From 6b1fde7e9a450ae8e4835f7e8c2ba1f398e78c1f Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 21 May 2015 04:14:10 -0400
Subject: [PATCH] Merge remote-tracking branch 'ispc/master'
---
interface/lib/classes/aps_guicontroller.inc.php | 326 +++++++++++++++++++++++++++++-------------------------
1 files changed, 175 insertions(+), 151 deletions(-)
diff --git a/interface/lib/classes/aps_guicontroller.inc.php b/interface/lib/classes/aps_guicontroller.inc.php
index f6a0ff4..db1c148 100644
--- a/interface/lib/classes/aps_guicontroller.inc.php
+++ b/interface/lib/classes/aps_guicontroller.inc.php
@@ -100,7 +100,7 @@
$customerdata = $app->db->queryOneRecord("SELECT client_id FROM sys_group, web_domain
WHERE web_domain.sys_groupid = sys_group.groupid
- AND web_domain.domain = '".$app->db->quote($domain)."';");
+ AND web_domain.domain = ?", $domain);
if(!empty($customerdata)) $customerid = $customerdata['client_id'];
return $customerid;
@@ -122,14 +122,14 @@
$websrv = $app->db->queryOneRecord("SELECT server_id FROM web_domain
WHERE domain = (SELECT value FROM aps_instances_settings
- WHERE name = 'main_domain' AND instance_id = ".$app->db->quote($instanceid).");");
+ WHERE name = 'main_domain' AND instance_id = ?)", $instanceid);
// If $websrv is empty, an error has occured. Domain no longer existing? Settings table damaged?
// Anyhow, remove this instance record because it's not useful at all
if(empty($websrv))
{
- $app->db->query("DELETE FROM aps_instances WHERE id = ".$app->db->quote($instanceid).";");
- $app->db->query("DELETE FROM aps_instances_settings WHERE instance_id = ".$app->db->quote($instanceid).";");
+ $app->db->query("DELETE FROM aps_instances WHERE id = ?", $instanceid);
+ $app->db->query("DELETE FROM aps_instances_settings WHERE instance_id = ?", $instanceid);
}
else $webserver_id = $websrv['server_id'];
@@ -154,9 +154,9 @@
$result = $app->db->queryOneRecord("SELECT id, name,
CONCAT(version, '-', CAST(`release` AS CHAR)) AS current_version
FROM aps_packages
- WHERE name = (SELECT name FROM aps_packages WHERE id = ".$app->db->quote($id).")
+ WHERE name = (SELECT name FROM aps_packages WHERE id = ?)
AND package_status = 2
- ORDER BY REPLACE(version, '.', '')+0 DESC, `release` DESC");
+ ORDER BY REPLACE(version, '.', '')+0 DESC, `release` DESC", $id);
if(!empty($result) && ($id != $result['id'])) return $result['id'];
@@ -180,7 +180,7 @@
'package_status = '.PACKAGE_ENABLED.' AND' :
'(package_status = '.PACKAGE_ENABLED.' OR package_status = '.PACKAGE_LOCKED.') AND';
- $result = $app->db->queryOneRecord("SELECT id FROM aps_packages WHERE ".$sql_ext." id = ".$app->db->quote($id).";");
+ $result = $app->db->queryOneRecord("SELECT id FROM aps_packages WHERE ".$sql_ext." id = ?", $id);
if(!$result) return false;
return true;
@@ -203,16 +203,132 @@
if(preg_match('/^[0-9]+$/', $id) != 1) return false;
// Only filter if not admin
- $sql_ext = (!$is_admin) ? 'customer_id = '.$app->db->quote($client_id).' AND' : '';
-
- $result = $app->db->queryOneRecord('SELECT id FROM aps_instances WHERE '.$sql_ext.' id = '.$app->db->quote($id).';');
+ $params = array();
+ $sql_ext = '';
+ if(!$is_admin) {
+ $sql_ext = 'customer_id = ? AND ';
+ $params[] = $client_id;
+ }
+ $params[] = $id;
+
+ $result = $app->db->queryOneRecord('SELECT id FROM aps_instances WHERE '.$sql_ext.' id = ?', true, $params);
if(!$result) return false;
return true;
}
-
-
+ public function createDatabaseForPackageInstance(&$settings, $websrv) {
+ global $app;
+
+ $app->uses('tools_sites');
+
+ $global_config = $app->getconf->get_global_config('sites');
+
+ $tmp = array();
+ $tmp['parent_domain_id'] = $websrv['domain_id'];
+ $tmp['sys_groupid'] = $websrv['sys_groupid'];
+ $dbname_prefix = $app->tools_sites->replacePrefix($global_config['dbname_prefix'], $tmp);
+ $dbuser_prefix = $app->tools_sites->replacePrefix($global_config['dbuser_prefix'], $tmp);
+ unset($tmp);
+
+ // get information if the webserver is a db server, too
