maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

remove some unused functions and migrated some more functions to PDO database class, refs #1287

Browse Source 
Signed-off-by: Michael Kaufmann (d00p) <d00p@froxlor.org>
This commit is contained in:
Michael Kaufmann (d00p)
2013-11-14 08:27:57 +01:00
parent 868b472b98
commit 12800b730d
23 changed files with 326 additions and 500 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
admin_settings.php
View File

@@ -27,7 +27,7 @@ if(($page == 'settings' || $page == 'overview')
&& $userinfo['change_serversettings'] == '1') && $userinfo['change_serversettings'] == '1')
{ {
$settings_data = loadConfigArrayDir('./actions/admin/settings/'); $settings_data = loadConfigArrayDir('./actions/admin/settings/');
$settings = loadSettings($settings_data, $db); $settings = loadSettings($settings_data);
if(isset($_POST['send']) if(isset($_POST['send'])
&& $_POST['send'] == 'send') && $_POST['send'] == 'send')

49
lib/functions/froxlor/function.getAdmins.php
View File

@@ -1,49 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function getAdmins($limit_resource = '') {
global $db, $theme;
$additional_conditions = '';
$additional_conditions_array = array();
if(getSessionUserDetail('customers_see_all') != true)
{
$additional_conditions_array[] = '`adminid` = \'' . (int)getSessionUserDetail('adminid') . '\'';
}
if($limit_resource != '')
{
$additional_conditions_array[] = '(`' . $limit_resource . '_used` < `' . $limit_resource . '` OR `' . $limit_resource . '` = \'-1\')';
}
if(!empty($additional_conditions_array))
{
$additional_conditions = ' WHERE ' . implode(' AND ', $additional_conditions_array) . ' ';
}
$query = 'SELECT `adminid`, `loginname`, `name`, `firstname`, `company` FROM `' . TABLE_PANEL_ADMINS . '` ' . $additional_conditions . ' ORDER BY `name` ASC';
$result = $db->query($query);
$admins_array = array();
while($row = $db->fetch_array($result))
{
$admins_array[$row['adminid']] = getCorrectFullUserDetails($row) . ' (' . $row['loginname'] . ')';
}
return $admins_array;
}

17
lib/functions/froxlor/function.getCustomerDetail.php
View File

@@ -17,19 +17,16 @@
* *
*/ */
function getCustomerDetail($customerid, $varname) function getCustomerDetail($customerid, $varname) {
{
global $db, $theme;
$query = 'SELECT `' . $db->escape($varname) . '` FROM `' . TABLE_PANEL_CUSTOMERS . '` WHERE `customerid` = \'' . (int)$customerid . '\''; $customer_stmt = Database::prepare("
$customer = $db->query_first($query); SELECT `' . $varname . '` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `customerid` = :customerid
");
$customer = Database::pexecute_first($customer_stmt, array('customerid' => $customerid));
if(isset($customer[$varname])) if (isset($customer[$varname])) {
{
return $customer[$varname]; return $customer[$varname];
} } else {
else
{
return false; return false;
} }
} }

21
lib/functions/froxlor/function.getCustomerIdByDomain.php
View File

@@ -1,21 +0,0 @@
<?php
/**
* returns the customer-id of a customer by given domain
*
* @param string $domain users domain
*
* @return int customers id
*/
function getCustomerIdByDomain($domain = null)
{
global $db, $theme;
$result = $db->query_first("SELECT `customerid` FROM `" . TABLE_PANEL_DOMAINS . "` WHERE `domain` = '".$domain."'");
if(is_array($result)
&& isset($result['customerid'])
) {
return $result['customerid'];
}
return false;
}

49
lib/functions/froxlor/function.getCustomers.php
View File

@@ -1,49 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function getCustomers($limit_resource = '')
{
global $db, $theme;
$additional_conditions = '';
$additional_conditions_array = array();
if(getSessionUserDetail('customers_see_all') != true)
{
$additional_conditions_array[] = '`adminid` = \'' . (int)getSessionUserDetail('adminid') . '\'';
}
if($limit_resource != '')
{
$additional_conditions_array[] = '(`' . $limit_resource . '_used` < `' . $limit_resource . '` OR `' . $limit_resource . '` = \'-1\')';
}
if(!empty($additional_conditions_array))
{
$additional_conditions = ' WHERE ' . implode(' AND ', $additional_conditions_array) . ' ';
}
$query = 'SELECT `customerid`, `loginname`, `name`, `firstname`, `company` FROM `' . TABLE_PANEL_CUSTOMERS . '` ' . $additional_conditions . ' ORDER BY `name` ASC';
$result = $db->query($query);
$customers_array = array();
while($row = $db->fetch_array($result))
{
$customers_array[$row['customerid']] = getCorrectFullUserDetails($row) . ' (' . $row['loginname'] . ')';
}
return $customers_array;
}

