From 26d9aa570c0b555c8be62b0185777945cfa93c8a Mon Sep 17 00:00:00 2001 From: "Michael Kaufmann (d00p)" Date: Thu, 7 Nov 2013 18:49:16 +0100 Subject: [PATCH 1/6] remove unused code and database-tables; set version to 0.9.31-dev1 Signed-off-by: Michael Kaufmann (d00p) --- install/froxlor.sql | 21 +- .../updates/froxlor/0.9/update_0.9.inc.php | 13 ++ lib/classes/domains/class.docrootsettings.php | 198 ------------------ lib/tables.inc.php | 5 +- 4 files changed, 15 insertions(+), 222 deletions(-) delete mode 100644 lib/classes/domains/class.docrootsettings.php diff --git a/install/froxlor.sql b/install/froxlor.sql index d2a26a4d..2d1a56ad 100644 --- a/install/froxlor.sql +++ b/install/froxlor.sql @@ -539,7 +539,7 @@ INSERT INTO `panel_settings` (`settinggroup`, `varname`, `value`) VALUES ('panel', 'phpconfigs_hidestdsubdomain', '0'), ('panel', 'allow_theme_change_admin', '1'), ('panel', 'allow_theme_change_customer', '1'), - ('panel', 'version', '0.9.30'); + ('panel', 'version', '0.9.31-dev1'); DROP TABLE IF EXISTS `panel_tasks`; @@ -897,25 +897,6 @@ CREATE TABLE IF NOT EXISTS `domain_redirect_codes` ( ) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci; - -DROP TABLE IF EXISTS `ipsandports_docrootsettings`; -CREATE TABLE IF NOT EXISTS `ipsandports_docrootsettings` ( - `id` int(5) NOT NULL auto_increment, - `fid` int(11) NOT NULL, - `docrootsettings` text NOT NULL, - PRIMARY KEY (`id`) -) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci; - - -DROP TABLE IF EXISTS `domain_docrootsettings`; -CREATE TABLE IF NOT EXISTS `domain_docrootsettings` ( - `id` int(5) NOT NULL auto_increment, - `fid` int(11) NOT NULL, - `docrootsettings` text NOT NULL, - PRIMARY KEY (`id`) -) ENGINE=MyISAM CHARSET=utf8 COLLATE=utf8_general_ci; - - DROP TABLE IF EXISTS `domain_ssl_settings`; CREATE TABLE IF NOT EXISTS `domain_ssl_settings` ( `id` int(5) NOT NULL auto_increment, diff --git a/install/updates/froxlor/0.9/update_0.9.inc.php b/install/updates/froxlor/0.9/update_0.9.inc.php index b88a8d3c..feb5b6f5 100644 --- a/install/updates/froxlor/0.9/update_0.9.inc.php +++ b/install/updates/froxlor/0.9/update_0.9.inc.php @@ -2410,3 +2410,16 @@ if (isFroxlorVersion('0.9.30-rc1')) { updateToVersion('0.9.30'); } + +if (isFroxlorVersion('0.9.30')) { + + showUpdateStep("Updating from 0.9.30 to 0.9.31-dev1", true); + lastStepStatus(0); + + showUpdateStep("Removing unsused tables"); + Database::query("DROP TABLE IF EXISTS `ipsandports_docrootsettings`;"); + Database::query("DROP TABLE IF EXISTS `domain_docrootsettings`;"); + lastStepStatus(0); + + updateToVersion('0.9.31-dev1'); +} diff --git a/lib/classes/domains/class.docrootsettings.php b/lib/classes/domains/class.docrootsettings.php deleted file mode 100644 index b566e127..00000000 --- a/lib/classes/domains/class.docrootsettings.php +++ /dev/null @@ -1,198 +0,0 @@ - - * @author Froxlor team (2010-) - * @license GPLv2 http://files.froxlor.org/misc/COPYING.txt - * @package Classes - * - * @link http://www.nutime.de/ - * @since 0.9.17-svn2 - * - */ - -class docrootsettings -{ - /** - * Database handler - * @var object - */ - private $_db = false; - - /** - * Settings array - * @var array - */ - private $_settings = array(); - - /** - * main constructor - */ - public function __construct($db, $settings) - { - $this->_db = $db; - $this->_settings = $settings; - } - - /** - * this function lets you add docroot-settings for a given domain (by ID) - * - * @param int $domainid id of the domain to add the settings for - * @param string $ssettings docrootsettings to add for the domain - * - * @return boolean - */ - public function addDomainDocrootsettings($domainid = 0, $ssettings = '') - { - return $this->_addDocrootSetting(TABLE_PANEL_DOMDOCROOTSETTINGS, $domainid, $ssettings); - } - - /** - * this