From 84569173c9a21ebab5ecdb662d9b4fb98b7c336b Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Mon, 16 Apr 2012 08:19:56 -0400
Subject: [PATCH] Fixed: FS#2176 - collision between shell/ftp accounts and client accounts named webXX is not checked
---
interface/lib/classes/db_mysql.inc.php | 44 +++++++++++++++++++++++++++++++++++---------
1 files changed, 35 insertions(+), 9 deletions(-)
diff --git a/interface/lib/classes/db_mysql.inc.php b/interface/lib/classes/db_mysql.inc.php
index 4572dac..ae120c9 100644
--- a/interface/lib/classes/db_mysql.inc.php
+++ b/interface/lib/classes/db_mysql.inc.php
@@ -33,6 +33,8 @@
private $dbUser = ''; // database authorized user
private $dbPass = ''; // user's password
private $dbCharset = ''; // what charset comes and goes to mysql: utf8 / latin1
+ private $dbNewLink = false; // Return a new linkID when connect is called again
+ private $dbClientFlags = 0; // MySQL Client falgs
private $linkId = 0; // last result of mysql_connect()
private $queryId = 0; // last result of mysql_query()
private $record = array(); // last record fetched
@@ -51,11 +53,9 @@
$this->dbUser = $conf['db_user'];
$this->dbPass = $conf['db_password'];
$this->dbCharset = $conf['db_charset'];
+ $this->dbNewLink = $conf['db_new_link'];
+ $this->dbClientFlags = $conf['db_client_flags'];
//$this->connect();
- }
-
- public function __destruct() {
- $this->closeConn();
}
/** Error handler */
@@ -73,7 +73,7 @@
public function connect()
{
if($this->linkId == 0){
- $this->linkId = mysql_connect($this->dbHost, $this->dbUser, $this->dbPass);
+ $this->linkId = mysql_connect($this->dbHost, $this->dbUser, $this->dbPass, $this->dbNewLink, $this->dbClientFlags);
if(!$this->linkId){
$this->updateError('DB::connect()<br />mysql_connect');
return false;
@@ -298,8 +298,20 @@
public function datalogInsert($tablename, $insert_data, $index_field) {
global $app;
+ if(is_array($insert_data)) {
+ $key_str = '';
+ $val_str = '';
+ foreach($insert_data as $key => $val) {
+ $key_str .= "`".$key ."`,";
+ $val_str .= "'".$this->quote($val)."',";
+ }
+ $insert_data_str = '('.$key_str.') VALUES ('.$val_str.')';
+ } else {
+ $insert_data_str = $insert_data;
+ }
+
$old_rec = array();
- $this->query("INSERT INTO $tablename $insert_data");
+ $this->query("INSERT INTO $tablename $insert_data_str");
$index_value = $this->insertID();
$new_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
$this->datalogSave($tablename, 'INSERT', $index_field, $index_value, $old_rec, $new_rec);
@@ -308,11 +320,25 @@
}
//** Updates a record and saves the changes into the datalog
- public function datalogUpdate($tablename, $update_data, $index_field, $index_value) {
+ public function datalogUpdate($tablename, $update_data, $index_field, $index_value, $force_update = false) {
global $app;
- $old_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
- $this->query("UPDATE $tablename SET $update_data WHERE $index_field = '$index_value'");
+ if($force_update == true) {
+ $old_rec = array();
+ } else {
+ $old_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
+ }
+
+ if(is_array($update_data)) {
+ $update_data_str = '';
+ foreach($update_data as $key => $val) {
+ $update_data_str .= "`".$key ."` = '".$this->quote($val)."',";
+ }
+ } else {
+ $update_data_str = $update_data;
+ }
+
+ $this->query("UPDATE $tablename SET $update_data_str WHERE $index_field = '$index_value'");
$new_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
$this->datalogSave($tablename, 'UPDATE', $index_field, $index_value, $old_rec, $new_rec);
--
Gitblit v1.9.1