24
lib/functions/froxlor/function.getIpAddresses.php
View File

@@ -17,24 +17,22 @@
* *
*/ */
function getIpAddresses() function getIpAddresses() {
{
global $db, $theme; $result_stmt = Database::query("
SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` ORDER BY `ip` ASC, `port` ASC
");
$query = 'SELECT `id`, `ip`, `port` FROM `' . TABLE_PANEL_IPSANDPORTS . '` ORDER BY `ip` ASC, `port` ASC';
$result = $db->query($query);
$system_ipaddress_array = array(); $system_ipaddress_array = array();
while($row = $db->fetch_array($result)) while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
{
if(!isset($system_ipaddress_array[$row['ip']]) if (!isset($system_ipaddress_array[$row['ip']])
&& !in_array($row['ip'], $system_ipaddress_array)) && !in_array($row['ip'], $system_ipaddress_array)
{ ) {
if(filter_var($row['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) if (filter_var($row['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
{
$row['ip'] = '[' . $row['ip'] . ']'; $row['ip'] = '[' . $row['ip'] . ']';
} }
$system_ipaddress_array[$row['ip']] = $row['ip']; $system_ipaddress_array[$row['ip']] = $row['ip'];
} }
} }

56
lib/functions/froxlor/function.getIpPortCombinations.php
View File

@@ -17,38 +17,46 @@
* *
*/ */
function getIpPortCombinations($ssl = false) function getIpPortCombinations($ssl = false) {
{
global $db, $theme; global $userinfo;
$additional_conditions_params = array();
$additional_conditions_array = array();
if ($userinfo['ip'] != '-1') {
$admin_ip_stmt = Database::prepare("
SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` WHERE `id` = :ipid
");
$admin_ip = Database::pexecute_first($admin_ip_stmt, array('ipid' => $userinfo['ip']));
$additional_conditions_array[] = "`ip` = :adminip";
$additional_conditions_params['adminip'] = $admin_ip['ip'];
$admin_ip = null;
}
if ($ssl !== null) {
$additional_conditions_array[] = "`ssl` = :ssl";
$additional_conditions_params['ssl'] = ($ssl === true ? '1' : '0' );
}
$additional_conditions = ''; $additional_conditions = '';
$additional_conditions_array = array(); if (count($additional_conditions_array) > 0) {
if(getSessionUserDetail('ip') != '-1') $additional_conditions = " WHERE " . implode(" AND ", $additional_conditions_array) . " ";
{
$admin_ip = $db->query_first('SELECT `id`, `ip`, `port` FROM `' . TABLE_PANEL_IPSANDPORTS . '` WHERE `id` = \'' . (int)getSessionUserDetail('ip') . '\' ORDER BY `ip`, `port` ASC');
$additional_conditions_array[] = '`ip` = \'' . $admin_ip['ip'] . '\'';
unset($admin_ip);
}
if($ssl !== null)
{
$additional_conditions_array[] = '`ssl` = \'' . ( $ssl === true ? '1' : '0' ) . '\'';
}
if(!empty($additional_conditions_array))
{
$additional_conditions = ' WHERE ' . implode(' AND ', $additional_conditions_array) . ' ';
} }
$query = 'SELECT `id`, `ip`, `port` FROM `' . TABLE_PANEL_IPSANDPORTS . '` ' . $additional_conditions . ' ORDER BY `ip` ASC, `port` ASC'; $result_stmt = Database::prepare("
$result = $db->query($query); SELECT `id`, `ip`, `port` FROM `" . TABLE_PANEL_IPSANDPORTS . "` " .
$additional_conditions . " ORDER BY `ip` ASC, `port` ASC
");
Database::pexecute($result_stmt, $additional_conditions_params);
$system_ipaddress_array = array(); $system_ipaddress_array = array();
while($row = $db->fetch_array($result)) while($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
{ if (filter_var($row['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) {
if(filter_var($row['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV6))
{
$row['ip'] = '[' . $row['ip'] . ']'; $row['ip'] = '[' . $row['ip'] . ']';
} }
$system_ipaddress_array[$row['id']] = $row['ip'] . ':' . $row['port']; $system_ipaddress_array[$row['id']] = $row['ip'] . ':' . $row['port'];
} }

38
lib/functions/froxlor/function.getLanguages.php
View File

@@ -1,38 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function getLanguages()
{
global $db, $theme;
$query = 'SELECT * FROM `' . TABLE_PANEL_LANGUAGE . '` ';
$result = $db->query($query);
$languages_array = array();
while($row = $db->fetch_array($result))
{
if(!isset($languages_array[$row['language']])
&& !in_array($row['language'], $languages_array))
{
$languages_array[$row['language']] = html_entity_decode($row['language']);
}
}
return $languages_array;
}

12
lib/functions/froxlor/function.getLoginNameByUid.php
View File

@@ -7,12 +7,14 @@
* *
* @return string customers loginname * @return string customers loginname
*/ */
function getLoginNameByUid($uid = null) function getLoginNameByUid($uid = null) {
{
global $db, $theme;
$result = $db->query_first("SELECT `loginname` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `guid` = '".(int)$uid."'"); $result_stmt = Database::prepare("
if(is_array($result) SELECT `loginname` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `guid` = :guid
");
$result = Database::pexecute_first($result_stmt, array('guid' => $uid));
if (is_array($result)
&& isset($result['loginname']) && isset($result['loginname'])
) { ) {
return $result['loginname']; return $result['loginname'];