function lets you update docroot-settings for a given domain (by ID) - * - * @param int $domainid id of the domain to update the settings from - * @param string $ssettings docrootsettings to update for the domain - * - * @return boolean - */ - public function updateDomainDocrootsettings($domainid = 0, $ssettings = '') - { - return $this->_updateDocrootSetting(TABLE_PANEL_DOMDOCROOTSETTINGS, $domainid, $ssettings); - } - - /** - * this function lets you add docroot-settings for a given ip/port combo (by ID) - * - * @param int $ipandportid id of the domain to add the settings for - * @param string $ssettings docrootsettings to add for the domain - * - * @return boolean - */ - public function addIpsAndPortsDocrootsettings($ipandportid = 0, $ssettings = '') - { - return $this->_addDocrootSetting(TABLE_PANEL_IPDOCROOTSETTINGS, $ipandportid, $ssettings); - } - - /** - * this function lets you update docroot-settings for a given ip/port combo (by ID) - * - * @param int $ipandportid id of the domain to update the settings from - * @param string $ssettings docrootsettings to update for the domain - * - * @return boolean - */ - public function updateIpsAndPortsDocrootsettings($ipandportid = 0, $ssettings = '') - { - return $this->_updateDocrootSetting(TABLE_PANEL_IPDOCROOTSETTINGS, $ipandportid, $ssettings); - } - - /** - * returns the docroot-setting - * for a given domain (by ID) - * - * @param int $domainid the id of the domain - * - * @return string the settings or empty if not set - */ - public function getDomainDocrootsettings($domainid = 0) - { - return $this->_getDocrootSettingById(TABLE_PANEL_DOMDOCROOTSETTINGS, $domainid); - } - - /** - * returns the docroot-setting - * for a given ip/port combination (by ID) - * - * @param int $ipandportid the id of the ip/port combo - * - * @return string the settings or empty if not set - */ - public function getIpsAndPortsDocrootsettings($ipandportid = 0) - { - return $this->_getDocrootSettingById(TABLE_PANEL_IPDOCROOTSETTINGS, $ipandportid); - } - - /** - * this function is called by addDomainDocrootsettings() and - * addIpsAndPortsDocrootsettings() to add docroot settings for an object - * - * @param string $table table to add the settings to - * @param int $fid foreign id / object id - * @param string $ssettings docroot-settings - * - * @return boolean - */ - private function _addDocrootSetting($table, $fid, $ssettings) - { - $query = "INSERT INTO `".$table."` SET - `fid` = '".(int)$fid."', - `docrootsettings` = '".$db->escape($ssettings)."';"; - $this->_db->query($query); - return true; - } - - /** - * this function is called by updateDomainDocrootsettings() and - * updateIpsAndPortsDocrootsettings() to update docroot settings for an object - * - * if new value is an empty string, entry is being removed - * - * @param string $table table to update the settings from - * @param int $fid foreign id / object id - * @param string $ssettings docroot-settings - * - * @return boolean - */ - private function _updateDocrootSetting($table, $fid, $ssettings) - { - // check if this object has an entry for docrootsettings - if($this->_getDocrootSettingById($table, $fid) != '') - { - if($ssettings != '') - { - // update if new value has been set - $query = "UPDATE `".$table."` SET - `docrootsettings` = '".$db->escape($ssettings)."' - WHERE `fid` = '".(int)$fid."';"; - } - else - { - // remove if new value is empty - $query = "DELETE FROM `".$table."` WHERE `fid` = '".(int)$fid."';"; - } - // run query - $this->_db->query($query); - return true; - } - // this object has no entry for docrootsettings yet - return false; - } - - /** - * read the docrootsetting field of given table - * for given id - * - * @param string $table table where to read from - * @param int $id id of the object - * - * @return string string the settings or empty if not set - */ - private function _getDocrootSettingById($table = null, $id = 0) - { - $query = "SELECT `docrootsettings` FROM `".