From 7fe908c50c8dbc5cc05f571dbe11d66141caacd4 Mon Sep 17 00:00:00 2001 From: Marius Cramer <m.cramer@pixcept.de> Date: Thu, 14 Nov 2013 09:01:22 -0500 Subject: [PATCH] Cleaning up code to match coding guidelines --- interface/web/sites/database_user_edit.php | 130 +++++++++++++++++++++--------------------- 1 files changed, 65 insertions(+), 65 deletions(-) diff --git a/interface/web/sites/database_user_edit.php b/interface/web/sites/database_user_edit.php index 1b71196..884ef87 100644 --- a/interface/web/sites/database_user_edit.php +++ b/interface/web/sites/database_user_edit.php @@ -38,8 +38,8 @@ * End Form configuration ******************************************/ -require_once('../../lib/config.inc.php'); -require_once('../../lib/app.inc.php'); +require_once '../../lib/config.inc.php'; +require_once '../../lib/app.inc.php'; //* Check permissions for module $app->auth->check_module_permissions('sites'); @@ -57,31 +57,31 @@ * If the names are restricted -> remove the restriction, so that the * data can be edited */ - + //* Get the database user prefix $app->uses('getconf,tools_sites'); $global_config = $app->getconf->get_global_config('sites'); $dbuser_prefix = $app->tools_sites->replacePrefix($global_config['dbuser_prefix'], $this->dataRecord); - - if ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) { + + if ($_SESSION["s"]["user"]["typ"] != 'admin' && $app->auth->has_clients($_SESSION['s']['user']['userid'])) { // Get the limits of the client $client_group_id = $_SESSION["s"]["user"]["default_group"]; $client = $app->db->queryOneRecord("SELECT client.company_name, client.contact_name, client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = $client_group_id"); - - // Fill the client select field - $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id']." ORDER BY sys_group.name"; - $records = $app->db->queryAllRecords($sql); - $tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$client['client_id']); - $client_select = '<option value="'.$tmp['groupid'].'">'.$client['contact_name'].'</option>'; - //$tmp_data_record = $app->tform->getDataRecord($this->id); - if(is_array($records)) { - foreach( $records as $rec) { - $selected = @(is_array($this->dataRecord) && ($rec["groupid"] == $this->dataRecord['client_group_id'] || $rec["groupid"] == $this->dataRecord['sys_groupid']))?'SELECTED':''; - $client_select .= "<option value='$rec[groupid]' $selected>$rec[contactname]</option>\r\n"; - } - } - $app->tpl->setVar("client_group_id",$client_select); - } elseif($_SESSION["s"]["user"]["typ"] == 'admin') { + + // Fill the client select field + $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ".$client['client_id']." ORDER BY sys_group.name"; + $records = $app->db->queryAllRecords($sql); + $tmp = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ".$client['client_id']); + $client_select = '<option value="'.$tmp['groupid'].'">'.$client['contact_name'].'</option>'; + //$tmp_data_record = $app->tform->getDataRecord($this->id); + if(is_array($records)) { + foreach( $records as $rec) { + $selected = @(is_array($this->dataRecord) && ($rec["groupid"] == $this->dataRecord['client_group_id'] || $rec["groupid"] == $this->dataRecord['sys_groupid']))?'SELECTED':''; + $client_select .= "<option value='$rec[groupid]' $selected>$rec[contactname]</option>\r\n"; + } + } + $app->tpl->setVar("client_group_id", $client_select); + } elseif($_SESSION["s"]["user"]["typ"] == 'admin') { // Fill the client select field $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND sys_group.client_id > 0 ORDER BY sys_group.name"; $clients = $app->db->queryAllRecords($sql); @@ -94,28 +94,28 @@ $client_select .= "<option value='$client[groupid]' $selected>$client[contactname]</option>\r\n"; } } - $app->tpl->setVar("client_group_id",$client_select); - } - - + $app->tpl->setVar("client_group_id", $client_select); + } + + if ($this->dataRecord['database_user'] != ""){ /* REMOVE the restriction */ $app->tpl->setVar("database_user", $app->tools_sites->removePrefix($this->dataRecord['database_user'], $this->dataRecord['database_user_prefix'], $dbuser_prefix)); } - - + + $app->tpl->setVar("database_user_prefix", $app->tools_sites->getPrefix($this->dataRecord['database_user_prefix'], $dbuser_prefix, $global_config['dbuser_prefix'])); - + parent::onShowEnd(); } - - function onSubmit() { - global $app; - - if($_SESSION['s']['user']['typ'] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) unset($this->dataRecord["client_group_id"]); - - parent::onSubmit(); - } + + function onSubmit() { + global $app; + + if($_SESSION['s']['user']['typ'] != 'admin' && !$app->auth->has_clients($_SESSION['s']['user']['userid'])) unset($this->dataRecord["client_group_id"]); + + parent::onSubmit(); + } function onBeforeUpdate() { global $app, $conf, $interfaceConf; @@ -125,36 +125,36 @@ $global_config = $app->getconf->get_global_config('sites'); $dbuser_prefix = $app->tools_sites->replacePrefix($global_config['dbuser_prefix'], $this->dataRecord); - $this->oldDataRecord = $app->db->queryOneRecord("SELECT * FROM web_database_user WHERE database_user_id = '".