+ $web_server = $app->db->queryOneRecord("SELECT server_id,server_name,db_server FROM server WHERE server_id = ?", $websrv['server_id']);
+ if($web_server['db_server'] == 1) {
+ // create database on "localhost" (webserver)
+ $mysql_db_server_id = $app->functions->intval($websrv['server_id']);
+ $settings['main_database_host'] = 'localhost';
+ $mysql_db_remote_access = 'n';
+ $mysql_db_remote_ips = '';
+ } else {
+ //* get the default database server of the client
+ $client = $app->db->queryOneRecord("SELECT default_dbserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $websrv['sys_groupid']);
+ if(is_array($client) && $client['default_dbserver'] > 0 && $client['default_dbserver'] != $websrv['server_id']) {
+ $mysql_db_server_id = $app->functions->intval($client['default_dbserver']);
+ $dbserver_config = $web_config = $app->getconf->get_server_config($app->functions->intval($mysql_db_server_id), 'server');
+ $settings['main_database_host'] = $dbserver_config['ip_address'];
+ $mysql_db_remote_access = 'y';
+ $webserver_config = $app->getconf->get_server_config($app->functions->intval($websrv['server_id']), 'server');
+ $mysql_db_remote_ips = $webserver_config['ip_address'];
+ } else {
+ /* I left this in place for a fallback that should NEVER! happen.
+ * if we reach this point it means that there is NO default db server for the client
+ * AND the webserver has NO db service enabled.
+ * We have to abort the aps installation here... so I added a return false
+ * although this does not present any error message to the user.
+ */
+ return false;
+
+ /*$mysql_db_server_id = $websrv['server_id'];
+ $settings['main_database_host'] = 'localhost';
+ $mysql_db_remote_access = 'n';
+ $mysql_db_remote_ips = '';*/
+ }
+ }
+
+ if (empty($settings['main_database_name'])) {
+ //* Find a free db name for the app
+ for($n = 1; $n <= 1000; $n++) {
+ $mysql_db_name = ($dbname_prefix != '' ? $dbname_prefix.'aps'.$n : uniqid('aps'));
+ $tmp = $app->db->queryOneRecord("SELECT count(database_id) as number FROM web_database WHERE database_name = ?", $mysql_db_name);
+ if($tmp['number'] == 0) break;
+ }
+ $settings['main_database_name'] = $mysql_db_name;
+ }
+ if (empty($settings['main_database_login'])) {
+ //* Find a free db username for the app
+ for($n = 1; $n <= 1000; $n++) {
+ $mysql_db_user = ($dbuser_prefix != '' ? $dbuser_prefix.'aps'.$n : uniqid('aps'));
+ $tmp = $app->db->queryOneRecord("SELECT count(database_user_id) as number FROM web_database_user WHERE database_user = ?", $mysql_db_user);
+ if($tmp['number'] == 0) break;
+ }
+ $settings['main_database_login'] = $mysql_db_user;
+ }
+
+ //* Create the mysql database user if not existing
+ $tmp = $app->db->queryOneRecord("SELECT database_user_id FROM web_database_user WHERE database_user = ?", $settings['main_database_login']);
+ if(!$tmp) {
+ $insert_data = array("sys_userid" => $websrv['sys_userid'],
+ "sys_groupid" => $websrv['sys_groupid'],
+ "sys_perm_user" => 'riud',
+ "sys_perm_group" => $websrv['sys_perm_group'],
+ "sys_perm_other" => '',
+ "server_id" => 0,
+ "database_user" => $settings['main_database_login'],
+ "database_user_prefix" => $dbuser_prefix,
+ "database_password" => "PASSWORD('" . $settings['main_database_password'] . "')"
+ );
+ $mysql_db_user_id = $app->db->datalogInsert('web_database_user', $insert_data, 'database_user_id');
+ }
+ else $mysql_db_user_id = $tmp['database_user_id'];
+
+ //* Create the mysql database if not existing
+ $tmp = $app->db->queryOneRecord("SELECT count(database_id) as number FROM web_database WHERE database_name = ?", $settings['main_database_name']);
+ if($tmp['number'] == 0) {
+ $insert_data = array("sys_userid" => $websrv['sys_userid'],
+ "sys_groupid" => $websrv['sys_groupid'],
+ "sys_perm_user" => 'riud',
+ "sys_perm_group" => $websrv['sys_perm_group'],
+ "sys_perm_other" => '',
+ "server_id" => $mysql_db_server_id,
+ "parent_domain_id" => $websrv['domain_id'],
+ "type" => 'mysql',
+ "database_name" => $settings['main_database_name'],
