From 5045c7ee88c4dd07586179268799415b176e624c Mon Sep 17 00:00:00 2001
From: moglia <moglia@ispconfig3>
Date: Wed, 12 May 2010 14:41:58 -0400
Subject: [PATCH] Improved database list for turns end user life easy. If you are admin you need back to client list do consult id. Only admin can view CLIEND_ID for example and limited users can not know your id using easy way. This issue reported by my ispconfig end users. Direct show of end database user name resolve all of these steps on a single step.
---
server/lib/classes/db_mysql.inc.php | 121 +++++++++++++++++++++++++++++++++++++++-
1 files changed, 118 insertions(+), 3 deletions(-)
diff --git a/server/lib/classes/db_mysql.inc.php b/server/lib/classes/db_mysql.inc.php
index 672de7f..229b11e 100644
--- a/server/lib/classes/db_mysql.inc.php
+++ b/server/lib/classes/db_mysql.inc.php
@@ -52,6 +52,7 @@
$this->dbName = $conf["db_database"];
$this->dbUser = $conf["db_user"];
$this->dbPass = $conf["db_password"];
+ $this->dbCharset = $conf['db_charset'];
//$this->connect();
}
@@ -59,8 +60,8 @@
function updateError($location)
{
global $app;
- $this->errorNumber = mysql_errno();
- $this->errorMessage = mysql_error();
+ $this->errorNumber = mysql_errno($this->linkId);
+ $this->errorMessage = mysql_error($this->linkId);
$this->errorLocation = $location;
if($this->errorNumber && $this->show_error_messages && method_exists($app,'log'))
{
@@ -80,6 +81,8 @@
$this->updateError('DB::connect()-> mysql_connect');
return false;
}
+ $this->queryId = @mysql_query('SET NAMES '.$this->dbCharset, $this->linkId);
+ $this->queryId = @mysql_query("SET character_set_results = '".$this->dbCharset."', character_set_client = '".$this->dbCharset."', character_set_connection = '".$this->dbCharset."', character_set_database = '".$this->dbCharset."', character_set_server = '".$this->dbCharset."'", $this->linkId);
}
return true;
}
@@ -189,7 +192,8 @@
return $out;
}
-
+ /*
+ //* These functions are deprecated and will be removed.
function insert($tablename,$form,$debug = 0)
{
if(is_array($form)){
@@ -224,6 +228,117 @@
if($debug == 1) echo "mySQL Error Message: ".$this->errorMessage;
}
}
+ */
+
+ public function diffrec($record_old, $record_new) {
+ $diffrec_full = array();
+ $diff_num = 0;
+
+ if(is_array($record_old) && count($record_old) > 0) {
+ foreach($record_old as $key => $val) {
+ // if(!isset($record_new[$key]) || $record_new[$key] != $val) {
+ if($record_new[$key] != $val) {
+ // Record has changed
+ $diffrec_full['old'][$key] = $val;
+ $diffrec_full['new'][$key] = $record_new[$key];
+ $diff_num++;
+ } else {
+ $diffrec_full['old'][$key] = $val;
+ $diffrec_full['new'][$key] = $val;
+ }
+ }
+ } elseif(is_array($record_new)) {
+ foreach($record_new as $key => $val) {
+ if(isset($record_new[$key]) && @$record_old[$key] != $val) {
+ // Record has changed
+ $diffrec_full['new'][$key] = $val;
+ $diffrec_full['old'][$key] = @$record_old[$key];
+ $diff_num++;
+ } else {
+ $diffrec_full['new'][$key] = $val;
+ $diffrec_full['old'][$key] = $val;
+ }
+ }
+ }
+
+ return array('diff_num' => $diff_num, 'diff_rec' => $diffrec_full);
+
+ }
+
+ //** Function to fill the datalog with a full differential record.
+ public function datalogSave($db_table, $action, $primary_field, $primary_id, $record_old, $record_new) {
+ global $app,$conf;
+
+ // Insert backticks only for incomplete table names.
+ if(stristr($db_table,'.')) {
+ $escape = '';
+ } else {
+ $escape = '`';
+ }
+
+ $tmp = $this->diffrec($record_old, $record_new);
+ $diffrec_full = $tmp['diff_rec'];
+ $diff_num = $tmp['diff_num'];
+ unset($tmp);
+
+ // Insert the server_id, if the record has a server_id
+ $server_id = (isset($record_old["server_id"]) && $record_old["server_id"] > 0)?$record_old["server_id"]:0;
+ if(isset($record_new["server_id"])) $server_id = $record_new["server_id"];
+
+
+ if($diff_num > 0) {
+ //print_r($diff_num);
+ //print_r($diffrec_full);
+ $diffstr = $app->db->quote(serialize($diffrec_full));
+ $username = $app->db->quote($_SESSION["s"]["user"]["username"]);
+ $dbidx = $primary_field.":".$primary_id;
+
+ if($action == 'INSERT') $action = 'i';
+ if($action == 'UPDATE') $action = 'u';
+ if($action == 'DELETE') $action = 'd';
+ $sql = "INSERT INTO sys_datalog (dbtable,dbidx,server_id,action,tstamp,user,data) VALUES ('".$db_table."','$dbidx','$server_id','$action','".time()."','$username','$diffstr')";
+ $app->db->query($sql);
+ }
+
+ return true;
+ }
+
+ //** Inserts a record and saves the changes into the datalog
+ public function datalogInsert($tablename, $insert_data, $index_field) {
+ global $app;
+
+ $old_rec = array();
+ $this->query("INSERT INTO $tablename $insert_data");
+ $index_value = $this->insertID();
+ $new_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
+ $this->datalogSave($tablename, 'INSERT', $index_field, $index_value, $old_rec, $new_rec);
+
+ return $index_value;
+ }
+
+ //** Updates a record and saves the changes into the datalog
+ public function datalogUpdate($tablename, $update_data, $index_field, $index_value) {
+ global $app;
+
+ $old_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
+ $this->query("UPDATE $tablename SET $update_data WHERE $index_field = '$index_value'");
+ $new_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
+ $this->datalogSave($tablename, 'UPDATE', $index_field, $index_value, $old_rec, $new_rec);
+
+ return true;
+ }
+
+ //** Deletes a record and saves the changes into the datalog
+ public function datalogDelete($tablename, $index_field, $index_value) {
+ global $app;
+
+ $old_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
+ $this->query("DELETE FROM $tablename WHERE $index_field = '$index_value'");
+ $new_rec = array();
+ $this->datalogSave($tablename, 'DELETE', $index_field, $index_value, $old_rec, $new_rec);
+
+ return true;
+ }
public function closeConn()
{
--
Gitblit v1.9.1