| index.php | ●●●●● patch | view | raw | blame | history | |
| program/include/rcube_db.inc | ●●●●● patch | view | raw | blame | history | |
| program/include/rcube_mdb2.inc | ●●●●● patch | view | raw | blame | history |
index.php
@@ -98,7 +98,7 @@ if ($_framed) { $COMM_PATH .= '&_framed=1'; $SESS_HIDDEN_FIELD = "\n".'<input type="hidden" name="_framed" value="1" />'; $SESS_HIDDEN_FIELD .= "\n".'<input type="hidden" name="_framed" value="1" />'; } @@ -146,7 +146,7 @@ else if ($_action!='login' && $sess_auth && $_SESSION['user_id']) { if ($_auth !== $sess_auth || $_auth != rcmail_auth_hash($_SESSION['client_id'], $_SESSION['auth_time']) || ($CONFIG['session_lifetime'] && $SESS_CHANGED + $CONFIG['session_lifetime']*60 < mktime())) ($CONFIG['session_lifetime'] && isset($SESS_CHANGED) && $SESS_CHANGED + $CONFIG['session_lifetime']*60 < mktime())) { $message = show_message('sessionerror', 'error'); rcmail_kill_session(); program/include/rcube_db.inc
@@ -147,7 +147,7 @@ 'type' => 'db', 'line' => __LINE__, 'file' => __FILE__, 'message' => $result->getMessage()), TRUE, FALSE); 'message' => $result->getMessage().'; QUERY: '.$query), TRUE, FALSE); return false; } @@ -293,10 +293,8 @@ if (!is_string($query)) return ($query); $search = array('/NOW\(\)/', '/`/'); $replace = array("datetime('now')", '"'); $search = array('/NOW\(\)/i', '/`/'); $replace = array("datetime('now')", '"'); $query = preg_replace($search, $replace, $query); return ($query); program/include/rcube_mdb2.inc
@@ -104,21 +104,37 @@ // Query database function query() { $params = func_get_args(); $query = array_shift($params); return $this->_query($query, 0, 0, $params); } function limitquery() { $params = func_get_args(); $query = array_shift($params); $offset = array_shift($params); $numrows = array_shift($params); return $this->_query($query, $offset, $numrows, $params); } function _query($query, $offset, $numrows, $params) @@ -138,6 +154,9 @@ $this->db_handle->row_limit = $numrows; $result = $this->db_handle->query($query,$params); //$q = $this->db_handle->prepare($query); //$q->bindParamArray($params); //$result = $q->execute(); if (PEAR::isError($result)) raise_error(array('code' => 500, @@ -194,23 +213,39 @@ } function quoteIdentifier ( $str ) { if (!$this->db_handle) $this->db_connect('r'); return $this->db_handle->quoteIdentifier($str); } function unixtimestamp($field) { switch($this->db_provider) { case 'pgsql': return "EXTRACT (EPOCH FROM $field)"; break; default: return "UNIX_TIMESTAMP($field)"; } } function _add_result($res, $query) @@ -266,10 +301,8 @@ if (!is_string($query)) return ($query); $search = array('/NOW\(\)/', '/`/'); $replace = array("datetime('now')", '"'); $search = array('/NOW\(\)/i', '/`/'); $replace = array("datetime('now')", '"'); $query = preg_replace($search, $replace, $query); return ($query);