24
lib/functions/froxlor/function.getPhpConfigs.php
View File

@@ -20,26 +20,20 @@
* *
* @return array * @return array
*/ */
function getPhpConfigs() function getPhpConfigs() {
{
global $db, $theme;
$query = 'SELECT * FROM `' . TABLE_PANEL_PHPCONFIGS . '` '; $result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_PHPCONFIGS . "`");
$result = $db->query($query, false, true); $result = Database::pexecute_first($result_stmt, null, false);
$configs_array = array(); $configs_array = array();
// if the table does not yet exist, we just use the default php.ini // if the table does not yet exist, we just use the default php.ini
if(!$result) if ($result == false) {
{
$configs_array[1] = 'Default php.ini'; $configs_array[1] = 'Default php.ini';
} } else {
else while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
{ if (!isset($configs_array[$row['id']])
while($row = $db->fetch_array($result)) && !in_array($row['id'], $configs_array)
{ ) {
if(!isset($configs_array[$row['id']])
&& !in_array($row['id'], $configs_array))
{
$configs_array[$row['id']] = html_entity_decode($row['description']); $configs_array[$row['id']] = html_entity_decode($row['description']);
} }
} }

38
lib/functions/froxlor/function.getServerId.php
View File

@@ -1,38 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
/**
* this function checks whether $server_id (multi-server) is set
* in userdata.inc.php and returns the value. If not set or invalid,
* always return the id of the master (which is '0')
*
* @return int server_id of current server
* @since 0.9.14-svn7
*/
function getServerId() {
global $server_id, $theme;
if(isset($server_id)
&& is_numeric($server_id)
&& $server_id > 0
) {
return $server_id;
}
// return default (master)
return 0;
}

32
lib/functions/froxlor/function.getSessionUserDetail.php
View File

@@ -1,32 +0,0 @@
<?php
/**
* This file is part of the Froxlor project.
* Copyright (c) 2003-2009 the SysCP Team (see authors).
* Copyright (c) 2010 the Froxlor Team (see authors).
*
* For the full copyright and license information, please view the COPYING
* file that was distributed with this source code. You can also view the
* COPYING file online at http://files.froxlor.org/misc/COPYING.txt
*
* @copyright (c) the authors
* @author Florian Lippert <flo@syscp.org> (2003-2009)
* @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions
*
*/
function getSessionUserDetail($varname)
{
global $userinfo, $theme;
if(isset($userinfo[$varname]))
{
return $userinfo[$varname];
}
else
{
return false;
}
}