+ "database_name_prefix" => $dbname_prefix,
+ "database_user_id" => $mysql_db_user_id,
+ "database_ro_user_id" => 0,
+ "database_charset" => '',
+ "remote_access" => $mysql_db_remote_access,
+ "remote_ips" => $mysql_db_remote_ips,
+ "backup_copies" => $websrv['backup_copies'],
+ "active" => 'y',
+ "backup_interval" => $websrv['backup_interval']
+ );
+ $app->db->datalogInsert('web_database', $insert_data, 'database_id');
+ }
+
+ return true;
+ }
+
/**
* Creates a new database record for the package instance and
* an install task
@@ -227,7 +343,7 @@
$app->uses('tools_sites');
$webserver_id = 0;
- $websrv = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain = '".$app->db->quote($settings['main_domain'])."';");
+ $websrv = $app->db->queryOneRecord("SELECT * FROM web_domain WHERE domain = ?", $settings['main_domain']);
if(!empty($websrv)) $webserver_id = $websrv['server_id'];
$customerid = $this->getCustomerIDFromDomain($settings['main_domain']);
@@ -240,115 +356,57 @@
//* Set PHP mode to php-fcgi and enable suexec in website on apache servers / set PHP mode to PHP-FPM on nginx servers
if($web_config['server_type'] == 'apache') {
if(($websrv['php'] != 'fast-cgi' || $websrv['suexec'] != 'y') && $websrv['php'] != 'php-fpm') {
- $app->db->datalogUpdate('web_domain', "php = 'fast-cgi', suexec = 'y'", 'domain_id', $websrv['domain_id']);
+ $app->db->datalogUpdate('web_domain', array("php" => 'fast-cgi', "suexec" => 'y'), 'domain_id', $websrv['domain_id']);
}
} else {
// nginx
if($websrv['php'] != 'php-fpm' && $websrv['php'] != 'fast-cgi') {
- $app->db->datalogUpdate('web_domain', "php = 'php-fpm'", 'domain_id', $websrv['domain_id']);
+ $app->db->datalogUpdate('web_domain', array("php" => 'php-fpm'), 'domain_id', $websrv['domain_id']);
}
}
- //* Create the MySQL database for the application
- $pkg = $app->db->queryOneRecord('SELECT * FROM aps_packages WHERE id = '.$app->db->quote($packageid).';');
+ //* Create the MySQL database for the application if necessary
+ $pkg = $app->db->queryOneRecord('SELECT * FROM aps_packages WHERE id = ?', $packageid);
$metafile = $this->interface_pkg_dir.'/'.$pkg['path'].'/APP-META.xml';
$sxe = $this->readInMetaFile($metafile);
$db_id = parent::getXPathValue($sxe, '//db:id');
if (!empty($db_id)) {
- $global_config = $app->getconf->get_global_config('sites');
-
- $tmp = array();
- $tmp['parent_domain_id'] = $websrv['domain_id'];
- $tmp['sys_groupid'] = $websrv['sys_groupid'];
- $dbname_prefix = $app->tools_sites->replacePrefix($global_config['dbname_prefix'], $tmp);
- $dbuser_prefix = $app->tools_sites->replacePrefix($global_config['dbuser_prefix'], $tmp);
- unset($tmp);
-
- // get information if the webserver is a db server, too
- $web_server = $app->db->queryOneRecord("SELECT server_id,server_name,db_server FROM server WHERE server_id = ".$app->functions->intval($websrv['server_id']));
- if($web_server['db_server'] == 1) {
- // create database on "localhost" (webserver)
- $mysql_db_server_id = $app->functions->intval($websrv['server_id']);
- $mysql_db_host = 'localhost';
- $mysql_db_remote_access = 'n';
- $mysql_db_remote_ips = '';
- } else {
- //* get the default database server of the client
- $client = $app->db->queryOneRecord("SELECT default_dbserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ".$app->functions->intval($websrv['sys_groupid']));
- if(is_array($client) && $client['default_dbserver'] > 0 && $client['default_dbserver'] != $websrv['server_id']) {
- $mysql_db_server_id = $app->functions->intval($client['default_dbserver']);
- $dbserver_config = $web_config = $app->getconf->get_server_config($app->functions->intval($mysql_db_server_id), 'server');
- $mysql_db_host = $dbserver_config['ip_address'];
- $mysql_db_remote_access = 'y';
- $webserver_config = $app->getconf->get_server_config($app->functions->intval($websrv['server_id']), 'server');
- $mysql_db_remote_ips = $webserver_config['ip_address'];
- } else {
- /* I left this in place for a fallback that should NEVER! happen.
