From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001 From: Marius Cramer <m.cramer@pixcept.de> Date: Thu, 06 Aug 2015 03:18:44 -0400 Subject: [PATCH] - don't set password via remoting if field is empty --- interface/lib/classes/remote.d/sites.inc.php | 43 +++++++++++++++++++++---------------------- 1 files changed, 21 insertions(+), 22 deletions(-) diff --git a/interface/lib/classes/remote.d/sites.inc.php b/interface/lib/classes/remote.d/sites.inc.php index 05ba482..ad3f2e3 100644 --- a/interface/lib/classes/remote.d/sites.inc.php +++ b/interface/lib/classes/remote.d/sites.inc.php @@ -102,7 +102,8 @@ $app->remoting_lib->loadFormDef('../sites/form/database.tform.php'); return $app->remoting_lib->getDataRecord($primary_id); } - + + /* TODO: secure queries! */ //* Add a record public function sites_database_add($session_id, $client_id, $params) { @@ -114,7 +115,7 @@ } //* Check for duplicates - $tmp = $app->db->queryOneRecord("SELECT count(database_id) as dbnum FROM web_database WHERE database_name = '".$app->db->quote($params['database_name'])."' AND server_id = '".intval($params["server_id"])."'"); + $tmp = $app->db->queryOneRecord("SELECT count(database_id) as dbnum FROM web_database WHERE database_name = ? AND server_id = ?", $params['database_name'], $params["server_id"]); if($tmp['dbnum'] > 0) { throw new SoapFault('database_name_error_unique', 'There is already a database with that name on the same server.'); return false; @@ -135,7 +136,6 @@ $sql_set = array(); if(isset($params['backup_interval'])) $sql_set[] = "backup_interval = '".$app->db->quote($params['backup_interval'])."'"; if(isset($params['backup_copies'])) $sql_set[] = "backup_copies = ".$app->functions->intval($params['backup_copies']); - //$app->db->query("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$retval); $this->updateQueryExecute("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$retval, $retval, $params); } @@ -169,7 +169,6 @@ $sql_set = array(); if(isset($params['backup_interval'])) $sql_set[] = "backup_interval = '".$app->db->quote($params['backup_interval'])."'"; if(isset($params['backup_copies'])) $sql_set[] = "backup_copies = ".$app->functions->intval($params['backup_copies']); - //$app->db->query("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$primary_id); $this->updateQueryExecute("UPDATE web_database SET ".implode(', ', $sql_set)." WHERE database_id = ".$primary_id, $primary_id, $params); } @@ -239,7 +238,7 @@ $new_rec = $app->remoting_lib->getDataRecord($primary_id); - $records = $app->db->queryAllRecords("SELECT DISTINCT server_id FROM web_database WHERE database_user_id = '".$app->functions->intval($primary_id)."' UNION SELECT DISTINCT server_id FROM web_database WHERE database_ro_user_id = '".$app->functions->intval($primary_id)."'"); + $records = $app->db->queryAllRecords("SELECT DISTINCT server_id FROM web_database WHERE database_user_id = ? UNION SELECT DISTINCT server_id FROM web_database WHERE database_ro_user_id = ?", $primary_id, $primary_id); foreach($records as $rec) { $tmp_rec = $new_rec; $tmp_rec['server_id'] = $rec['server_id']; @@ -265,14 +264,14 @@ $app->db->datalogDelete('web_database_user', 'database_user_id', $primary_id); $affected_rows = $this->deleteQuery('../sites/form/database_user.tform.php', $primary_id); - $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE database_user_id = '".$app->functions->intval($primary_id)."'"); + $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE database_user_id = ?", $primary_id); foreach($records as $rec) { - $app->db->datalogUpdate('web_database', 'database_user_id=NULL', 'database_id', $rec['database_id']); + $app->db->datalogUpdate('web_database', array('database_user_id' => null), 'database_id', $rec['database_id']); } - $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE database_ro_user_id = '".$app->functions->intval($primary_id)."'"); + $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE database_ro_user_id = ?", $primary_id); foreach($records as $rec) { - $app->db->datalogUpdate('web_database', 'database_ro_user_id=NULL', 'database_id', $rec['database_id']); + $app->db->datalogUpdate('web_database', array('database_ro_user_id' => null), 'database_id', $rec['database_id']); } return $affected_rows; @@ -336,7 +335,7 @@ return false; } - $data = $app->db->queryOneRecord("SELECT server_id FROM ftp_user WHERE username = '".