79
lib/functions/froxlor/function.inserttask.php
View File

@@ -27,16 +27,16 @@
* @author Florian Lippert <flo@syscp.org> * @author Florian Lippert <flo@syscp.org>
*/ */
function inserttask($type, $param1 = '', $param2 = '', $param3 = '', $param4 = '') function inserttask($type, $param1 = '', $param2 = '', $param3 = '', $param4 = '') {
{
global $db, $settings, $theme;
if($type == '1' global $settings;
if ($type == '1'
|| $type == '3' || $type == '3'
|| $type == '4' || $type == '4'
|| $type == '5' || $type == '5'
|| $type == '10') || $type == '10'
{ ) {
// 4 = bind -> if bind disabled -> no task // 4 = bind -> if bind disabled -> no task
if ($type == '4' && $settings['system']['bind_enable'] == '0') { if ($type == '4' && $settings['system']['bind_enable'] == '0') {
return; return;
@@ -45,49 +45,68 @@ function inserttask($type, $param1 = '', $param2 = '', $param3 = '', $param4 = '
if ($type == '10' && $settings['system']['diskquota_enabled'] == '0') { if ($type == '10' && $settings['system']['diskquota_enabled'] == '0') {
return; return;
} }
$db->query('DELETE FROM `' . TABLE_PANEL_TASKS . '` WHERE `type`="' . $type . '"'); $del_stmt = Database::prepare("
$db->query('INSERT INTO `' . TABLE_PANEL_TASKS . '` (`type`) VALUES ("' . $type . '")'); DELETE FROM `" . TABLE_PANEL_TASKS . "` WHERE `type` = :type
} ");
elseif($type == '2' Database::pexecute($del_stmt, array('type' => $type));
$ins_stmt = Database::prepare("
INSERT INTO `" . TABLE_PANEL_TASKS . "` SET `type` = :type
");
Database::pexecute($ins_stmt, array('type' => $type));
} elseif ($type == '2'
&& $param1 != '' && $param1 != ''
&& $param2 != '' && $param2 != ''
&& $param3 != '' && $param3 != ''
&& ($param4 == 0 || $param4 == 1) && ($param4 == 0 || $param4 == 1)
) { ) {
$data = Array(); $data = array();
$data['loginname'] = $param1; $data['loginname'] = $param1;
$data['uid'] = $param2; $data['uid'] = $param2;
$data['gid'] = $param3; $data['gid'] = $param3;
$data['store_defaultindex'] = $param4; $data['store_defaultindex'] = $param4;
$data = serialize($data); $data = serialize($data);
$db->query('INSERT INTO `' . TABLE_PANEL_TASKS . '` (`type`, `data`) VALUES ("2", "' . $db->escape($data) . '")'); $ins_stmt = Database::prepare("
} INSERT INTO `" . TABLE_PANEL_TASKS . "` SET `type` = '2', `data` = :data
elseif($type == '6' ");
&& $param1 != '') Database::pexecute($ins_stmt, array('data' => $data));
{
$data = Array(); } elseif ($type == '6'
&& $param1 != ''
) {
$data = array();
$data['loginname'] = $param1; $data['loginname'] = $param1;
$data = serialize($data); $data = serialize($data);
$db->query('INSERT INTO `' . TABLE_PANEL_TASKS . '` (`type`, `data`) VALUES ("6", "' . $db->escape($data) . '")'); $ins_stmt = Database::prepare("
} INSERT INTO `" . TABLE_PANEL_TASKS . "` SET `type` = '6', `data` = :data
elseif($type == '7' ");
Database::pexecute($ins_stmt, array('data' => $data));
} elseif ($type == '7'
&& $param1 != '' && $param1 != ''
&& $param2 != '') && $param2 != ''
{ ) {
$data = Array(); $data = array();
$data['loginname'] = $param1; $data['loginname'] = $param1;
$data['email'] = $param2; $data['email'] = $param2;
$data = serialize($data); $data = serialize($data);
$db->query('INSERT INTO `' . TABLE_PANEL_TASKS . '` (`type`, `data`) VALUES ("7", "' . $db->escape($data) . '")'); $ins_stmt = Database::prepare("
} INSERT INTO `" . TABLE_PANEL_TASKS . "` SET `type` = '7', `data` = :data
elseif($type == '8' ");
Database::pexecute($ins_stmt, array('data' => $data));
} elseif ($type == '8'
&& $param1 != '' && $param1 != ''
&& $param2 != '') && $param2 != ''
{ ) {
$data = Array(); $data = array();
$data['loginname'] = $param1; $data['loginname'] = $param1;
$data['homedir'] = $param2; $data['homedir'] = $param2;
$data = serialize($data); $data = serialize($data);
$db->query('INSERT INTO `' . TABLE_PANEL_TASKS . '` (`type`, `data`) VALUES ("8", "' . $db->escape($data) . '")'); $ins_stmt = Database::prepare("
INSERT INTO `" . TABLE_PANEL_TASKS . "` SET `type` = '8', `data` = :data
");
Database::pexecute($ins_stmt, array('data' => $data));
} }
} }

23
lib/functions/froxlor/function.isCustomerStdSubdomain.php
View File

@@ -15,23 +15,24 @@
* *
*/ */
/* /**
* returns true or false whether a * returns true or false whether a given domain id
* given domain id is the std-subdomain * is the std-subdomain of a customer
* of a customer
* *
* @param int domain-id * @param int domain-id
* *
* @return boolean * @return boolean
*/ */
function isCustomerStdSubdomain($did = 0) function isCustomerStdSubdomain($did = 0) {
{
global $db, $theme;
if($did > 0) if ($did > 0) {
{ $result_stmt = Database::prepare("
$result = $db->query_first("SELECT `customerid` FROM `".TABLE_PANEL_CUSTOMERS."` WHERE `standardsubdomain` = '".(int)$did."'"); SELECT `customerid` FROM `".TABLE_PANEL_CUSTOMERS."`
if(is_array($result) WHERE `standardsubdomain` = :did
");
$result = Database::pexecute($result_stmt, array('did' => $did));
if (is_array($result)
&& isset($result['customerid']) && isset($result['customerid'])
&& $result['customerid'] > 0 && $result['customerid'] > 0
) { ) {