- * if we reach this point it means that there is NO default db server for the client
- * AND the webserver has NO db service enabled.
- * We have to abort the aps installation here... so I added a return false
- * although this does not present any error message to the user.
- */
- return false;
-
- /*$mysql_db_server_id = $websrv['server_id'];
- $mysql_db_host = 'localhost';
- $mysql_db_remote_access = 'n';
- $mysql_db_remote_ips = '';*/
- }
- }
-
- //* Find a free db name for the app
- for($n = 1; $n <= 1000; $n++) {
- $mysql_db_name = $app->db->quote(($dbname_prefix != '' ? $dbname_prefix.'aps'.$n : uniqid('aps')));
- $tmp = $app->db->queryOneRecord("SELECT count(database_id) as number FROM web_database WHERE database_name = '".$app->db->quote($mysql_db_name)."'");
- if($tmp['number'] == 0) break;
- }
- //* Find a free db username for the app
- for($n = 1; $n <= 1000; $n++) {
- $mysql_db_user = $app->db->quote(($dbuser_prefix != '' ? $dbuser_prefix.'aps'.$n : uniqid('aps')));
- $tmp = $app->db->queryOneRecord("SELECT count(database_user_id) as number FROM web_database_user WHERE database_user = '".$app->db->quote($mysql_db_user)."'");
- if($tmp['number'] == 0) break;
- }
-
- $mysql_db_password = $settings['main_database_password'];
-
- //* Create the mysql database user
- $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `database_user`, `database_user_prefix`, `database_password`)
- VALUES( ".$app->functions->intval($websrv['sys_userid']).", ".$app->functions->intval($websrv['sys_groupid']).", 'riud', '".$app->functions->intval($websrv['sys_perm_group'])."', '', 0, '$mysql_db_user', '".$app->db->quote($dbuser_prefix) . "', PASSWORD('$mysql_db_password'))";
- $mysql_db_user_id = $app->db->datalogInsert('web_database_user', $insert_data, 'database_user_id');
-
- //* Create the mysql database
- $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `parent_domain_id`, `type`, `database_name`, `database_name_prefix`, `database_user_id`, `database_ro_user_id`, `database_charset`, `remote_access`, `remote_ips`, `backup_copies`, `active`, `backup_interval`)
- VALUES( ".$app->functions->intval($websrv['sys_userid']).", ".$app->functions->intval($websrv['sys_groupid']).", 'riud', '".$app->functions->intval($websrv['sys_perm_group'])."', '', $mysql_db_server_id, ".$app->functions->intval($websrv['domain_id']).", 'mysql', '$mysql_db_name', '" . $app->db->quote($dbname_prefix) . "', '$mysql_db_user_id', 0, '', '$mysql_db_remote_access', '$mysql_db_remote_ips', ".$app->functions->intval($websrv['backup_copies']).", 'y', '".$app->functions->intval($websrv['backup_interval'])."')";
- $app->db->datalogInsert('web_database', $insert_data, 'database_id');
-
- //* Add db details to package settings
- $settings['main_database_host'] = $mysql_db_host;
- $settings['main_database_name'] = $mysql_db_name;
- $settings['main_database_login'] = $mysql_db_user;
-
+ // mysql-database-name is updated inside if not set already
+ if (!$this->createDatabaseForPackageInstance($settings, $websrv)) return false;
}
-
+
//* Insert new package instance
