Postgres SQL Fixes
A few commands changed to suit postgres and the "user" table.
This commit is contained in:
parent
47f3f9939e
commit
b9efd906e5
|
@ -39,7 +39,7 @@ if(isset($input->action) && $input->action == "getDomains") {
|
||||||
SELECT COUNT(*) AS anzahl
|
SELECT COUNT(*) AS anzahl
|
||||||
FROM domains D
|
FROM domains D
|
||||||
LEFT OUTER JOIN permissions P ON D.id = P.domain
|
LEFT OUTER JOIN permissions P ON D.id = P.domain
|
||||||
WHERE (P.user=:user1 OR :user2) AND
|
WHERE (P.\"user\"=:user1 OR :user2) AND
|
||||||
(D.name LIKE :name1 OR :name2) AND
|
(D.name LIKE :name1 OR :name2) AND
|
||||||
(D.type=:type1 OR :type2)
|
(D.type=:type1 OR :type2)
|
||||||
";
|
";
|
||||||
|
@ -91,7 +91,7 @@ if(isset($input->action) && $input->action == "getDomains") {
|
||||||
FROM domains D
|
FROM domains D
|
||||||
LEFT OUTER JOIN records R ON D.id = R.domain_id
|
LEFT OUTER JOIN records R ON D.id = R.domain_id
|
||||||
LEFT OUTER JOIN permissions P ON D.id = P.domain
|
LEFT OUTER JOIN permissions P ON D.id = P.domain
|
||||||
WHERE (P.user=:user1 OR :user2)
|
WHERE (P.\"user\"=:user1 OR :user2)
|
||||||
GROUP BY D.id, D.name, D.type
|
GROUP BY D.id, D.name, D.type
|
||||||
HAVING
|
HAVING
|
||||||
(D.name LIKE :name1 OR :name2) AND
|
(D.name LIKE :name1 OR :name2) AND
|
||||||
|
@ -120,13 +120,13 @@ if(isset($input->action) && $input->action == "getDomains") {
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Now the number of entries gets limited to the domainRows config value.
|
* Now the number of entries gets limited to the domainRows config value.
|
||||||
* SQL LIMIT is used for that:
|
* SQL LIMIT and OFFSET is used for that:
|
||||||
* LIMIT lower, upper
|
* LIMIT upper OFFSET lower
|
||||||
* Note that LIMIT 0,4 returns the first five rows!
|
* Note that LIMIT 5 OFFSET 0 returns the first five rows!
|
||||||
*/
|
*/
|
||||||
$lower_limit = ($config['domain_rows'] * ($input->page - 1));
|
$lower_limit = ($config['domain_rows'] * ($input->page - 1));
|
||||||
|
|
||||||
$sql .= " LIMIT " . $lower_limit . ", " . $config['domain_rows'];
|
$sql .= " LIMIT " . $config['domain_rows'] . " OFFSET " . $lower_limit;
|
||||||
|
|
||||||
$stmt = $db->prepare($sql);
|
$stmt = $db->prepare($sql);
|
||||||
|
|
||||||
|
|
|
@ -31,7 +31,7 @@ if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
|
||||||
|
|
||||||
//Permission check
|
//Permission check
|
||||||
if(isset($input->domain)) {
|
if(isset($input->domain)) {
|
||||||
$permquery = $db->prepare("SELECT COUNT(*) FROM permissions WHERE user=:user AND domain=:domain");
|
$permquery = $db->prepare("SELECT COUNT(*) FROM permissions WHERE \"user\"=:user AND domain=:domain");
|
||||||
$permquery->bindValue(':user', $_SESSION['id'], PDO::PARAM_INT);
|
$permquery->bindValue(':user', $_SESSION['id'], PDO::PARAM_INT);
|
||||||
$permquery->bindValue(':domain', $input->domain, PDO::PARAM_INT);
|
$permquery->bindValue(':domain', $input->domain, PDO::PARAM_INT);
|
||||||
$permquery->execute();
|
$permquery->execute();
|
||||||
|
|
|
@ -29,7 +29,7 @@ if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
|
||||||
|
|
||||||