94
lib/functions/output/function.RedirectCode.php
View File

@@ -12,7 +12,6 @@
* @author Froxlor team <team@froxlor.org> (2010-) * @author Froxlor team <team@froxlor.org> (2010-)
* @license GPLv2 http://files.froxlor.org/misc/COPYING.txt * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt
* @package Functions * @package Functions
* @version $$
*/ */
/** /**
@@ -20,16 +19,13 @@
* *
* @return array array of enabled redirect-codes * @return array array of enabled redirect-codes
*/ */
function getRedirectCodesArray() function getRedirectCodesArray() {
{
global $db, $theme;
$sql = "SELECT * FROM `".TABLE_PANEL_REDIRECTCODES."` WHERE `enabled` = '1' ORDER BY `id` ASC"; $sql = "SELECT * FROM `".TABLE_PANEL_REDIRECTCODES."` WHERE `enabled` = '1' ORDER BY `id` ASC";
$result = $db->query($sql); $result_stmt = Database::query($sql);
$codes = array(); $codes = array();
while($rc = $db->fetch_array($result)) while ($rc = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
{
$codes[] = $rc; $codes[] = $rc;
} }
@@ -42,16 +38,15 @@ function getRedirectCodesArray()
* *
* @return array array of enabled redirect-codes * @return array array of enabled redirect-codes
*/ */
function getRedirectCodes() function getRedirectCodes() {
{
global $db, $lng, $theme; global $lng;
$sql = "SELECT * FROM `".TABLE_PANEL_REDIRECTCODES."` WHERE `enabled` = '1' ORDER BY `id` ASC"; $sql = "SELECT * FROM `".TABLE_PANEL_REDIRECTCODES."` WHERE `enabled` = '1' ORDER BY `id` ASC";
$result = $db->query($sql); $result_stmt = Database::query($sql);
$codes = array(); $codes = array();
while($rc = $db->fetch_array($result)) while ($rc = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
{
$codes[$rc['id']] = $rc['code']. ' ('.$lng['redirect_desc'][$rc['desc']].')'; $codes[$rc['id']] = $rc['code']. ' ('.$lng['redirect_desc'][$rc['desc']].')';
} }
@@ -66,20 +61,19 @@ function getRedirectCodes()
* *
* @return string redirect-code * @return string redirect-code
*/ */
function getDomainRedirectCode($domainid = 0) function getDomainRedirectCode($domainid = 0) {
{
global $db, $theme;
$code = ''; $code = '';
if($domainid > 0) if ($domainid > 0) {
{
$sql = "SELECT `r`.`code` as `redirect` $result_stmt = Database::prepare("
SELECT `r`.`code` as `redirect`
FROM `".TABLE_PANEL_REDIRECTCODES."` `r`, `".TABLE_PANEL_DOMAINREDIRECTS."` `rc` FROM `".TABLE_PANEL_REDIRECTCODES."` `r`, `".TABLE_PANEL_DOMAINREDIRECTS."` `rc`
WHERE `r`.`id` = `rc`.`rid` and `rc`.`did` = '".(int)$domainid."'"; WHERE `r`.`id` = `rc`.`rid` and `rc`.`did` = :domainid
");
$result = Database::pexecute_first($result_stmt, array('domainid' => $domainid));
$result = $db->query_first($sql); if (is_array($result)
if(is_array($result)
&& isset($result['redirect']) && isset($result['redirect'])
) { ) {
$code = ($result['redirect'] == '---') ? '' : $result['redirect']; $code = ($result['redirect'] == '---') ? '' : $result['redirect'];
@@ -96,20 +90,18 @@ function getDomainRedirectCode($domainid = 0)
* *
* @return integer redirect-code-id * @return integer redirect-code-id
*/ */
function getDomainRedirectId($domainid = 0) function getDomainRedirectId($domainid = 0) {
{
global $db, $theme;
$code = 1; $code = 1;
if($domainid > 0) if ($domainid > 0) {
{ $result_stmt = Database::prepare("
$sql = "SELECT `r`.`id` as `redirect` SELECT `r`.`id` as `redirect`
FROM `".TABLE_PANEL_REDIRECTCODES."` `r`, `".TABLE_PANEL_DOMAINREDIRECTS."` `rc` FROM `".TABLE_PANEL_REDIRECTCODES."` `r`, `".TABLE_PANEL_DOMAINREDIRECTS."` `rc`
WHERE `r`.`id` = `rc`.`rid` and `rc`.`did` = '".(int)$domainid."'"; WHERE `r`.`id` = `rc`.`rid` and `rc`.`did` = :domainid
");
$result = Database::pexecute_first($result_stmt, array('domainid' => $domainid));
$result = $db->query_first($sql); if (is_array($result)
if(is_array($result)
&& isset($result['redirect']) && isset($result['redirect'])
) { ) {
$code = (int)$result['redirect']; $code = (int)$result['redirect'];
@@ -126,13 +118,12 @@ function getDomainRedirectId($domainid = 0)
* *
* @return null * @return null
*/ */
function addRedirectToDomain($domainid = 0, $redirect = 1) function addRedirectToDomain($domainid = 0, $redirect = 1) {
{ if ($domainid > 0) {
global $db, $theme; $ins_stmt = Database::prepare("
if($domainid > 0) INSERT INTO `".TABLE_PANEL_DOMAINREDIRECTS."` SET `rid` = :rid, `did` = :did
{ ");
$db->query("INSERT INTO `".TABLE_PANEL_DOMAINREDIRECTS."` Database::pexecute($ins_stmt, array('rid' => $redirect, 'did' => $domainid));
SET `rid` = '".(int)$redirect."', `did` = '".(int)$domainid."'");
} }
} }
@@ -145,20 +136,21 @@ function addRedirectToDomain($domainid = 0, $redirect = 1)
* *
* @return null * @return null
*/ */
function updateRedirectOfDomain($domainid = 0, $redirect = false) function updateRedirectOfDomain($domainid = 0, $redirect = false) {
{
global $db, $theme;
if($redirect == false) if ($redirect == false) {
{
return; return;
} }
if($domainid > 0) if ($domainid > 0) {
{ $del_stmt = Database::prepare("
$db->query("DELETE FROM `".TABLE_PANEL_DOMAINREDIRECTS."` DELETE FROM `".TABLE_PANEL_DOMAINREDIRECTS."` WHERE `did` = :domainid
WHERE `did` = '".(int)$domainid."'"); ");
$db->query("INSERT INTO `".TABLE_PANEL_DOMAINREDIRECTS."` Database::pexecute($del_stmt, array('domainid' => $domainid));
SET `rid` = '".(int)$redirect."', `did` = '".(int)$domainid."'");
$ins_stmt = Database::prepare("
INSERT INTO `".TABLE_PANEL_DOMAINREDIRECTS."` SET `rid` = :rid, `did` = :did
");
Database::pexecute($ins_stmt, array('rid' => $redirect, 'did' => $domainid));
} }
} }