- $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `customer_id`, `package_id`, `instance_status`) VALUES (".$app->functions->intval($websrv['sys_userid']).", ".$app->functions->intval($websrv['sys_groupid']).", 'riud', '".$app->db->quote($websrv['sys_perm_group'])."', '', ".$app->db->quote($webserver_id).",".$app->db->quote($customerid).", ".$app->db->quote($packageid).", ".INSTANCE_PENDING.")";
+ $insert_data = array(
+ "sys_userid" => $websrv['sys_userid'],
+ "sys_groupid" => $websrv['sys_groupid'],
+ "sys_perm_user" => 'riud',
+ "sys_perm_group" => $websrv['sys_perm_group'],
+ "sys_perm_other" => '',
+ "server_id" => $webserver_id,
+ "customer_id" => $customerid,
+ "package_id" => $packageid,
+ "instance_status" => INSTANCE_PENDING
+ );
$InstanceID = $app->db->datalogInsert('aps_instances', $insert_data, 'id');
//* Insert all package settings
if(is_array($settings)) {
foreach($settings as $key => $value) {
- $insert_data = "(server_id, instance_id, name, value) VALUES (".$app->db->quote($webserver_id).",".$app->db->quote($InstanceID).", '".$app->db->quote($key)."', '".$app->db->quote($value)."')";
+ $insert_data = array(
+ "server_id" => $webserver_id,
+ "instance_id" => $InstanceID,
+ "name" => $key,
+ "value" => $value
+ );
$app->db->datalogInsert('aps_instances_settings', $insert_data, 'id');
}
}
//* Set package status to install afetr we inserted the settings
- $app->db->datalogUpdate('aps_instances', "instance_status = ".INSTANCE_INSTALL, 'id', $InstanceID);
+ $app->db->datalogUpdate('aps_instances', array("instance_status" => INSTANCE_INSTALL), 'id', $InstanceID);
}
-
-
/**
* Sets the status of an instance to "should be removed" and creates a
@@ -356,60 +414,22 @@
*
* @param $instanceid the instance to delete
*/
- public function deleteInstance($instanceid)
- {
- global $app;
- /*
- $app->db->query("UPDATE aps_instances SET instance_status = ".INSTANCE_REMOVE." WHERE id = ".$instanceid.";");
-
- $webserver_id = $this->getInstanceDataForDatalog($instanceid);
- if($webserver_id == '') return;
-
- // Create a sys_datalog entry for deletion
- $datalog = array('Instance_id' => $instanceid, 'server_id' => $webserver_id);
- $app->db->datalogSave('aps', 'DELETE', 'id', $instanceid, array(), $datalog);
- */
-
- $sql = "SELECT web_database.database_id as database_id, web_database.database_user_id as `database_user_id` FROM aps_instances_settings, web_database WHERE aps_instances_settings.value = web_database.database_name AND aps_instances_settings.name = 'main_database_name' AND aps_instances_settings.instance_id = ".$instanceid." LIMIT 0,1";
- $tmp = $app->db->queryOneRecord($sql);
- if($tmp['database_id'] > 0) $app->db->datalogDelete('web_database', 'database_id', $tmp['database_id']);
-
- $database_user = $tmp['database_user_id'];
- $tmp = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `database_user_id` = '" . $app->functions->intval($database_user) . "' OR `database_ro_user_id` = '" . $app->functions->intval($database_user) . "'");
- if($tmp['cnt'] < 1) $app->db->datalogDelete('web_database_user', 'database_user_id', $database_user);
-
- $app->db->datalogUpdate('aps_instances', "instance_status = ".INSTANCE_REMOVE, 'id', $instanceid);
-
- }
-
-
-
- /**
- * Sets the status of an instance to "installation planned" and creates a
- * datalog entry to re-install the package. The existing package is simply overwritten.