//Permission check
|
//Permission check
|
||||||
if(isset($input->record)) {
|
if(isset($input->record)) {
|
||||||
$permquery = $db->prepare("SELECT COUNT(*) FROM records JOIN permissions ON records.domain_id=permissions.domain WHERE user=:user AND records.id=:id");
|
$permquery = $db->prepare("SELECT COUNT(*) FROM records JOIN permissions ON records.domain_id=permissions.domain WHERE \"user\"=:user AND records.id=:id");
|
||||||
$permquery->bindValue(':user', $_SESSION['id'], PDO::PARAM_INT);
|
$permquery->bindValue(':user', $_SESSION['id'], PDO::PARAM_INT);
|
||||||
$permquery->bindValue(':id', $input->record, PDO::PARAM_INT);
|
$permquery->bindValue(':id', $input->record, PDO::PARAM_INT);
|
||||||
$permquery->execute();
|
$permquery->execute();
|
||||||
|
|
|
@ -37,14 +37,14 @@ if(isset($input->action) && $input->action == "addUser") {
|
||||||
|
|
||||||
$db->beginTransaction();
|
$db->beginTransaction();
|
||||||
|
|
||||||
$stmt = $db->prepare("INSERT INTO user(name,password,type) VALUES (:name,:password,:type)");
|
$stmt = $db->prepare("INSERT INTO \"user\"(name,password,type) VALUES (:name,:password,:type)");
|
||||||
|
|
||||||
$stmt->bindValue(':name', $input->name, PDO::PARAM_STR);
|
$stmt->bindValue(':name', $input->name, PDO::PARAM_STR);
|
||||||
$stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR);
|
$stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR);
|
||||||
$stmt->bindValue(':type', $input->type, PDO::PARAM_STR);
|
$stmt->bindValue(':type', $input->type, PDO::PARAM_STR);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
|
|
||||||
$stmt = $db->prepare("SELECT MAX(id) FROM user WHERE name=:name AND password=:password AND type=:type");
|
$stmt = $db->prepare("SELECT MAX(id) FROM \"user\" WHERE name=:name AND password=:password AND type=:type");
|
||||||
$stmt->bindValue(':name', $input->name, PDO::PARAM_STR);
|
$stmt->bindValue(':name', $input->name, PDO::PARAM_STR);
|
||||||
$stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR);
|
$stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR);
|
||||||
$stmt->bindValue(':type', $input->type, PDO::PARAM_STR);
|
$stmt->bindValue(':type', $input->type, PDO::PARAM_STR);
|
||||||
|
@ -58,7 +58,7 @@ if(isset($input->action) && $input->action == "addUser") {
|
||||||
}
|
}
|
||||||
|
|
||||||
if(isset($input->action) && $input->action == "getUserData") {
|
if(isset($input->action) && $input->action == "getUserData") {
|
||||||
$stmt = $db->prepare("SELECT name,type FROM user WHERE id=:id LIMIT 1");
|
$stmt = $db->prepare("SELECT name,type FROM \"user\" WHERE id=:id LIMIT 1");
|
||||||
$stmt->bindValue(':id', $input->id, PDO::PARAM_INT);
|
$stmt->bindValue(':id', $input->id, PDO::PARAM_INT);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$stmt->bindColumn('name', $userName);
|
$stmt->bindColumn('name', $userName);
|
||||||
|
@ -73,14 +73,14 @@ if(isset($input->action) && $input->action == "getUserData") {
|
||||||
if(isset($input->action) && $input->action == "saveUserChanges") {
|
if(isset($input->action) && $input->action == "saveUserChanges") {
|
||||||
if(isset($input->password)) {
|