$table."` WHERE `fid`='".(int)$id."';"; - $result = $this->_db->query_first($query); - if($result !== false && isset($result['docrootsettings'])) - { - return $result['docrootsettings']; - } - return ''; - } -} diff --git a/lib/tables.inc.php b/lib/tables.inc.php index db51be4d..46f30f6c 100644 --- a/lib/tables.inc.php +++ b/lib/tables.inc.php @@ -52,13 +52,10 @@ define('TABLE_APS_TEMP_SETTINGS', 'aps_temp_settings'); define('TABLE_PANEL_CRONRUNS', 'cronjobs_run'); define('TABLE_PANEL_REDIRECTCODES', 'redirect_codes'); define('TABLE_PANEL_DOMAINREDIRECTS', 'domain_redirect_codes'); -define('TABLE_PANEL_IPDOCROOTSETTINGS', 'ipsandports_docrootsettings'); -define('TABLE_PANEL_DOMDOCROOTSETTINGS', 'domain_docrootsettings'); define('TABLE_PANEL_DOMAIN_SSL_SETTINGS', 'domain_ssl_settings'); define('TABLE_DOMAINTOIP', 'panel_domaintoip'); // APS constants - define('TASK_INSTALL', 1); define('TASK_REMOVE', 2); define('TASK_RECONFIGURE', 3); @@ -74,6 +71,6 @@ define('PACKAGE_LOCKED', 1); define('PACKAGE_ENABLED', 2); // VERSION INFO -$version = '0.9.30'; +$version = '0.9.31-dev1'; $dbversion = '2'; $branding = ''; From fb8b233560cae93290d5bc1493cbb61689773451 Mon Sep 17 00:00:00 2001 From: "Michael Kaufmann (d00p)" Date: Fri, 8 Nov 2013 08:48:13 +0100 Subject: [PATCH 2/6] migrate updateFunctions to PDO and fix version_compare2 Signed-off-by: Michael Kaufmann (d00p) --- .../froxlor/function.updateFunctions.php | 127 +++++++++--------- .../froxlor/function.version_compare2.php | 4 +- 2 files changed, 64 insertions(+), 67 deletions(-) diff --git a/lib/functions/froxlor/function.updateFunctions.php b/lib/functions/froxlor/function.updateFunctions.php index b66a0f12..2ef1d9e4 100644 --- a/lib/functions/froxlor/function.updateFunctions.php +++ b/lib/functions/froxlor/function.updateFunctions.php @@ -15,7 +15,7 @@ * */ -/* +/** * Function updateToVersion * * updates the panel.version field @@ -25,40 +25,41 @@ * * @return bool true on success, else false */ -function updateToVersion($new_version = null) -{ - global $db, $settings, $theme; +function updateToVersion($new_version = null) { - if($new_version !== null && $new_version != '') - { - $query = "UPDATE `".TABLE_PANEL_SETTINGS."` SET `value` = '" . $new_version . "' WHERE `settinggroup` = 'panel' AND `varname` = 'version'"; - $db->query($query); + global $settings; + + if ($new_version !== null && $new_version != '') { + $upd_stmt = Database::prepare(" + UPDATE `".TABLE_PANEL_SETTINGS."` SET `value` = :newversion + WHERE `settinggroup` = 'panel' AND `varname` = 'version'" + ); + Database::pexecute($upd_stmt, array('newversion' => $new_version)); $settings['panel']['version'] = $new_version; return true; } return false; } -/* +/** * Function isFroxlor * * checks if the panel is froxlor * * @return bool true if panel is froxlor, else false */ -function isFroxlor() -{ - global $settings, $theme; +function isFroxlor() { + global $settings; - if(isset($settings['panel']['frontend']) - && $settings['panel']['frontend'] == 'froxlor') - { + if (isset($settings['panel']['frontend']) + && $settings['panel']['frontend'] == 'froxlor' + ) { return true; } return false; } -/* +/** * Function isFroxlorVersion * * checks if a given version is the @@ -68,19 +69,19 @@ function isFroxlor() * * @return bool true if version to check matches, else false */ -function isFroxlorVersion($to_check = null) -{ - global $settings, $theme; +function isFroxlorVersion($to_check = null) { - if($settings['panel']['frontend'] == 'froxlor' - && $settings['panel']['version'] == $to_check) - { + global $settings; + + if ($settings['panel']['frontend'] == 'froxlor' + && $settings['panel']['version'] == $to_check + ) { return true; } return false; } -/* +/** * Function isFroxlorVersion * * checks if a given version is the @@ -90,19 +91,19 @@ function isFroxlorVersion($to_check = null) * * @return bool true if version to check matches, else false */ -function hasUpdates($to_check = null) -{ - global $settings, $theme; +function hasUpdates($to_check = null) { - if(!isset($settings['panel']['version']) - || $settings['panel']['version'] != $to_check) - { + global $settings; + + if (!isset($settings['panel']['version']) + || $settings['panel']['version'] != $to_check + ) { return true; } return false; } -/* +/** * Function showUpdateStep * * outputs and logs the current @@ -113,65 +114,63 @@ function hasUpdates($to_check = null) * * @return string formatted output and log-entry */ -function showUpdateStep($task = null, $needs_status = true) -{ - global $updatelog, $filelog, $theme; - +function showUpdateStep($task = null, $needs_status = true) { + + global $updatelog, $filelog; + // output echo $task; - - if(!$needs_status) - { + + if (!$needs_status) { echo "
"; } - + $updatelog->logAction(ADM_ACTION, LOG_WARNING, $task); $filelog->logAction(ADM_ACTION, LOG_WARNING, $task); } -/* +/** * Function lastStepStatus - * + * * outputs [OK] (success), [??] (warning) or [!!] (failure) * of the last update-step - * + * * @param int status (0 = success, 1 = warning, 2 = failure) - * + * * @return string formatted output and log-entry */ -function lastStepStatus($status = -1, $message = '') -{ - global $updatelog, $filelog, $theme; - - switch($status) - { +function lastStepStatus($status = -1, $message = '') { + + global $updatelog, $filelog; + + switch($status) { + case 0: $status_sign = ($message != '') ? '['.$message.']' : '[OK]'; $status_color = '1dcd00'; break; case 1: $status_sign = ($message != '') ? '['.$message.']' : '[??]'; - $status_color = 'db7100'; + $status_color = 'db7100'; break; case 2: $status_sign = ($message != '') ? '['.$message.']' : '[!!]'; - $status_color = 'ff0000'; + $status_color = 'ff0000'; break; default: $status_sign = '[unknown]'; - $status_color = '000000'; + $status_color = '000000'; break; } + // output echo "".$status_sign."
"; - - if($status == -1 || $status == 2) - { + + if ($status == -1 || $status == 2) { $updatelog->logAction(ADM_ACTION, LOG_WARNING, 'Attention - last update task failed!!!'); $filelog->logAction(ADM_ACTION, LOG_WARNING, 'Attention - last update task failed!!!'); - } - elseif($status == 0 || $status == 1) - { + + } elseif($status == 0 || $status == 1) { $filelog->logAction(ADM_ACTION, LOG_WARNING, 'Success'); } } @@ -179,18 +178,16 @@ function lastStepStatus($status = -1, $message = '') /** * validate if full path to update.log is sane * if not, the update.log is created in /tmp/ - * + * * @param string $filename the file name to validate - * + * * @return string the full path with filename (can differ if not writeable => /tmp) */ -function validateUpdateLogFile($filename) -{ - if(!is_dir($filename)) - { +function validateUpdateLogFile($filename) { + + if (!is_dir($filename)) { $fh = @fopen($filename, 'a'); - if($fh) - { + if ($fh) { fclose($fh); return $filename; } diff --git a/lib/functions/froxlor/function.version_compare2.php b/lib/functions/froxlor/function.version_compare2.php index 8d71b8c2..5434d578 100644 --- a/lib/functions/froxlor/function.version_compare2.php +++ b/lib/functions/froxlor/function.version_compare2.php @@ -26,8 +26,8 @@ function version_compare2($a, $b) { // split version into pieces and remove trailing .0 - $a = explode(".", rtrim($a, ".0")); - $b = explode(".", rtrim($b, ".0")); + $a = explode(".", $a); + $b = explode(".", $b); _parseVersionArray($a); _parseVersionArray($b); From