key]);
@@ -371,7 +373,7 @@
}
break;
case 'UNIQUE':
- if($this->action == 'NEW') {
+ if($this->action == 'INSERT') {
$num_rec = $app->db->queryOneRecord("SELECT count(*) as number FROM ".$escape.$this->formDef['db_table'].$escape. " WHERE $field_name = '".$app->db->quote($field_value)."'");
if($num_rec["number"] > 0) {
$errmsg = $validator['errmsg'];
@@ -584,15 +586,77 @@
return $sql;
}
+
+ function getDeleteSQL($primary_id) {
+
+ if(stristr($this->formDef['db_table'],'.')) {
+ $escape = '';
+ } else {
+ $escape = '`';
+ }
+
+ $sql = "DELETE FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id;
+ return $sql;
+ }
function getDataRecord($primary_id) {
global $app;
$escape = '`';
- $sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id;
- return $app->db->queryOneRecord($sql);
+ if(@is_numeric($primary_id)) {
+ $sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$this->formDef['db_table_idx']." = ".$primary_id;
+ return $app->db->queryOneRecord($sql);
+ } elseif (@is_array($primary_id)) {
+ $sql_where = '';
+ foreach($primary_id as $key => $val) {
+ $key = $app->db->quote($key);
+ $val = $app->db->quote($val);
+ $sql_where .= "$key = '$val' AND ";
+ }
+ $sql_where = substr($sql_where,0,-5);
+ $sql = "SELECT * FROM ".$escape.$this->formDef['db_table'].$escape." WHERE ".$sql_where;
+ return $app->db->queryAllRecords($sql);
+ } else {
+ $this->errorMessage = 'The ID must be either an integer or an array.';
+ return array();
+ }
+
+
+ }
+
+ function ispconfig_sysuser_add($params,$insert_id){
+ global $app,$sql1;
+ $username = $app->db->quote($params["username"]);
+ $password = $app->db->quote($params["password"]);
+ $modules = 'mail,sites,dns,tools';
+ $startmodule = 'mail';
+ $usertheme = $app->db->quote($params["usertheme"]);
+ $type = 'user';
+ $active = 1;
+ $insert_id = intval($insert_id);
+ $language = $app->db->quote($params["language"]);
+ $groupid = $app->db->datalogInsert('sys_group', "(name,description,client_id) VALUES ('$username','','$insert_id')", 'groupid');
+ $groups = $groupid;
+ $sql1 = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
+ VALUES ('$username',md5('$password'),'$modules','$startmodule','$usertheme','$type','$active','$language',$groups,$groupid,$insert_id)";
+ $app->db->query($sql1);
}
+ function ispconfig_sysuser_update($params,$client_id){
+ global $app;
+ $username = $app->db->quote($params["username"]);
+ $password = $app->db->quote($params["password"]);
+ $client_id = intval($client_id);
+ $sql = "UPDATE sys_user set username = '$username', passwort = md5('$password') WHERE client_id = $client_id";
+ $app->db->query($sql);
+ }
+
+ function ispconfig_sysuser_delete($client_id){
+ global $app;
+ $client_id = intval($client_id);
+ $sql = "DELETE FROM sys_user WHERE client_id = $client_id";
+ $app->db->query($sql);
+ }
function datalogSave($action,$primary_id, $record_old, $record_new) {
global $app,$conf;
@@ -681,4 +745,4 @@
}
-?>
\ No newline at end of file
+?>
--
Gitblit v1.9.1