if(isset($input->password)) {
|
||||||
$passwordHash = password_hash($input->password, PASSWORD_DEFAULT);
|
$passwordHash = password_hash($input->password, PASSWORD_DEFAULT);
|
||||||
$stmt = $db->prepare("UPDATE user SET name=:name,password=:password,type=:type WHERE id=:id");
|
$stmt = $db->prepare("UPDATE \"user\" SET name=:name,password=:password,type=:type WHERE id=:id");
|
||||||
$stmt->bindValue(':name', $input->name, PDO::PARAM_STR);
|
$stmt->bindValue(':name', $input->name, PDO::PARAM_STR);
|
||||||
$stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR);
|
$stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR);
|
||||||
$stmt->bindValue(':type', $input->type, PDO::PARAM_STR);
|
$stmt->bindValue(':type', $input->type, PDO::PARAM_STR);
|
||||||
$stmt->bindValue(':id', $input->id, PDO::PARAM_INT);
|
$stmt->bindValue(':id', $input->id, PDO::PARAM_INT);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
} else {
|
} else {
|
||||||
$stmt = $db->prepare("UPDATE user SET name=:name,type=:type WHERE id=:id");
|
$stmt = $db->prepare("UPDATE \"user\" SET name=:name,type=:type WHERE id=:id");
|
||||||
$stmt->bindValue(':name', $input->name, PDO::PARAM_STR);
|
$stmt->bindValue(':name', $input->name, PDO::PARAM_STR);
|
||||||
$stmt->bindValue(':type', $input->type, PDO::PARAM_STR);
|
$stmt->bindValue(':type', $input->type, PDO::PARAM_STR);
|
||||||
$stmt->bindValue(':id', $input->id, PDO::PARAM_INT);
|
$stmt->bindValue(':id', $input->id, PDO::PARAM_INT);
|
||||||
|
@ -94,7 +94,7 @@ if(isset($input->action) && $input->action == "getPermissions") {
|
||||||
SELECT D.id,D.name
|
SELECT D.id,D.name
|
||||||
FROM permissions P
|
FROM permissions P
|
||||||
JOIN domains D ON P.domain=D.id
|
JOIN domains D ON P.domain=D.id
|
||||||
WHERE P.user=:user
|
WHERE P.\"user\"=:user
|
||||||
");
|
");
|
||||||
|
|
||||||
$stmt->bindValue(':user', $input->id, PDO::PARAM_INT);
|
$stmt->bindValue(':user', $input->id, PDO::PARAM_INT);
|
||||||
|
@ -109,7 +109,7 @@ if(isset($input->action) && $input->action == "getPermissions") {
|
||||||
|
|
||||||
if(isset($input->action) && $input->action == "removePermission") {
|
if(isset($input->action) && $input->action == "removePermission") {
|
||||||
|
|
||||||
$stmt = $db->prepare("DELETE FROM permissions WHERE user=:user AND domain=:domain");
|
$stmt = $db->prepare("DELETE FROM permissions WHERE \"user\"=:user AND domain=:domain");
|
||||||
|
|
||||||
$stmt->bindValue(':user', $input->userId, PDO::PARAM_INT);
|
$stmt->bindValue(':user', $input->userId, PDO::PARAM_INT);
|
||||||
$stmt->bindValue(':domain', $input->domainId, PDO::PARAM_INT);
|
$stmt->bindValue(':domain', $input->domainId, PDO::PARAM_INT);
|
||||||
|
@ -117,7 +117,7 @@ if(isset($input->action) && $input->action == "removePermission") {
|
||||||
}
|
}
|
||||||
|
|
||||||
if(isset($input->action) && $input->action == "searchDomains" && isset($input->term)) {
|
if(isset($input->action) && $input->action == "searchDomains" && isset($input->term)) {
|
||||||
$stmt = $db->prepare("SELECT id,name AS text FROM domains WHERE name LIKE :name AND id NOT IN(SELECT domain FROM permissions WHERE user=:user)");