$this->id."'"); - - $dbuser_prefix = $app->tools_sites->getPrefix($this->oldDataRecord['database_user_prefix'], $dbuser_prefix); - $this->dataRecord['database_user_prefix'] = $dbuser_prefix; - + $this->oldDataRecord = $app->db->queryOneRecord("SELECT * FROM web_database_user WHERE database_user_id = '".$this->id."'"); + + $dbuser_prefix = $app->tools_sites->getPrefix($this->oldDataRecord['database_user_prefix'], $dbuser_prefix); + $this->dataRecord['database_user_prefix'] = $dbuser_prefix; + //* Database username shall not be empty if($this->dataRecord['database_user'] == '') $app->tform->errorMessage .= $app->tform->wordbook["database_user_error_empty"].'<br />'; - if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}',$dbuser_prefix . $this->dataRecord['database_user'],$app->tform->wordbook["database_user_error_len"]).'<br />'; - + if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}', $dbuser_prefix . $this->dataRecord['database_user'], $app->tform->wordbook["database_user_error_len"]).'<br />'; + //* Check database user against blacklist - $dbuser_blacklist = array($conf['db_user'],'mysql','root'); - if(in_array($dbuser_prefix . $this->dataRecord['database_user'],$dbuser_blacklist)) { + $dbuser_blacklist = array($conf['db_user'], 'mysql', 'root'); + if(in_array($dbuser_prefix . $this->dataRecord['database_user'], $dbuser_blacklist)) { $app->tform->errorMessage .= $app->lng('Database user not allowed.').'<br />'; } - + if ($app->tform->errorMessage == ''){ /* restrict the names if there is no error */ - /* crop user and db names if they are too long -> mysql: user: 16 chars / db: 64 chars */ + /* crop user and db names if they are too long -> mysql: user: 16 chars / db: 64 chars */ $this->dataRecord['database_user'] = substr($dbuser_prefix . $this->dataRecord['database_user'], 0, 16); } - - $this->dataRecord['server_id'] = 0; // we need this on all servers - + + $this->dataRecord['server_id'] = 0; // we need this on all servers + parent::onBeforeUpdate(); } function onBeforeInsert() { global $app, $conf, $interfaceConf; - + //* Database username shall not be empty if($this->dataRecord['database_user'] == '') $app->tform->errorMessage .= $app->tform->wordbook["database_user_error_empty"].'<br />'; @@ -162,31 +162,31 @@ $app->uses('getconf,tools_sites'); $global_config = $app->getconf->get_global_config('sites'); $dbuser_prefix = $app->tools_sites->replacePrefix($global_config['dbuser_prefix'], $this->dataRecord); - - $this->dataRecord['database_user_prefix'] = $dbuser_prefix; - - if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}',$dbuser_prefix . $this->dataRecord['database_user'],$app->tform->wordbook["database_user_error_len"]).'<br />'; - + + $this->dataRecord['database_user_prefix'] = $dbuser_prefix; + + if(strlen($dbuser_prefix . $this->dataRecord['database_user']) > 16) $app->tform->errorMessage .= str_replace('{user}', $dbuser_prefix . $this->dataRecord['database_user'], $app->tform->wordbook["database_user_error_len"]).'<br />'; + //* Check database user against blacklist - $dbuser_blacklist = array($conf['db_user'],'mysql','root'); - if(is_array($dbuser_blacklist) && in_array($dbuser_prefix . $this->dataRecord['database_user'],$dbuser_blacklist)) { + $dbuser_blacklist = array($conf['db_user'], 'mysql', 'root'); + if(is_array($dbuser_blacklist) && in_array($dbuser_prefix . $this->dataRecord['database_user'], $dbuser_blacklist)) { $app->tform->errorMessage .= $app->lng('Database user not allowed.').'<br />'; } /* restrict the names */ - /* crop user names if they are too long -> mysql: user: 16 chars / db: 64 chars */ + /* crop user names if they are too long -> mysql: user: 16 chars / db: 64 chars */ if ($app->tform->errorMessage == ''){ $this->dataRecord['database_user'] = substr($dbuser_prefix . $this->dataRecord['database_user'], 0, 16); } - - $this->dataRecord['server_id'] = 0; // we need this on all servers - + + $this->dataRecord['server_id'] = 0; // we need this on all servers + parent::onBeforeInsert(); } function onAfterInsert() { global $app, $conf; - + if($_SESSION["s"]["user"]["typ"] == 'admin' && isset($this->dataRecord["client_group_id"])) { $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); $app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_user_id = ".$this->id); @@ -208,9 +208,9 @@ $client_group_id = $app->functions->intval($this->dataRecord["client_group_id"]); $app->db->query("UPDATE web_database_user SET sys_groupid = $client_group_id, sys_perm_group = 'riud' WHERE database_user_id = ".$this->id); } - + /*$password = $app->db->queryOneRecord("SELECT database_password FROM web_database_user WHERE database_user_id = ".$this->id); - + $records = $app->db->queryAllRecords("SELECT DISTINCT server_id FROM web_database WHERE database_user_id = '".$app->functions->intval($this->id)."' UNION SELECT DISTINCT server_id FROM web_database WHERE database_ro_user_id = '".$app->functions->intval($this->id)."'"); foreach($records as $rec) { $new_rec = $this->dataRecord; @@ -227,4 +227,4 @@ $page = new page_action; $page->onLoad(); -?> \ No newline at end of file +?> -- Gitblit v1.9.1