From 8dd29e227f44e2379a0a72a4f60130b24e54a14b Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Sun, 21 Sep 2008 13:12:41 -0400
Subject: [PATCH] Added a function to merge language files.
---
server/plugins-available/mysql_clientdb_plugin.inc.php | 34 +++++++++++++++++++++-------------
1 files changed, 21 insertions(+), 13 deletions(-)
diff --git a/server/plugins-available/mysql_clientdb_plugin.inc.php b/server/plugins-available/mysql_clientdb_plugin.inc.php
index 4699379..e9c3400 100644
--- a/server/plugins-available/mysql_clientdb_plugin.inc.php
+++ b/server/plugins-available/mysql_clientdb_plugin.inc.php
@@ -71,7 +71,7 @@
}
//* Create the new database
- if (mysql_query('CREATE DATABASE '.addslashes($data["new"]["database_name"]),$link)) {
+ if (mysql_query('CREATE DATABASE '.mysql_real_escape_string($data["new"]["database_name"]),$link)) {
$app->log('Created MySQL database: '.$data["new"]["database_name"],LOGLEVEL_DEBUG);
} else {
$app->log('Unable to connect to the database'.mysql_error($link),LOGLEVEL_ERROR);
@@ -84,8 +84,8 @@
$db_host = 'localhost';
}
- mysql_query("GRANT ALL ON ".addslashes($data["new"]["database_name"]).".* TO '".addslashes($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".addslashes($data["new"]["database_password"])."';",$link);
- //echo "GRANT ALL ON ".addslashes($data["new"]["database_name"]).".* TO '".addslashes($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".addslashes($data["new"]["database_password"])."';";
+ mysql_query("GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"]).".* TO '".mysql_real_escape_string($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"])."';",$link);
+ //echo "GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"]).".* TO '".mysql_real_escape_string($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"])."';";
mysql_query("FLUSH PRIVILEGES;",$link);
mysql_close($link);
@@ -105,22 +105,23 @@
$link = mysql_connect($clientdb_host, $clientdb_user, $clientdb_password);
if (!$link) {
$app->log('Unable to connect to the database'.mysql_error($link),LOGLEVEL_ERROR);
+ return;
}
//* Rename User
if($data["new"]["database_user"] != $data["old"]["database_user"]) {
- mysql_query("RENAME USER '".addslashes($data["old"]["database_user"])."' TO '".addslashes($data["new"]["database_user"])."'",$link);
+ mysql_query("RENAME USER '".mysql_real_escape_string($data["old"]["database_user"])."' TO '".mysql_real_escape_string($data["new"]["database_user"])."'",$link);
$app->log('Renaming mysql user: '.$data["old"]["database_user"].' to '.$data["new"]["database_user"],LOGLEVEL_DEBUG);
}
//* Remote access option has changed.
if($data["new"]["remote_access"] != $data["old"]["remote_access"]) {
if($data["new"]["remote_access"] == 'y') {
- mysql_query("UPDATE mysql.user SET Host = '%' WHERE User = '".addslashes($data["new"]["database_user"])."' and Host = 'localhost';",$link);
- mysql_query("UPDATE mysql.db SET Host = '%' WHERE User = '".addslashes($data["new"]["database_user"])."' and Host = 'localhost';",$link);
+ mysql_query("UPDATE mysql.user SET Host = '%' WHERE User = '".mysql_real_escape_string($data["new"]["database_user"])."' and Host = 'localhost';",$link);
+ mysql_query("UPDATE mysql.db SET Host = '%' WHERE User = '".mysql_real_escape_string($data["new"]["database_user"])."' and Host = 'localhost';",$link);
} else {
- mysql_query("UPDATE mysql.user SET Host = 'localhost' WHERE User = '".addslashes($data["new"]["database_user"])."' and Host = '%';",$link);
- mysql_query("UPDATE mysql.db SET Host = 'localhost' WHERE User = '".addslashes($data["new"]["database_user"])."' and Host = '%';",$link);
+ mysql_query("UPDATE mysql.user SET Host = 'localhost' WHERE User = '".mysql_real_escape_string($data["new"]["database_user"])."' and Host = '%';",$link);
+ mysql_query("UPDATE mysql.db SET Host = 'localhost' WHERE User = '".mysql_real_escape_string($data["new"]["database_user"])."' and Host = '%';",$link);
}
$app->log('Changing mysql remote access priveliges for database: '.$data["new"]["database_name"],LOGLEVEL_DEBUG);
}
@@ -141,7 +142,7 @@
//* Change password
if($data["new"]["database_password"] != $data["old"]["database_password"]) {
- mysql_query("SET PASSWORD FOR '".addslashes($data["new"]["database_user"])."'@'$db_host' = PASSWORD('".addslashes($data["new"]["database_password"])."');",$link);
+ mysql_query("SET PASSWORD FOR '".mysql_real_escape_string($data["new"]["database_user"])."'@'$db_host' = PASSWORD('".mysql_real_escape_string($data["new"]["database_password"])."');",$link);
$app->log('Changing mysql user password for: '.$data["new"]["database_user"],LOGLEVEL_DEBUG);
}
@@ -164,6 +165,7 @@
$link = mysql_connect($clientdb_host, $clientdb_user, $clientdb_password);
if (!$link) {
$app->log('Unable to connect to the database'.mysql_error($link),LOGLEVEL_ERROR);
+ return;
}
//* Get the db host setting for the access priveliges
@@ -173,11 +175,17 @@
$db_host = 'localhost';
}
- mysql_query("DROP USER '".addslashes($data["old"]["database_user"])."'@'$db_host';",$link);
- $app->log('Dropping mysql user: '.$data["old"]["database_user"],LOGLEVEL_DEBUG);
+ if(mysql_query("DROP USER '".mysql_real_escape_string($data["old"]["database_user"])."'@'$db_host';",$link)) {
+ $app->log('Dropping mysql user: '.$data["old"]["database_user"],LOGLEVEL_DEBUG);
+ } else {
+ $app->log('Error while dropping mysql user: '.$data["old"]["database_user"].' '.mysql_error($link),LOGLEVEL_ERROR);
+ }
- mysql_query('DROP DATABASE '.addslashes($data["old"]["database_name"]),$link);
- $app->log('Dropping mysql database: '.$data["old"]["database_name"],LOGLEVEL_DEBUG);
+ if(mysql_query('DROP DATABASE '.mysql_real_escape_string($data["old"]["database_name"]),$link)) {
+ $app->log('Dropping mysql database: '.$data["old"]["database_name"],LOGLEVEL_DEBUG);
+ } else {
+ $app->log('Error while dropping mysql database: '.$data["old"]["database_name"].' '.mysql_error($link),LOGLEVEL_ERROR);
+ }
mysql_query("FLUSH PRIVILEGES;",$link);
--
Gitblit v1.9.1