$app->db->quote($ftp_user)."'"); + $data = $app->db->queryOneRecord("SELECT server_id FROM ftp_user WHERE username = ?", $ftp_user); //file_put_contents('/tmp/test.txt', serialize($data)); if(!isset($data['server_id'])) return false; @@ -406,7 +405,7 @@ return false; } $app->uses('remoting_lib'); - $app->remoting_lib->loadFormDef('../sites/form/web_domain.tform.php'); + $app->remoting_lib->loadFormDef('../sites/form/web_vhost_domain.tform.php'); return $app->remoting_lib->getDataRecord($primary_id); } @@ -420,7 +419,7 @@ } if(!isset($params['client_group_id']) or (isset($params['client_group_id']) && empty($params['client_group_id']))) { - $rec = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$app->functions->intval($client_id)); + $rec = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ?", $client_id); $params['client_group_id'] = $rec['groupid']; } @@ -435,9 +434,9 @@ if($params['pm_min_spare_servers'] == '') $params['pm_min_spare_servers'] = 1; if($params['pm_max_spare_servers'] == '') $params['pm_max_spare_servers'] = 1; - $domain_id = $this->insertQuery('../sites/form/web_domain.tform.php', $client_id, $params, 'sites:web_domain:on_after_insert'); + $domain_id = $this->insertQuery('../sites/form/web_vhost_domain.tform.php', $client_id, $params, 'sites:web_domain:on_after_insert'); if ($readonly === true) - $app->db->query("UPDATE web_domain SET `sys_userid` = '1' WHERE domain_id = ".$domain_id); + $app->db->query("UPDATE web_domain SET `sys_userid` = '1' WHERE domain_id = ?", $domain_id); return $domain_id; } @@ -455,7 +454,7 @@ if($params['pm_min_spare_servers'] == '') $params['pm_min_spare_servers'] = 1; if($params['pm_max_spare_servers'] == '') $params['pm_max_spare_servers'] = 1; - $affected_rows = $this->updateQuery('../sites/form/web_domain.tform.php', $client_id, $primary_id, $params); + $affected_rows = $this->updateQuery('../sites/form/web_vhost_domain.tform.php', $client_id, $primary_id, $params); return $affected_rows; } @@ -466,7 +465,7 @@ throw new SoapFault('permission_denied', 'You do not have the permissions to access this function.'); return false; } - $affected_rows = $this->deleteQuery('../sites/form/web_domain.tform.php', $primary_id); + $affected_rows = $this->deleteQuery('../sites/form/web_vhost_domain.tform.php', $primary_id); return $affected_rows; } @@ -751,7 +750,7 @@ } // Delete all users that belong to this folder. - taken from web_folder_delete.php - $records = $app->db->queryAllRecords("SELECT web_folder_user_id FROM web_folder_user WHERE web_folder_id = '".$app->functions->intval($primary_id)."'"); + $records = $app->db->queryAllRecords("SELECT web_folder_user_id FROM web_folder_user WHERE web_folder_id = ?", $primary_id); foreach($records as $rec) { $this->deleteQuery('../sites/form/web_folder_user.tform.php', $rec['web_folder_user_id']); //$app->db->datalogDelete('web_folder_user','web_folder_user_id',$rec['web_folder_user_id']); @@ -865,11 +864,11 @@ } else { $status = 'n'; } - $app->remoting_lib->loadFormDef('../sites/form/web_domain.tform.php'); + $app->remoting_lib->loadFormDef('../sites/form/web_vhost_domain.tform.php'); $params = $app->remoting_lib->getDataRecord($primary_id); $params['active'] = $status; - $affected_rows = $this->updateQuery('../sites/form/web_domain.tform.php', 0, $primary_id, $params); + $affected_rows = $this->updateQuery('../sites/form/web_vhost_domain.tform.php', 0, $primary_id, $params); return $affected_rows; } else { throw new SoapFault('status_undefined', 'The status is not available'); @@ -889,8 +888,8 @@ return false; } $client_id = $app->functions->intval($client_id); - $sql = "SELECT d.database_id, d.database_name, d.database_user_id, d.database_ro_user_id, du.database_user, du.database_password FROM web_database d LEFT JOIN web_database_user du ON (du.database_user_id = d.database_user_id) INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = $client_id"; - $all = $app->db->queryAllRecords($sql); + $sql = "SELECT d.database_id, d.database_name, d.database_user_id, d.database_ro_user_id, du.database_user, du.database_password FROM web_database d LEFT JOIN web_database_user du ON (du.database_user_id = d.database_user_id) INNER JOIN sys_user s on(d.sys_groupid = s.default_group) WHERE client_id = ?"; + $all = $app->db->queryAllRecords($sql, $client_id); return $all; } @@ -904,7 +903,7 @@ return false; } - $result = $app->db->queryAllRecords("SELECT * FROM web_backup".(($site_id != null)?' WHERE parent_domain_id = ?':''), $app->functions->intval($site_id)); + $result = $app->db->queryAllRecords("SELECT * FROM web_backup".(($site_id != null)?' WHERE parent_domain_id = ?':''), $site_id); return $result; } -- Gitblit v1.9.1