60
lib/functions/settings/function.loadSettings.php
View File

@@ -17,34 +17,50 @@
* *
*/ */
function loadSettings(&$settings_data, $db) function loadSettings(&$settings_data) {
{
$settings = array(); $settings = array();
if(is_array($settings_data) && isset($settings_data['groups']) && is_array($settings_data['groups'])) if (is_array($settings_data)
{ && isset($settings_data['groups'])
foreach($settings_data['groups'] as $settings_part => $settings_part_details) && is_array($settings_data['groups'])
{ ) {
if(is_array($settings_part_details) && isset($settings_part_details['fields']) && is_array($settings_part_details['fields']))
{ // prepare for use in for-loop
foreach($settings_part_details['fields'] as $field_name => $field_details) $row_stmt = Database::prepare("
{ SELECT `settinggroup`, `varname`, `value`
if(isset($field_details['settinggroup']) && isset($field_details['varname']) && isset($field_details['default'])) FROM `" . TABLE_PANEL_SETTINGS . "`
{ WHERE `settinggroup` = :group AND `varname` = :varname
$row = $db->query_first('SELECT `settinggroup`, `varname`, `value` FROM `' . TABLE_PANEL_SETTINGS . '` WHERE `settinggroup` = \'' . $db->escape($field_details['settinggroup']) . '\' AND `varname` = \'' . $db->escape($field_details['varname']) . '\' '); ");
if(!empty($row))
{ foreach ($settings_data['groups'] as $settings_part => $settings_part_details) {
if (is_array($settings_part_details)
&& isset($settings_part_details['fields'])
&& is_array($settings_part_details['fields'])
) {
foreach ($settings_part_details['fields'] as $field_name => $field_details) {
if (isset($field_details['settinggroup'])
&& isset($field_details['varname'])
&& isset($field_details['default'])
) {
// execute prepared statement
$row = Database::pexecute_first($row_stmt, array(
'group' => $field_details['settinggroup'],
'varname' => $field_details['varname']
));
if (!empty($row)) {
$varvalue = $row['value']; $varvalue = $row['value'];
} } else {
else
{
$varvalue = $field_details['default']; $varvalue = $field_details['default'];
} }
$settings[$field_details['settinggroup']][$field_details['varname']] = $varvalue; $settings[$field_details['settinggroup']][$field_details['varname']] = $varvalue;
}
else } else {
{
$varvalue = false; $varvalue = false;
} }
@@ -56,5 +72,3 @@ function loadSettings(&$settings_data, $db)
return $settings; return $settings;
} }
?>

15
lib/functions/settings/function.saveSetting.php
View File

@@ -17,11 +17,12 @@
* *
*/ */
function saveSetting($settinggroup, $varname, $newvalue) function saveSetting($settinggroup, $varname, $newvalue) {
{
global $db, $theme;
$query = 'UPDATE `' . TABLE_PANEL_SETTINGS . '` SET `value` = \'' . $db->escape($newvalue) . '\' WHERE `settinggroup` = \'' . $db->escape($settinggroup) . '\' AND `varname`=\'' . $db->escape($varname) . '\'';
return $db->query($query);
}
?> $upd_stmt = Database::Prepare("
UPDATE `" . TABLE_PANEL_SETTINGS . "` SET `value` = :newvalue
WHERE `settinggroup` = :group AND `varname` = :varname
");
Database::pexecute($upd_stmt, array('newvalue' => $newvalue, 'group' => $settinggroup, 'varname' => $varname));
return true;
}

