From c220da99596c4fbca3a4413dbf880dbfc8fd0121 Mon Sep 17 00:00:00 2001
From: Florian Schaal <florian@schaal-24.de>
Date: Fri, 24 Jan 2014 06:20:12 -0500
Subject: [PATCH] changed sql-query and make ure that the backup-sub-dir exists

---
 interface/web/sites/database_edit.php |   93 ++++++++++++++++++++++++++++++++++++++++------
 1 files changed, 80 insertions(+), 13 deletions(-)

diff --git a/interface/web/sites/database_edit.php b/interface/web/sites/database_edit.php
index 126c039..2249351 100644
--- a/interface/web/sites/database_edit.php
+++ b/interface/web/sites/database_edit.php
@@ -72,23 +72,47 @@
 		if($_SESSION["s"]["user"]["typ"] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) {
 
 			// Get the limits of the client
-			$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
-			$client = $app->db->queryOneRecord("SELECT default_dbserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client = $app->db->queryOneRecord("SELECT db_servers FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Set the webserver to the default server of the client
-			$tmp = $app->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = ".$app->functions->intval($client['default_dbserver']));
-			$app->tpl->setVar("server_id", "<option value='$client[default_dbserver]'>$tmp[server_name]</option>");
+			$tmp = $app->db->queryAllRecords("SELECT server_id, server_name FROM server WHERE server_id IN ($client[db_servers])");
+
+			$only_one_server = count($tmp) === 1;
+			$app->tpl->setVar('only_one_server', $only_one_server);
+
+			if ($only_one_server) {
+				$app->tpl->setVar('server_id_value', $tmp[0]['server_id']);
+			}
+
+			foreach ($tmp as $db_server) {
+				$options_db_servers .= "<option value='$db_server[server_id]'>$db_server[server_name]</option>";
+			}
+
+			$app->tpl->setVar("server_id", $options_db_servers);
 			unset($tmp);
 
 		} elseif ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
 
 			// Get the limits of the client
-			$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
-			$client = $app->db->queryOneRecord("SELECT client.client_id, limit_web_domain, default_webserver, contact_name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client = $app->db->queryOneRecord("SELECT client.client_id, limit_web_domain, db_servers, contact_name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// Set the webserver to the default server of the client
-			$tmp = $app->db->queryOneRecord("SELECT server_name FROM server WHERE server_id = ".$app->functions->intval($client['default_webserver']));
-			$app->tpl->setVar("server_id", "<option value='$client[default_webserver]'>$tmp[server_name]</option>");
+			$tmp = $app->db->queryAllRecords("SELECT server_id, server_name FROM server WHERE server_id IN ($client[db_servers])");
+
+			$only_one_server = count($tmp) === 1;
+			$app->tpl->setVar('only_one_server', $only_one_server);
+
+			if ($only_one_server) {
+				$app->tpl->setVar('server_id_value', $tmp[0]['server_id']);
+			}
+
+			foreach ($tmp as $db_server) {
+				$options_db_servers .= "<option value='$db_server[server_id]'>$db_server[server_name]</option>";
+			}
+
+			$app->tpl->setVar("server_id", $options_db_servers);
 			unset($tmp);
 
 		} else {
@@ -141,8 +165,8 @@
 
 		if($_SESSION["s"]["user"]["typ"] != 'admin') {
 			// Get the limits of the client
-			$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
-			$client = $app->db->queryOneRecord("SELECT default_dbserver, limit_database FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
+			$client_group_id = $_SESSION["s"]["user"]["default_group"];
+			$client = $app->db->queryOneRecord("SELECT db_servers, limit_database FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
 
 			// When the record is updated
 			if($this->id > 0) {
@@ -152,9 +176,12 @@
 				unset($tmp);
 				// When the record is inserted
 			} else {
-				// set the server ID to the default dbserver of the client
-				$this->dataRecord["server_id"] = $client["default_dbserver"];
+				$client['db_servers_ids'] = explode(',', $client['db_servers']);
 
+				// Check if chosen server is in authorized servers for this client
+				if (!(is_array($client['db_servers_ids']) && in_array($this->dataRecord["server_id"], $client['db_servers_ids'])) && $_SESSION["s"]["user"]["typ"] != 'admin') {
+					$app->error($app->tform->wordbook['error_not_allowed_server_id']);
+				}
 
 				// Check if the user may add another database
 				if($client["limit_database"] >= 0) {
@@ -275,7 +302,26 @@
 				}
 			}
 		}
-
+		
+		if ($app->tform->errorMessage == '') {
+			// force update of the used database user
+			if($this->dataRecord['database_user_id']) {
+				$user_old_rec = $app->db->queryOneRecord('SELECT * FROM `web_database_user` WHERE `database_user_id` = ' . $app->functions->intval($this->dataRecord['database_user_id']));
+				if($user_old_rec) {
+					$user_new_rec = $user_old_rec;
+					$user_new_rec['server_id'] = $this->dataRecord['server_id'];
+					$app->db->datalogSave('web_database_user', 'UPDATE', 'database_user_id', $this->dataRecord['database_user_id'], $user_old_rec, $user_new_rec);
+				}
+			}
+			if($this->dataRecord['database_ro_user_id']) {
+				$user_old_rec = $app->db->queryOneRecord('SELECT * FROM `web_database_user` WHERE `database_user_id` = ' . $app->functions->intval($this->dataRecord['database_ro_user_id']));
+				if($user_old_rec) {
+					$user_new_rec = $user_old_rec;
+					$user_new_rec['server_id'] = $this->dataRecord['server_id'];
+					$app->db->datalogSave('web_database_user', 'UPDATE', 'database_user_id', $this->dataRecord['database_ro_user_id'], $user_old_rec, $user_new_rec);
+				}
+			}
+		}
 
 		parent::onBeforeUpdate();
 	}
@@ -344,6 +390,27 @@
 			}
 		}
 
+		if ($app->tform->errorMessage == '') {
+			// force update of the used database user
+			if($this->dataRecord['database_user_id']) {
+				$user_old_rec = $app->db->queryOneRecord('SELECT * FROM `web_database_user` WHERE `database_user_id` = ' . $app->functions->intval($this->dataRecord['database_user_id']));
+				if($user_old_rec) {
+					$user_new_rec = $user_old_rec;
+					$user_new_rec['server_id'] = $this->dataRecord['server_id'];
+					$app->db->datalogSave('web_database_user', 'UPDATE', 'database_user_id', $this->dataRecord['database_user_id'], $user_old_rec, $user_new_rec);
+				}
+			}
+			if($this->dataRecord['database_ro_user_id']) {
+				$user_old_rec = $app->db->queryOneRecord('SELECT * FROM `web_database_user` WHERE `database_user_id` = ' . $app->functions->intval($this->dataRecord['database_ro_user_id']));
+				if($user_old_rec) {
+					$user_new_rec = $user_old_rec;
+					$user_new_rec['server_id'] = $this->dataRecord['server_id'];
+					$app->db->datalogSave('web_database_user', 'UPDATE', 'database_user_id', $this->dataRecord['database_ro_user_id'], $user_old_rec, $user_new_rec);
+				}
+			}
+		}
+
+
 		parent::onBeforeInsert();
 	}
 

--
Gitblit v1.9.1