fa5f1900f04ea28dcb0cb68ca77901e5bb743a07 Mon Sep 17 00:00:00 2001 From: "Michael Kaufmann (d00p)" Date: Fri, 8 Nov 2013 08:54:44 +0100 Subject: [PATCH 3/6] add trace to database error-log-message (it just helps a lot finding the error); fixed queries in fpm und fcgid class; minor cosmetic changes Signed-off-by: Michael Kaufmann (d00p) --- lib/classes/database/class.Database.php | 1 + lib/classes/phpinterface/class.phpinterface_fcgid.php | 2 +- lib/classes/phpinterface/class.phpinterface_fpm.php | 2 +- scripts/jobs/cron_tasks.inc.http.10.apache.php | 3 +-- scripts/jobs/cron_tasks.inc.http.20.lighttpd.php | 2 +- scripts/jobs/cron_tasks.inc.http.30.nginx.php | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/lib/classes/database/class.Database.php b/lib/classes/database/class.Database.php index 8af62a3b..7adc2094 100644 --- a/lib/classes/database/class.Database.php +++ b/lib/classes/database/class.Database.php @@ -251,6 +251,7 @@ class Database { $sl_file = makeCorrectFile($sl_dir."/sql-error.log"); $sqllog = @fopen($sl_file, 'a'); @fwrite($sqllog, date('d.m.Y H:i', time())." --- ".str_replace("\n", " ", $error->getMessage())."\n"); + @fwrite($sqllog, date('d.m.Y H:i', time())." --- DEBUG: \n".$error->getTraceAsString()."\n"); @fclose($sqllog); if ($showerror) { diff --git a/lib/classes/phpinterface/class.phpinterface_fcgid.php b/lib/classes/phpinterface/class.phpinterface_fcgid.php index aedd20b1..8b998561 100644 --- a/lib/classes/phpinterface/class.phpinterface_fcgid.php +++ b/lib/classes/phpinterface/class.phpinterface_fcgid.php @@ -254,7 +254,7 @@ class phpinterface_fcgid { $adminid = intval($adminid); if (!isset($this->_admin_cache[$adminid])) { - $stmt = Database::prepare("TABLE_PANEL_ADMINS + $stmt = Database::prepare(" SELECT `email`, `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :id" ); $this->_admin_cache[$adminid] = Database::pexecute_first($stmt, array('id' => $adminid)); diff --git a/lib/classes/phpinterface/class.phpinterface_fpm.php b/lib/classes/phpinterface/class.phpinterface_fpm.php index a458a03a..5f22fe0d 100644 --- a/lib/classes/phpinterface/class.phpinterface_fpm.php +++ b/lib/classes/phpinterface/class.phpinterface_fpm.php @@ -348,7 +348,7 @@ class phpinterface_fpm { $adminid = intval($adminid); if (!isset($this->_admin_cache[$adminid])) { - $stmt = Database::prepare("TABLE_PANEL_ADMINS + $stmt = Database::prepare(" SELECT `email`, `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :id" ); $this->_admin_cache[$adminid] = Database::pexecute_first($stmt, array('id' => $adminid)); diff --git a/scripts/jobs/cron_tasks.inc.http.10.apache.php b/scripts/jobs/cron_tasks.inc.http.10.apache.php index f4afc5fe..1cc75e08 100644 --- a/scripts/jobs/cron_tasks.inc.http.10.apache.php +++ b/scripts/jobs/cron_tasks.inc.http.10.apache.php @@ -787,7 +787,6 @@ class apache */ public function createVirtualHosts() { - //$result_domains = $this->db->query("SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`, `d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`, `c`.`documentroot` AS `customerroot`, `c`.`deactivated`, `c`.`phpenabled` AS `phpenabled`, `d`.`mod_fcgid_starter`, `d`.`mod_fcgid_maxrequests` FROM `" . TABLE_PANEL_DOMAINS . "` `d` LEFT JOIN `" . TABLE_PANEL_CUSTOMERS . "` `c` USING(`customerid`) " . "LEFT JOIN `" . TABLE_PANEL_DOMAINS . "` `pd` ON (`pd`.`id` = `d`.`parentdomainid`) " . "WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> 1 ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC"); $query = "SELECT `d`.*, `pd`.`domain` AS `parentdomain`, `c`.`loginname`, `d`.`phpsettingid`, `c`.`adminid`, `c`.`guid`, `c`.`email`, `c`.`documentroot` AS `customerroot`, `c`.`deactivated`, @@ -809,7 +808,7 @@ class apache GROUP BY `id_domain` ) AS p ON p.`id_domain` = `d`.