From 7990f8881b085279269d35cf9dd2787b88ae1c08 Mon Sep 17 00:00:00 2001
From: mcramer <m.cramer@pixcept.de>
Date: Tue, 27 Nov 2012 14:47:43 -0500
Subject: [PATCH] Bugfix: _ispconfig_pw_crypted was ignored (stripped off in encoding method)
---
interface/lib/classes/db_mysql.inc.php | 136 +++++++++++++++++++++++----------------------
1 files changed, 70 insertions(+), 66 deletions(-)
diff --git a/interface/lib/classes/db_mysql.inc.php b/interface/lib/classes/db_mysql.inc.php
index 83fcd57..5ea448a 100644
--- a/interface/lib/classes/db_mysql.inc.php
+++ b/interface/lib/classes/db_mysql.inc.php
@@ -47,16 +47,17 @@
public $show_error_messages = true; // false in server, true in interface
// constructor
- public function __construct() {
+ public function __construct($prefix = '') {
global $conf;
- $this->dbHost = $conf['db_host'];
- $this->dbName = $conf['db_database'];
- $this->dbUser = $conf['db_user'];
- $this->dbPass = $conf['db_password'];
- $this->dbCharset = $conf['db_charset'];
- $this->dbNewLink = $conf['db_new_link'];
- $this->dbClientFlags = $conf['db_client_flags'];
- parent::__construct($conf['db_host'], $conf['db_user'],$conf['db_password'],$conf['db_database']);
+ if($prefix != '') $prefix .= '_';
+ $this->dbHost = $conf[$prefix.'db_host'];
+ $this->dbName = $conf[$prefix.'db_database'];
+ $this->dbUser = $conf[$prefix.'db_user'];
+ $this->dbPass = $conf[$prefix.'db_password'];
+ $this->dbCharset = $conf[$prefix.'db_charset'];
+ $this->dbNewLink = $conf[$prefix.'db_new_link'];
+ $this->dbClientFlags = $conf[$prefix.'db_client_flags'];
+ parent::__construct($conf[$prefix.'db_host'], $conf[$prefix.'db_user'],$conf[$prefix.'db_password'],$conf[$prefix.'db_database']);
if ($this->connect_error) {
$this->updateError('DB::__construct');
return false;
@@ -95,8 +96,10 @@
}
public function query($queryString) {
- $this->queryId = parent::query($queryString);
+ parent::ping();
+ $this->queryId = parent::query($queryString);
$this->updateError('DB::query('.$queryString.') -> mysqli_query');
+ if($this->errorNumber) debug_print_backtrace();
if(!$this->queryId) {
return false;
}
@@ -143,6 +146,10 @@
public function numRows() {
return $this->queryId->num_rows;
}
+
+ public function affectedRows() {
+ return $this->queryId->affected_rows;
+ }
// returns mySQL insert id
public function insertID() {
@@ -150,14 +157,12 @@
}
- // Check der variablen
- // Really.. using quote should be phased out in favor of using bind_param's. Though, for legacy code..
- // here's the equivalent
+ //* Function to quote strings
public function quote($formfield) {
return $this->escape_string($formfield);
}
- // Check der variablen
+ //* Function to unquotae strings
public function unquote($formfield) {
return stripslashes($formfield);
}
@@ -171,44 +176,6 @@
}
return $out;
}
-
- /*
- //* These functions are deprecated and will be removed.
- function insert($tablename,$form,$debug = 0)
- {
- if(is_array($form)){
- foreach($form as $key => $value)
- {
- $sql_key .= "$key, ";
- $sql_value .= "'".$this->check($value)."', ";
- }
- $sql_key = substr($sql_key,0,strlen($sql_key) - 2);
- $sql_value = substr($sql_value,0,strlen($sql_value) - 2);
-
- $sql = "INSERT INTO $tablename (" . $sql_key . ") VALUES (" . $sql_value .")";
-
- if($debug == 1) echo "SQL-Statement: ".$sql."<br><br>";
- $this->query($sql);
- if($debug == 1) echo "mySQL Error Message: ".$this->errorMessage;
- }
- }
-
- function update($tablename,$form,$bedingung,$debug = 0)
- {
-
- if(is_array($form)){
- foreach($form as $key => $value)
- {
- $insql .= "$key = '".$this->check($value)."', ";
- }
- $insql = substr($insql,0,strlen($insql) - 2);
- $sql = "UPDATE $tablename SET " . $insql . " WHERE $bedingung";
- if($debug == 1) echo "SQL-Statement: ".$sql."<br><br>";
- $this->query($sql);
- if($debug == 1) echo "mySQL Error Message: ".$this->errorMessage;
- }
- }
- */
public function diffrec($record_old, $record_new) {
$diffrec_full = array();
@@ -246,7 +213,7 @@
}
//** Function to fill the datalog with a full differential record.
