From 1647d6ecfb9bdfed5ad82f277578eec2412a2d3e Mon Sep 17 00:00:00 2001
From: "Michael Kaufmann (d00p)" <d00p@froxlor.org>
Date: Mon, 25 Jan 2010 16:21:10 +0000
Subject: [PATCH] more fixing on the cronjob part

---
 install/froxlor.sql                           | 10 ++--
 .../froxlor/function.getIntervalOptions.php   | 11 +++-
 .../froxlor/function.getNextCronjobs.php      |  4 +-
 .../validate/function.validateSqlInterval.php | 55 +++++++++++++++++++
 4 files changed, 71 insertions(+), 9 deletions(-)
 create mode 100644 lib/functions/validate/function.validateSqlInterval.php

diff --git a/install/froxlor.sql b/install/froxlor.sql
index ca3a5b0e..0db19a3d 100644
--- a/install/froxlor.sql
+++ b/install/froxlor.sql
@@ -930,7 +930,7 @@ CREATE TABLE IF NOT EXISTS `cronjobs_run` (
   `id` bigint(20) NOT NULL auto_increment,
   `cronfile` varchar(250) NOT NULL,
   `lastrun` int(15) NOT NULL DEFAULT '0',
-  `interval` varchar(100) DEFAULT '5 MINUTES',
+  `interval` varchar(100) DEFAULT '5 MINUTE',
   PRIMARY KEY  (`id`)
 ) ENGINE=MyISAM;
 
@@ -938,10 +938,10 @@ CREATE TABLE IF NOT EXISTS `cronjobs_run` (
 # Dumping data for table `panel_phpconfigs`
 #
 
-INSERT INTO `cronjobs_run` (`id`, `cronfile`, `interval`) VALUES (1, 'cron_tasks.php', '5 MINUTES');
-INSERT INTO `cronjobs_run` (`id`, `cronfile`, `interval`) VALUES (2, 'cron_legacy.php', '5 MINUTES');
-INSERT INTO `cronjobs_run` (`id`, `cronfile`, `interval`) VALUES (3, 'cron_apsinstaller.php', '5 MINUTES');
-INSERT INTO `cronjobs_run` (`id`, `cronfile`, `interval`) VALUES (4, 'cron_autoresponder.php', '5 MINUTES');
+INSERT INTO `cronjobs_run` (`id`, `cronfile`, `interval`) VALUES (1, 'cron_tasks.php', '5 MINUTE');
+INSERT INTO `cronjobs_run` (`id`, `cronfile`, `interval`) VALUES (2, 'cron_legacy.php', '5 MINUTE');
+INSERT INTO `cronjobs_run` (`id`, `cronfile`, `interval`) VALUES (3, 'cron_apsinstaller.php', '5 MINUTE');
+INSERT INTO `cronjobs_run` (`id`, `cronfile`, `interval`) VALUES (4, 'cron_autoresponder.php', '5 MINUTE');
 INSERT INTO `cronjobs_run` (`id`, `cronfile`, `interval`) VALUES (5, 'cron_apsupdater.php', '1 HOUR');
 INSERT INTO `cronjobs_run` (`id`, `cronfile`, `interval`) VALUES (6, 'cron_traffic.php', '1 DAY');
 INSERT INTO `cronjobs_run` (`id`, `cronfile`, `interval`) VALUES (7, 'cron_used_tickets_reset.php', '1 MONTH');
diff --git a/lib/functions/froxlor/function.getIntervalOptions.php b/lib/functions/froxlor/function.getIntervalOptions.php
index d81c2cae..3a382757 100644
--- a/lib/functions/froxlor/function.getIntervalOptions.php
+++ b/lib/functions/froxlor/function.getIntervalOptions.php
@@ -11,7 +11,7 @@
  * @copyright  (c) the authors
  * @author     Froxlor team <team@froxlor.org> (2010-)
  * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
- * @package    Settings
+ * @package    Functions
  * @version    $Id: $
  */
 
@@ -27,7 +27,14 @@ function getIntervalOptions()
 
 	while($row = $db->fetch_array($result))
 	{
-		$cron_intervals[$row['interval']] = $row['interval'];
+		if(validateSqlInterval($row['interval']))
+		{
+			$cron_intervals[$row['interval']] = $row['interval'];
+		}
+		else
+		{
+			$log->logAction(ADM_ACTION, LOG_ERROR, "Invalid SQL-Interval ".$row['interval']." detected. Please fix this in the database.");
+		}
 	}
 	
 	return $cron_intervals;
diff --git a/lib/functions/froxlor/function.getNextCronjobs.php b/lib/functions/froxlor/function.getNextCronjobs.php
index e8a8cab7..8c056c62 100644
--- a/lib/functions/froxlor/function.getNextCronjobs.php
+++ b/lib/functions/froxlor/function.getNextCronjobs.php
@@ -36,9 +36,9 @@ function getNextCronjobs()
 		if($name == '0') continue;
 
 		if($x == 0) {
-			$sql.= 'DATE_ADD(FROM_UNIXTIME(`lastrun`), INTERVAL '.$ival.') <= CURDATE()';
+			$sql.= 'DATE_ADD(FROM_UNIXTIME(`lastrun`), INTERVAL '.$ival.') <= UTC_TIMESTAMP()';
 		} else {	
-			$sql.= ' OR DATE_ADD(UNIX_TIMESTAMP(`lastrun`), INTERVAL '.$ival.') <= CURDATE()';
+			$sql.= ' OR DATE_ADD(UNIX_TIMESTAMP(`lastrun`), INTERVAL '.$ival.') <= UTC_TIMESTAMP()';
 		}
 		$x++;
 	}
diff --git a/lib/functions/validate/function.validateSqlInterval.php b/lib/functions/validate/function.validateSqlInterval.php
new file mode 100644
index 00000000..193788bd
--- /dev/null
+++ b/lib/functions/validate/function.validateSqlInterval.php
@@ -0,0 +1,55 @@
+<?php
+
+/**
+ * This file is part of the Froxlor project.
+ * Copyright (c) 2010 the Froxlor Team (see authors).
+ *
+ * For the full copyright and license information, please view the COPYING
+ * file that was distributed with this source code. You can also view the
+ * COPYING file online at http://files.froxlor.org/misc/COPYING.txt
+ *
+ * @copyright  (c) the authors
+ * @author     Froxlor team <team@froxlor.org> (2010-)
+ * @license    GPLv2 http://files.froxlor.org/misc/COPYING.txt
+ * @package    Functions
+ * @version    $Id: $
+ */
+
+function validateSqlInterval($interval = null)
+{
+	if(!$interval === null || $interval != '')
+	{
+		if(strstr($interval, ' ') !== false)
+		{
+			/*
+			 * [0] = ([0-9]+)
+			 * [1] = valid SQL-Interval expression 
+			 */
+			$valid_expr = array(
+								'SECOND',
+								'MINUTE',
+								'HOUR',
+								'DAY',
+								'WEEK',
+								'MONTH',
+								'YEAR'
+						);
+			
+			$interval_parts = explode(' ', $interval);
+			
+			if(is_array($interval_parts)
+			&& isset($interval_parts[0])
+			&& isset($interval_parts[1]))
+			{
+				if(preg_match('/([0-9]+)/i', $interval_parts[0]))
+				{
+					if(in_array(strtoupper($interval_parts[1]), $valid_expr))
+					{
+						return true;
+					}
+				}
+			}
+		}
+	}
+	return false;
+}