`id` - WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` = '0' + WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1' ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;"; $result_domains = $this->db->query($query); diff --git a/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php b/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php index a5c9dc9a..27c0af10 100644 --- a/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php +++ b/scripts/jobs/cron_tasks.inc.http.20.lighttpd.php @@ -324,7 +324,7 @@ class lighttpd GROUP BY `id_domain` ) AS p ON p.`id_domain` = `d`.`id` - WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` = '0' + WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1' ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;"; $included_vhosts = array(); diff --git a/scripts/jobs/cron_tasks.inc.http.30.nginx.php b/scripts/jobs/cron_tasks.inc.http.30.nginx.php index 10187b1b..c6e0467b 100644 --- a/scripts/jobs/cron_tasks.inc.http.30.nginx.php +++ b/scripts/jobs/cron_tasks.inc.http.30.nginx.php @@ -284,7 +284,7 @@ class nginx GROUP BY `id_domain` ) AS p ON p.`id_domain` = `d`.`id` - WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` = '0' + WHERE `d`.`aliasdomain` IS NULL AND `d`.`email_only` <> '1' ORDER BY `d`.`parentdomainid` DESC, `d`.`iswildcarddomain`, `d`.`domain` ASC;"; $result_domains = $this->db->query($query); From d9952f740150abeb716a75b61b962309a5ad8134 Mon Sep 17 00:00:00 2001 From: "Michael Kaufmann (d00p)" Date: Fri, 8 Nov 2013 09:31:51 +0100 Subject: [PATCH 4/6] fix pdo stuff in admin-customers, refs #1287 Signed-off-by: Michael Kaufmann (d00p) --- admin_customers.php | 35 ++++++++++++++++++----------------- 1 file changed, 18 insertions(+), 17 deletions(-) diff --git a/admin_customers.php b/admin_customers.php index a93a9db9..6757c194 100644 --- a/admin_customers.php +++ b/admin_customers.php @@ -140,8 +140,11 @@ if ($page == 'customers' WHERE `customerid` = :id" . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = :adminid") ); - Database::pexecute($result_stmt, array('id' => $id, 'adminid' => $userinfo['adminid'])); - $result = $result_stmt->fetch(PDO::FETCH_ASSOC); + $params = array('id' => $id); + if ($userinfo['customers_see_all'] == '0') { + $params['adminid'] = $userinfo['adminid']; + } + $result = Database::pexecute_first($result_stmt, $params); $destination_user = $result['loginname']; @@ -155,8 +158,8 @@ if ($page == 'customers' WHERE `userid` = :id AND `hash` = :hash" ); - Database::pexecute($result_stmt, array('id' => $userinfo['userid'], 'hash' => $s)); - $result = $result_stmt->fetch(PDO::FETCH_ASSOC); + $result = Database::pexecute_first($result_stmt, array('id' => $userinfo['userid'], 'hash' => $s)); + $s = md5(uniqid(microtime(), 1)); $insert = Database::prepare(" INSERT INTO `" . TABLE_PANEL_SESSIONS . "` SET @@ -168,7 +171,7 @@ if ($page == 'customers' `language` = :lang, `adminsession` = '0'" ); - Database::pexecute($stmt, array( + Database::pexecute($insert, array( 'hash' => $s, 'id' => $id, 'ip' => $result['ipaddress'], @@ -191,8 +194,7 @@ if ($page == 'customers' WHERE `customerid` = :id" . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = :adminid") ); - Database::pexecute($result_stmt, array('id' => $id, 'adminid' => $userinfo['adminid'])); - $result = $result_stmt->fetch(PDO::FETCH_ASSOC); + $result = Database::pexecute_first($result_stmt, array('id' => $id, 'adminid' => $userinfo['adminid'])); if ($result['loginname'] != '') { @@ -220,8 +222,11 @@ if ($page == 'customers' WHERE `customerid` = :id" . ($userinfo['customers_see_all'] ? '' : " AND `adminid` = :adminid") ); - Database::pexecute($result_stmt, array('id' => $id, 'adminid' => $userinfo['adminid'])); - $result = $result_stmt->fetch(PDO::FETCH_ASSOC); + $params = array('id' => $id); + if ($userinfo['customers_see_all'] == '0') { + $params['adminid'] = $userinfo['adminid']; + } + $result = Database::pexecute_first($result_stmt, $params); if ($result['loginname'] != '') { @@ -641,14 +646,12 @@ if ($page == 'customers' $loginname_check_stmt = Database::prepare(" SELECT `loginname` FROM `" . TABLE_PANEL_CUSTOMERS . "` WHERE `loginname` = :loginname" ); - Database::pexecute($loginname_check_stmt, array('loginname' => $loginname)); - $loginname_check = $loginname_check_stmt->fetch(PDO::FETCH_ASSOC); + $loginname_check = Database::pexecute_first($loginname_check_stmt, array('loginname' => $loginname)); $loginname_check_admin_stmt = Database::prepare(" SELECT `loginname` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `loginname` = :loginname" ); - Database::pexecute($loginname_check_admin_stmt, array('loginname' => $loginname)); - $loginname_check_admin = $loginname_check_admin_stmt->fetch(PDO::FETCH_ASSOC); + $loginname_check_admin = Database::pexecute_first($loginname_check_admin_stmt, array('loginname' => $loginname)); if (strtolower($loginname_check['loginname']) == strtolower($loginname) || strtolower($loginname_check_admin['loginname']) == strtolower($loginname) @@ -969,16 +972,14 @@ if ($page == 'customers' SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "` WHERE `adminid` = :adminid AND `language` = :deflang AND `templategroup` = 'mails' AND `varname` = 'createcustomer_subject'" ); - Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid'], 'deflang' => $def_language)); - $result = $result_stmt->fetch(PDO::FETCH_ASSOC); + $result = Database::pexecute_first($result_stmt, array('adminid' => $userinfo['adminid'], 'deflang' => $def_language)); $mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['createcustomer']['subject']), $replace_arr)); $result_stmt = Database::prepare(" SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "` WHERE `adminid` = :adminid AND `language` = :deflang AND `templategroup` = 'mails' AND `varname` = 'createcustomer_mailbody'" ); - Database::pexecute($result_stmt, array('adminid' => $userinfo['adminid'], 'deflang' => $def_language)); - $result = $result_stmt->fetch(PDO::FETCH_ASSOC); + $result = Database::pexecute_first($result_stmt, array('adminid' => $userinfo['adminid'], 'deflang' => $def_language)); $mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['mails']['createcustomer']['mailbody']), $replace_arr)); $_mailerror = false; From a152ae3e06c4d959e6b2aa34e5ecc737b19e090b Mon Sep 17 00:00:00 2001 From: "Michael Kaufmann (d00p)" Date: Fri, 8 Nov 2013 14:25:19 +0100 Subject: [PATCH 5/6] fix some ticket-system issues related with migrating to PDO Signed-off-by: Michael Kaufmann (d00p) --- admin_tickets.php | 4 ++-- customer_tickets.php | 8 +++----- lib/classes/ticket/class.ticket.php | 8 ++++---- 3 files changed, 9 insertions(+), 11 deletions(-) diff --git a/admin_tickets.php b/admin_tickets.php index 54c7810d..c4d5e576 100644 --- a/admin_tickets.php +++ b/admin_tickets.php @@ -284,7 +284,7 @@ if ($page == 'tickets' } else { $now = time(); $mainticket = ticket::getInstanceOf($userinfo, $settings, (int)$id); - $replyticket->Set('customerid', $mainticket->Get('customer'), true, true); + $replyticket->Set('customer', $mainticket->Get('customer'), true, true); $replyticket->Set('lastchange', $now, true, true); $replyticket->Set('ip', $_SERVER['REMOTE_ADDR'], true, true); $replyticket->Set('status', '1', true, true); @@ -303,7 +303,7 @@ if ($page == 'tickets' $mainticket->Update(); $mainticket->sendMail((int)$mainticket->Get('customer'), 'new_reply_ticket_by_staff_subject', $lng['mails']['new_reply_ticket_by_staff']['subject'], 'new_reply_ticket_by_staff_mailbody', $lng['mails']['new_reply_ticket_by_staff']['mailbody']); $log->logAction(ADM_ACTION, LOG_NOTICE, "answered