21
lib/functions/settings/function.storeSettingDefaultIp.php
View File

@@ -27,21 +27,26 @@ function storeSettingDefaultIp($fieldname, $fielddata, $newfieldvalue) {
&& isset($fielddata['varname']) && isset($fielddata['varname'])
&& $fielddata['varname'] == 'defaultip' && $fielddata['varname'] == 'defaultip'
) { ) {
global $db, $theme;
$customerstddomains_result = $db->query("SELECT `standardsubdomain` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `standardsubdomain` <> '0'"); $customerstddomains_result_stmt = Database::prepare("
SELECT `standardsubdomain` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `standardsubdomain` <> '0'
");
Database::pexecute($customerstddomains_result_stmt);
$ids = array(); $ids = array();
while($customerstddomains_row = $db->fetch_array($customerstddomains_result)) { while ($customerstddomains_row = $customerstddomains_result_stmt->fetch(PDO::FETCH_ASSOC)) {
$ids[] = (int)$customerstddomains_row['standardsubdomain']; $ids[] = (int)$customerstddomains_row['standardsubdomain'];
} }
if(count($ids) > 0) { if (count($ids) > 0) {
$db->query("UPDATE `" . TABLE_DOMAINTOIP . "` SET $upd_stmt = Database::prepare("
`id_ipandports`='" . (int)$newfieldvalue . "' UPDATE `" . TABLE_DOMAINTOIP . "` SET
`id_ipandports` = :newval
WHERE `id_domain` IN ('" . implode(', ', $ids) . "') WHERE `id_domain` IN ('" . implode(', ', $ids) . "')
AND `id_ipandports` = '" . $db->escape(getSetting('system', 'defaultip')) . "'" AND `id_ipandports` = :defaultip
); ");
Database::pexecute($upd_stmt, array('newval' => $newfieldvalue, 'defaultip' => getSetting('system', 'defaultip')));
} }
} }

11
lib/functions/settings/function.storeSettingDefaultTheme.php
View File

@@ -41,14 +41,19 @@ function storeSettingDefaultTheme($fieldname, $fielddata, $newfieldvalue) {
&& isset($fielddata['varname']) && isset($fielddata['varname'])
&& $fielddata['varname'] == 'default_theme' && $fielddata['varname'] == 'default_theme'
) { ) {
global $db;
// now, if changing themes is disabled we recursivly set // now, if changing themes is disabled we recursivly set
// the new theme (customers and admin, depending on settings) // the new theme (customers and admin, depending on settings)
if (getSetting('panel', 'allow_theme_change_customer') == '0') { if (getSetting('panel', 'allow_theme_change_customer') == '0') {
$db->query("UPDATE `".TABLE_PANEL_CUSTOMERS."` SET `theme`='".$db->escape($newfieldvalue)."'"); $upd_stmt = Database::prepare("
UPDATE `".TABLE_PANEL_CUSTOMERS."` SET `theme` = :theme
");
Database::pexecute($upd_stmt, array('theme' => $newfieldvalue));
} }
if (getSetting('panel', 'allow_theme_change_admin') == '0') { if (getSetting('panel', 'allow_theme_change_admin') == '0') {
$db->query("UPDATE `".TABLE_PANEL_ADMINS."` SET `theme`='".$db->escape($newfieldvalue)."'"); $upd_stmt = Database::prepare("
UPDATE `".TABLE_PANEL_ADMINS."` SET `theme` = :theme
");
Database::pexecute($upd_stmt, array('theme' => $newfieldvalue));
} }
} }

37
lib/functions/settings/function.storeSettingHostname.php
View File

@@ -17,30 +17,41 @@
* *
*/ */
function storeSettingHostname($fieldname, $fielddata, $newfieldvalue) function storeSettingHostname($fieldname, $fielddata, $newfieldvalue) {
{
global $idna_convert;
$returnvalue = storeSettingField($fieldname, $fielddata, $newfieldvalue); $returnvalue = storeSettingField($fieldname, $fielddata, $newfieldvalue);
if($returnvalue !== false && is_array($fielddata) && isset($fielddata['settinggroup']) && $fielddata['settinggroup'] == 'system' && isset($fielddata['varname']) && $fielddata['varname'] == 'hostname') if ($returnvalue !== false
{ && is_array($fielddata)
global $db, $idna_convert, $theme; && isset($fielddata['settinggroup'])
&& $fielddata['settinggroup'] == 'system'
&& isset($fielddata['varname'])
&& $fielddata['varname'] == 'hostname'
) {
$newfieldvalue = $idna_convert->encode($newfieldvalue); $newfieldvalue = $idna_convert->encode($newfieldvalue);
$customerstddomains_result = $db->query('SELECT `standardsubdomain` FROM `' . TABLE_PANEL_CUSTOMERS . '` WHERE `standardsubdomain` <> \'0\''); $customerstddomains_result_stmt = Database::prepare("
SELECT `standardsubdomain` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `standardsubdomain` <> '0'
");
Database::pexecute($customerstddomains_result_stmt);
$ids = array(); $ids = array();
while($customerstddomains_row = $db->fetch_array($customerstddomains_result)) while ($customerstddomains_row = $customerstddomains_result_stmt->fetch(PDO::FETCH_ASSOC)) {
{
$ids[] = (int)$customerstddomains_row['standardsubdomain']; $ids[] = (int)$customerstddomains_row['standardsubdomain'];
} }
if(count($ids) > 0) if (count($ids) > 0) {
{ $upd_stmt = Database::prepare("
$db->query('UPDATE `' . TABLE_PANEL_DOMAINS . '` SET `domain` = REPLACE(`domain`, \'' . $db->escape(getSetting('system', 'hostname')) . '\', \'' . $db->escape($newfieldvalue) . '\') WHERE `id` IN (\'' . implode('\',\'', $ids) . '\')'); UPDATE `" . TABLE_PANEL_DOMAINS . "` SET
`domain` = REPLACE(`domain`, :host, :newval)
WHERE `id` IN ('" . implode(', ', $ids) . "')
");
Database::pexecute($upd_stmt, array('host' => getSetting('system', 'hostname'), 'newval' => $newfieldvalue));
} }
} }
return $returnvalue; return $returnvalue;
} }
?>