- *
- * @param $instanceid the instance to delete
- */
- public function reinstallInstance($instanceid)
+ public function deleteInstance($instanceid, $keepdatabase = false)
{
global $app;
- /*
- $app->db->query("UPDATE aps_instances SET instance_status = ".INSTANCE_INSTALL." WHERE id = ".$instanceid.";");
+ if (!$keepdatabase) {
+ $sql = "SELECT web_database.database_id as database_id, web_database.database_user_id as `database_user_id` FROM aps_instances_settings, web_database WHERE aps_instances_settings.value = web_database.database_name AND aps_instances_settings.name = 'main_database_name' AND aps_instances_settings.instance_id = ? LIMIT 0,1";
+ $tmp = $app->db->queryOneRecord($sql, $instanceid);
+ if($tmp['database_id'] > 0) $app->db->datalogDelete('web_database', 'database_id', $tmp['database_id']);
+
+ $database_user = $tmp['database_user_id'];
+ $tmp = $app->db->queryOneRecord("SELECT COUNT(*) as `cnt` FROM `web_database` WHERE `database_user_id` = ? OR `database_ro_user_id` = ?", $database_user, $database_user);
+ if($tmp['cnt'] < 1) $app->db->datalogDelete('web_database_user', 'database_user_id', $database_user);
+ }
- $webserver_id = $this->getInstanceDataForDatalog($instanceid);
- if($webserver_id == '') return;
+ $app->db->datalogUpdate('aps_instances', array("instance_status" => INSTANCE_REMOVE), 'id', $instanceid);
- // Create a sys_datalog entry for re-installation
- $datalog = array('instance_id' => $instanceid, 'server_id' => $webserver_id);
- $app->db->datalogSave('aps', 'INSERT', 'id', $instanceid, array(), $datalog);
- */
-
- $sql = "SELECT web_database.database_id as database_id FROM aps_instances_settings, web_database WHERE aps_instances_settings.value = web_database.database_name AND aps_instances_settings.value = aps_instances_settings.name = 'main_database_name' AND aps_instances_settings.instance_id = ".$app->db->quote($instanceid)." LIMIT 0,1";
- $tmp = $app->db->queryOneRecord($sql);
- if($tmp['database_id'] > 0) $app->db->datalogDelete('web_database', 'database_id', $tmp['database_id']);
-
- $app->db->datalogUpdate('aps_instances', "instance_status = ".INSTANCE_INSTALL, 'id', $instanceid);
}
/**
@@ -422,7 +442,7 @@
{
global $app;
- $pkg = $app->db->queryOneRecord('SELECT * FROM aps_packages WHERE id = '.$app->db->quote($id).';');
+ $pkg = $app->db->queryOneRecord('SELECT * FROM aps_packages WHERE id = ?', $id);
// Load in meta file if existing and register its namespaces
$metafile = $this->interface_pkg_dir.'/'.$pkg['path'].'/APP-META.xml';
@@ -544,7 +564,7 @@
if(in_array($postinput['main_domain'], $domains))
{
$docroot = $app->db->queryOneRecord("SELECT document_root FROM web_domain
- WHERE domain = '".$app->db->quote($postinput['main_domain'])."';");
+ WHERE domain = ?", $postinput['main_domain']);
$new_path = $docroot['document_root'];
if(substr($new_path, -1) != '/') $new_path .= '/';
$new_path .= $main_location;
@@ -559,13 +579,13 @@
$instance_domains = $app->db->queryAllRecords("SELECT instance_id, s.value AS domain
FROM aps_instances AS i, aps_instances_settings AS s
WHERE i.id = s.instance_id AND s.name = 'main_domain'
- AND i.customer_id = '".$app->db->quote($customerid)."';");
+ AND i.customer_id = ?", $customerid);
for($i = 0; $i < count($instance_domains); $i++)
{
$used_path = '';
$doc_root = $app->db->queryOneRecord("SELECT document_root FROM web_domain
- WHERE domain = '".$app->db->quote($instance_domains[$i]['domain'])."';");
+ WHERE domain = ?", $instance_domains[$i]['domain']);
// Probably the domain settings were changed later, so make sure the doc_root
// is not empty for further validation
@@ -576,7 +596,7 @@
$location_for_domain = $app->db->queryOneRecord("SELECT value
FROM aps_instances_settings WHERE name = 'main_location'
- AND instance_id = '".$app->db->quote($instance_domains[$i]['instance_id'])."';");
+ AND instance_id = ?", $instance_domains[$i]['instance_id']);
// The location might be empty but the DB return must not be false!
if($location_for_domain) $used_path .= $location_for_domain['value'];
@@ -608,6 +628,10 @@
if(isset($pkg_details['Requirements Database'])
&& $pkg_details['Requirements Database'] != '')
{
+ if (isset($postinput['main_database_host'])) $input['main_database_host'] = $postinput['main_database_host'];
+ if (isset($postinput['main_database_name'])) $input['main_database_name'] = $postinput['main_database_name'];
+ if (isset($postinput['main_database_login'])) $input['main_database_login'] = $postinput['main_database_login'];
+
if(isset($postinput['main_database_password']))
{
if($postinput['main_database_password'] == '') $error[] = $app->lng('error_no_database_pw');
@@ -705,7 +729,7 @@
{
global $app;
- $pkg = $app->db->queryOneRecord('SELECT * FROM aps_packages WHERE id = '.$app->db->quote($id).';');
+ $pkg = $app->db->queryOneRecord('SELECT * FROM aps_packages WHERE id = ?', $id);
// Load in meta file if existing and register its namespaces
$metafile = $this->interface_pkg_dir.'/'.$pkg['path'].'/APP-META.xml';
--
Gitblit v1.9.1