- public function datalogSave($db_table, $action, $primary_field, $primary_id, $record_old, $record_new) {
+ public function datalogSave($db_table, $action, $primary_field, $primary_id, $record_old, $record_new, $force_update = false) {
global $app,$conf;
// Insert backticks only for incomplete table names.
@@ -256,10 +223,17 @@
$escape = '`';
}
- $tmp = $this->diffrec($record_old, $record_new);
- $diffrec_full = $tmp['diff_rec'];
- $diff_num = $tmp['diff_num'];
- unset($tmp);
+ if($force_update == true) {
+ //* We force a update even if no record has changed
+ $diffrec_full = array('new' => $record_new,'old' => $record_old);
+ $diff_num = count($record_new);
+ } else {
+ //* get the difference record between old and new record
+ $tmp = $this->diffrec($record_old, $record_new);
+ $diffrec_full = $tmp['diff_rec'];
+ $diff_num = $tmp['diff_num'];
+ unset($tmp);
+ }
// Insert the server_id, if the record has a server_id
$server_id = (isset($record_old['server_id']) && $record_old['server_id'] > 0)?$record_old['server_id']:0;
@@ -294,6 +268,8 @@
$key_str .= "`".$key ."`,";
$val_str .= "'".$this->quote($val)."',";
}
+ $key_str = substr($key_str,0,-1);
+ $val_str = substr($val_str,0,-1);
$insert_data_str = '('.$key_str.') VALUES ('.$val_str.')';
} else {
$insert_data_str = $insert_data;
@@ -312,24 +288,21 @@
public function datalogUpdate($tablename, $update_data, $index_field, $index_value, $force_update = false) {
global $app;
- if($force_update == true) {
- $old_rec = array();
- } else {
- $old_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
- }
+ $old_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
if(is_array($update_data)) {
$update_data_str = '';
foreach($update_data as $key => $val) {
$update_data_str .= "`".$key ."` = '".$this->quote($val)."',";
}
+ $update_data_str = substr($update_data_str,0,-1);
} else {
$update_data_str = $update_data;
}
- $this->query("UPDATE $tablename SET $update_data WHERE $index_field = '$index_value'");
+ $this->query("UPDATE $tablename SET $update_data_str WHERE $index_field = '$index_value'");
$new_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
- $this->datalogSave($tablename, 'UPDATE', $index_field, $index_value, $old_rec, $new_rec);
+ $this->datalogSave($tablename, 'UPDATE', $index_field, $index_value, $old_rec, $new_rec, $force_update);
return true;
}
@@ -344,6 +317,28 @@
$this->datalogSave($tablename, 'DELETE', $index_field, $index_value, $old_rec, $new_rec);
return true;
+ }
+
+ //* get the current datalog status for the specified login (or currently logged in user)
+ public function datalogStatus($login = '') {
+ global $app;
+
+ $return = array('count' => 0, 'entries' => array());
+ if($_SESSION['s']['user']['typ'] == 'admin') return $return; // these information should not be displayed to admin users
+
+ if($login == '' && isset($_SESSION['s']['user'])) {
+ $login = $_SESSION['s']['user']['username'];
+ }
+
+ $result = $this->queryAllRecords("SELECT COUNT( * ) AS cnt, sys_datalog.action, sys_datalog.dbtable FROM sys_datalog, server WHERE server.server_id = sys_datalog.server_id AND sys_datalog.user = '" . $this->quote($login) . "' AND sys_datalog.datalog_id > server.updated GROUP BY sys_datalog.dbtable, sys_datalog.action");
+ foreach($result as $row) {
+ if(!$row['dbtable'] || in_array($row['dbtable'], array('aps_instances', 'aps_instances_settings', 'mail_access', 'mail_content_filter'))) continue; // ignore some entries, maybe more to come
+ $return['entries'][] = array('table' => $row['dbtable'], 'action' => $row['action'], 'count' => $row['cnt'], 'text' => $app->lng('datalog_status_' . $row['action'] . '_' . $row['dbtable']));
+ $return['count'] += $row['cnt'];
+ }
+ unset($result);
+
+ return $return;
}
@@ -489,17 +484,26 @@
function tableInfo($table_name) {
- global $go_api,$go_info;
+ global $go_api,$go_info,$app;
// Tabellenfelder einlesen
- if($rows = $go_api->db->queryAllRecords('SHOW FIELDS FROM '.$table_name)){
+ if($rows = $app->db->queryAllRecords('SHOW FIELDS FROM '.$table_name)){
foreach($rows as $row) {
+ /*
$name = $row[0];
$default = $row[4];
$key = $row[3];
$extra = $row[5];
$isnull = $row[2];
$type = $row[1];
+ */
+
+ $name = $row['Field'];
+ $default = $row['Default'];
+ $key = $row['Key'];
+ $extra = $row['Extra'];
+ $isnull = $row['Null'];
+ $type = $row['Type'];
$column = array();
--
Gitblit v1.9.1