31
lib/functions/settings/function.storeSettingResetCatchall.php
View File

@@ -16,28 +16,35 @@
* *
*/ */
function storeSettingResetCatchall($fieldname, $fielddata, $newfieldvalue) function storeSettingResetCatchall($fieldname, $fielddata, $newfieldvalue) {
{
$returnvalue = storeSettingField($fieldname, $fielddata, $newfieldvalue); $returnvalue = storeSettingField($fieldname, $fielddata, $newfieldvalue);
if($returnvalue !== false if ($returnvalue !== false
&& is_array($fielddata) && is_array($fielddata)
&& isset($fielddata['settinggroup']) && isset($fielddata['settinggroup'])
&& $fielddata['settinggroup'] == 'catchall' && $fielddata['settinggroup'] == 'catchall'
&& isset($fielddata['varname']) && isset($fielddata['varname'])
&& $fielddata['varname'] == 'catchall_enabled' && $fielddata['varname'] == 'catchall_enabled'
&& $newfieldvalue == '0') && $newfieldvalue == '0'
{ ) {
global $db;
$result = $db->query("SELECT `id`, `email`, `email_full`, `iscatchall` FROM `" . TABLE_MAIL_VIRTUAL . "` WHERE `iscatchall`='1'");
while($result_row = $db->fetch_array($result)) $result_stmt = Database::query("
{ SELECT `id`, `email`, `email_full`, `iscatchall` FROM `" . TABLE_MAIL_VIRTUAL . "`
$db->query("UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `email` = '" . $db->escape($result_row['email_full']) . "', `iscatchall` = '0' WHERE `id`='" . (int)$result_row['id'] . "'"); WHERE `iscatchall` = '1'
");
if (Database::num_rows() > 0) {
$upd_stmt = Database::prepare("
UPDATE `" . TABLE_MAIL_VIRTUAL . "` SET `email` = :email, `iscatchall` = '0' WHERE `id` = :id
");
while ($result_row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
Database::pexecute($upd_stmt, array('email' => $result_row['email_full'], 'id' => $result_row['id']));
}
} }
} }
return $returnvalue; return $returnvalue;
} }
?>

8
lib/functions/validate/function.setCycleOfCronjob.php
View File

@@ -15,11 +15,9 @@
* *
*/ */
function setCycleOfCronjob($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues) function setCycleOfCronjob($fieldname, $fielddata, $newfieldvalue, $allnewfieldvalues) {
{
global $settings, $db, $theme;
switch($newfieldvalue) switch ($newfieldvalue)
{ {
case 0: case 0:
$interval = 'DAY'; $interval = 'DAY';
@@ -38,7 +36,7 @@ function setCycleOfCronjob($fieldname, $fielddata, $newfieldvalue, $allnewfieldv
break; break;
} }
$db->query("UPDATE `cronjobs_run` SET `interval` = '1 ".$interval."' WHERE `cronfile` = 'cron_used_tickets_reset.php';"); Database::query("UPDATE `cronjobs_run` SET `interval` = '1 ".$interval."' WHERE `cronfile` = 'cron_used_tickets_reset.php';");
return array(FORMFIELDS_PLAUSIBILITY_CHECK_OK); return array(FORMFIELDS_PLAUSIBILITY_CHECK_OK);
} }

7
lib/init.php
View File

@@ -177,7 +177,7 @@ if (get_magic_quotes_gpc()) {
* Selects settings from MySQL-Table * Selects settings from MySQL-Table
*/ */
$settings_data = loadConfigArrayDir('actions/admin/settings/'); $settings_data = loadConfigArrayDir('actions/admin/settings/');
$settings = loadSettings($settings_data, $db); $settings = loadSettings($settings_data);
/** /**
* SESSION MANAGEMENT * SESSION MANAGEMENT
@@ -434,9 +434,10 @@ if (AREA == 'admin' || AREA == 'customer') {
/** /**
* header information about open tickets (only if used) * header information about open tickets (only if used)
*/ */
$awaitingtickets = 0;
$awaitingtickets_text = '';
if ($settings['ticket']['enabled'] == '1') { if ($settings['ticket']['enabled'] == '1') {
$awaitingtickets = 0;
$awaitingtickets_text = '';
$opentickets = 0; $opentickets = 0;
if (AREA == 'admin' && isset($userinfo['adminid'])) { if (AREA == 'admin' && isset($userinfo['adminid'])) {