From 1139530fbf3fb0fdce1bf5cfee311cd6f0fbf816 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Mon, 14 Oct 2013 10:04:06 -0400
Subject: [PATCH] Merge remote-tracking branch 'origin/stable-3.0.5'

---
 interface/web/sites/database_user_edit.php |   62 +++++++++++++-----------------
 1 files changed, 27 insertions(+), 35 deletions(-)

diff --git a/interface/web/sites/database_user_edit.php b/interface/web/sites/database_user_edit.php
index 4f6979f..1b71196 100644
--- a/interface/web/sites/database_user_edit.php
+++ b/interface/web/sites/database_user_edit.php
@@ -57,17 +57,17 @@
 		 * If the names are restricted -> remove the restriction, so that the
 		 * data can be edited
 		 */
-
+		
 		//* Get the database user prefix
 		$app->uses('getconf,tools_sites');
 		$global_config = $app->getconf->get_global_config('sites');
 		$dbuser_prefix = $app->tools_sites->replacePrefix($global_config['dbuser_prefix'], $this->dataRecord);
-
+		
         if ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) {
 			// Get the limits of the client
 			$client_group_id = $_SESSION["s"]["user"]["default_group"];
 			$client = $app->db->queryOneRecord("SELECT client.company_name, client.contact_name, client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id");
-
+            
             // Fill the client select field
             $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id']." ORDER BY sys_group.name";
             $records = $app->db->queryAllRecords($sql);
@@ -96,24 +96,24 @@
 			}
 			$app->tpl->setVar("client_group_id",$client_select);
         }
-
-
+        
+        
 		if ($this->dataRecord['database_user'] != ""){
 			/* REMOVE the restriction */
 			$app->tpl->setVar("database_user", $app->tools_sites->removePrefix($this->dataRecord['database_user'], $this->dataRecord['database_user_prefix'], $dbuser_prefix));
 		}
-
-
+		
+    
 		$app->tpl->setVar("database_user_prefix", $app->tools_sites->getPrefix($this->dataRecord['database_user_prefix'], $dbuser_prefix, $global_config['dbuser_prefix']));
-
+		
 		parent::onShowEnd();
 	}
-
+    
     function onSubmit() {
         global $app;
-
+        
         if($_SESSION['s']['user']['typ'] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) unset($this->dataRecord["client_group_id"]);
-
+        
         parent::onSubmit();
     }
 
@@ -126,40 +126,35 @@
 		$dbuser_prefix = $app->tools_sites->replacePrefix($global_config['dbuser_prefix'], $this->dataRecord);
 
         $this->oldDataRecord = $app->db->queryOneRecord("SELECT * FROM web_database_user WHERE database_user_id = '".$this->id."'");
-
+        
         $dbuser_prefix = $app->tools_sites->getPrefix($this->oldDataRecord['database_user_prefix'], $dbuser_prefix);
         $this->dataRecord['database_user_prefix'] = $dbuser_prefix;
-
+        
 		//* Database username shall not be empty
 		if($this->dataRecord['database_user'] == '') $app->tform->errorMessage .= $app->tform->wordbook["database_user_error_empty"].'<br />';
 
 		if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}',$dbuser_prefix . $this->dataRecord['database_user'],$app->tform->wordbook["database_user_error_len"]).'<br />';
-
+		
 		//* Check database user against blacklist
 		$dbuser_blacklist = array($conf['db_user'],'mysql','root');
 		if(in_array($dbuser_prefix . $this->dataRecord['database_user'],$dbuser_blacklist)) {
 			$app->tform->errorMessage .= $app->lng('Database user not allowed.').'<br />';
 		}
-
+		
 		if ($app->tform->errorMessage == ''){
 			/* restrict the names if there is no error */
             /* crop user and db names if they are too long -> mysql: user: 16 chars / db: 64 chars */
 			$this->dataRecord['database_user'] = substr($dbuser_prefix . $this->dataRecord['database_user'], 0, 16);
 		}
-
-		/* prepare password for MongoDB */
-		// TODO: this still doens't work as when only the username changes we have no database_password.
-		// taking the one from oldData doesn't work as it's encrypted...shit!
-		$this->dataRecord['database_password_mongo'] = $this->dataRecord['database_user'].":mongo:".$this->dataRecord['database_password'];
-
+		
         $this->dataRecord['server_id'] = 0; // we need this on all servers
-
+        
 		parent::onBeforeUpdate();
 	}
 
 	function onBeforeInsert() {
 		global $app, $conf, $interfaceConf;
-
+		
 		//* Database username shall not be empty
 		if($this->dataRecord['database_user'] == '') $app->tform->errorMessage .= $app->tform->wordbook["database_user_error_empty"].'<br />';
 
@@ -167,11 +162,11 @@
 		$app->uses('getconf,tools_sites');
 		$global_config = $app->getconf->get_global_config('sites');
 		$dbuser_prefix = $app->tools_sites->replacePrefix($global_config['dbuser_prefix'], $this->dataRecord);
-
+		
         $this->dataRecord['database_user_prefix'] = $dbuser_prefix;
-
+        
 		if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}',$dbuser_prefix . $this->dataRecord['database_user'],$app->tform->wordbook["database_user_error_len"]).'<br />';
-
+		
 		//* Check database user against blacklist
 		$dbuser_blacklist = array($conf['db_user'],'mysql','root');
 		if(is_array($dbuser_blacklist) && in_array($dbuser_prefix . $this->dataRecord['database_user'],$dbuser_blacklist)) {
@@ -183,18 +178,15 @@
 		if ($app->tform->errorMessage == ''){
 			$this->dataRecord['database_user'] = substr($dbuser_prefix . $this->dataRecord['database_user'], 0, 16);
 		}
-
-		$this->dataRecord['server_id'] = 0; // we need this on all servers
-
-		/* prepare password for MongoDB */
-		$this->dataRecord['database_password_mongo'] = $this->dataRecord['database_user'].":mongo:".$this->dataRecord['database_password'];
-
+		
+        $this->dataRecord['server_id'] = 0; // we need this on all servers
+        
 		parent::onBeforeInsert();
 	}
 
 	function onAfterInsert() {
 		global $app, $conf;
-
+		
 		if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) {
 			$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
 			$app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_user_id = ".$this->id);
@@ -216,9 +208,9 @@
 			$client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]);
 			$app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_user_id = ".$this->id);
 		}
-
+		
 		/*$password = $app->db->queryOneRecord("SELECT database_password FROM web_database_user WHERE database_user_id = ".$this->id);
-
+        
         $records = $app->db->queryAllRecords("SELECT DISTINCT server_id FROM web_database WHERE database_user_id = '".$app->functions->intval($this->id)."' UNION SELECT DISTINCT server_id FROM web_database WHERE database_ro_user_id = '".$app->functions->intval($this->id)."'");
         foreach($records as $rec) {
             $new_rec = $this->dataRecord;

--
Gitblit v1.9.1