ticket '" . $mainticket->Get('subject') . "'"); - redirectTo($filename, Array('page' => $page, 's' => $s)); + redirectTo($filename, array('page' => $page, 's' => $s)); } } else { diff --git a/customer_tickets.php b/customer_tickets.php index d3f0d31a..2094262f 100644 --- a/customer_tickets.php +++ b/customer_tickets.php @@ -24,9 +24,7 @@ if (isset($_POST['id'])) { $id = intval($_POST['id']); - /* - * Check if the current user is allowed to see the current ticket. - */ + //Check if the current user is allowed to see the current ticket. $stmt = Database::prepare("SELECT `id` FROM `panel_tickets` WHERE `id` = :id AND `customerid` = :customerid"); $result = Database::pexecute_first($stmt, array("id" => $id, "customerid" => $userinfo['customerid'])); @@ -185,7 +183,7 @@ if($page == 'overview') { // Admin mail $newticket->sendMail(-1, 'new_ticket_by_customer_subject', $lng['mails']['new_ticket_by_customer']['subject'], 'new_ticket_by_customer_mailbody', $lng['mails']['new_ticket_by_customer']['mailbody']); - redirectTo($filename, Array('page' => $page, 's' => $s)); + redirectTo($filename, array('page' => $page, 's' => $s)); } } else { $categories = ''; @@ -252,7 +250,7 @@ if($page == 'overview') { standard_error(array('stringisempty', 'mymessage')); } else { $now = time(); - $replyticket->Set('customerid', (int)$userinfo['customerid'], true, true); + $replyticket->Set('customer', (int)$userinfo['customerid'], true, true); $replyticket->Set('lastchange', $now, true, true); $replyticket->Set('ip', $_SERVER['REMOTE_ADDR'], true, true); $replyticket->Set('status', '1', true, true); diff --git a/lib/classes/ticket/class.ticket.php b/lib/classes/ticket/class.ticket.php index ff107d15..5f742cae 100644 --- a/lib/classes/ticket/class.ticket.php +++ b/lib/classes/ticket/class.ticket.php @@ -177,8 +177,8 @@ class ticket { 'priority' => $this->Get('priority'), 'subject' => $this->Get('subject'), 'message' => $this->Get('message'), - 'dt' => $this->Get('dt'), - 'lastchange' => $this->Get('lastchange'), + 'dt' => time(), + 'lastchange' => time(), 'ip' => $this->Get('ip'), 'status' => $this->Get('status'), 'lastreplier' => $this->Get('lastreplier'), @@ -296,7 +296,7 @@ class ticket { $mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $default_subject), $replace_arr)); unset($tpl_seldata['tplsubject']); - $tpl_seldata['tplbody'] = $template_body; + $tpl_seldata['tplmailbody'] = $template_body; $result_stmt = Database::prepare(" SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "` @@ -337,7 +337,7 @@ class ticket { SELECT `name`, `email` FROM `" . TABLE_PANEL_ADMINS . "` WHERE `adminid` = :adminid" ); - $admin = Database::pexecute_first($admin_stmt, array('adminid' => $userinfo['adminid'])); + $admin = Database::pexecute_first($admin_stmt, array('adminid' => $this->userinfo['adminid'])); $_mailerror = false; try { $mail->SetFrom($this->settings['ticket']['noreply_email'], $this->settings['ticket']['noreply_name']); From e1253413d51767adc1a3f3430df131a6ae7edf7a Mon Sep 17 00:00:00 2001 From: "Michael Kaufmann (d00p)" Date: Fri, 8 Nov 2013 14:25:48 +0100 Subject: [PATCH 6/6] dont show error-message when removing of database physically failed Signed-off-by: Michael Kaufmann (d00p) --- customer_mysql.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/customer_mysql.php b/customer_mysql.php index ecce920b..3e84ef5b 100644 --- a/customer_mysql.php +++ b/customer_mysql.php @@ -115,7 +115,7 @@ if ($page == 'overview') { } $stmt = Database::prepare("DROP DATABASE IF EXISTS `" . $result['databasename'] . "`"); - Database::pexecute($stmt); + Database::pexecute($stmt, array(), false); $stmt = Database::prepare("FLUSH PRIVILEGES"); Database::pexecute($stmt); Database::needRoot(false);