|
$stmt = $db->prepare("SELECT id,name AS text FROM domains WHERE name LIKE :name AND id NOT IN(SELECT domain FROM permissions WHERE \"user\"=:user)");
|
||||||
|
|
||||||
$searchTerm = "%" . $input->term . "%";
|
$searchTerm = "%" . $input->term . "%";
|
||||||
|
|
||||||
|
@ -133,7 +133,7 @@ if(isset($input->action) && $input->action == "searchDomains" && isset($input->t
|
||||||
}
|
}
|
||||||
|
|
||||||
if(isset($input->action) && $input->action == "addPermissions") {
|
if(isset($input->action) && $input->action == "addPermissions") {
|
||||||
$stmt = $db->prepare("INSERT INTO permissions(user,domain) VALUES (:user,:domain)");
|
$stmt = $db->prepare("INSERT INTO permissions(\"user\",domain) VALUES (:user,:domain)");
|
||||||
|
|
||||||
foreach($input->domains as $domain) {
|
foreach($input->domains as $domain) {
|
||||||
$stmt->bindValue(':user', $input->userId, PDO::PARAM_INT);
|
$stmt->bindValue(':user', $input->userId, PDO::PARAM_INT);
|
||||||
|
|
|
@ -21,7 +21,7 @@ require_once '../lib/database.php';
|
||||||
|
|
||||||
$input = json_decode(file_get_contents('php://input'));
|
$input = json_decode(file_get_contents('php://input'));
|
||||||
|
|
||||||
$stmt = $db->prepare("SELECT id,password,type FROM user WHERE name=:name LIMIT 1");
|
$stmt = $db->prepare("SELECT id,password,type FROM \"user\" WHERE name=:name LIMIT 1");
|
||||||
$stmt->bindValue(':name', $input->user, PDO::PARAM_STR);
|
$stmt->bindValue(':name', $input->user, PDO::PARAM_STR);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
$stmt->bindColumn('id', $id);
|
$stmt->bindColumn('id', $id);
|
||||||
|
|
|
@ -70,7 +70,8 @@ CREATE TABLE IF NOT EXISTS user (
|
||||||
name varchar(50) NOT NULL,
|
name varchar(50) NOT NULL,
|
||||||
password varchar(200) NOT NULL,
|
password varchar(200) NOT NULL,
|
||||||
type varchar(20) NOT NULL,
|
type varchar(20) NOT NULL,
|
||||||
PRIMARY KEY (id)
|
PRIMARY KEY (id),
|
||||||
|
UNIQUE KEY user_name_index (name)
|
||||||
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
||||||
|
|
||||||
ALTER TABLE permissions
|
ALTER TABLE permissions
|
||||||
|
@ -158,7 +159,7 @@ CREATE TABLE IF NOT EXISTS domains (
|
||||||
name VARCHAR(255) NOT NULL,
|
name VARCHAR(255) NOT NULL,
|
||||||
master VARCHAR(128) DEFAULT NULL,
|
master VARCHAR(128) DEFAULT NULL,
|
||||||
last_check INT DEFAULT NULL,
|
last_check INT DEFAULT NULL,
|
||||||
type VARCHAR(6) NOT NULL,
|
\"type\" VARCHAR(6) NOT NULL,
|
||||||
notified_serial INT DEFAULT NULL,
|
notified_serial INT DEFAULT NULL,
|
||||||
account VARCHAR(40) DEFAULT NULL,
|
account VARCHAR(40) DEFAULT NULL,
|
||||||
CONSTRAINT c_lowercase_name CHECK (((name)::TEXT = LOWER((name)::TEXT)))
|
CONSTRAINT c_lowercase_name CHECK (((name)::TEXT = LOWER((name)::TEXT)))
|
||||||
|
@ -170,7 +171,7 @@ CREATE TABLE IF NOT EXISTS records (
|
||||||
id SERIAL PRIMARY KEY,
|
id SERIAL PRIMARY KEY,
|
||||||
domain_id INT DEFAULT NULL,
|
domain_id INT DEFAULT NULL,
|
||||||
name VARCHAR(255) DEFAULT NULL,
|
name VARCHAR(255) DEFAULT NULL,
|
||||||
type VARCHAR(10) DEFAULT NULL,
|
\"type\" VARCHAR(10) DEFAULT NULL,
|
||||||
content VARCHAR(65535) DEFAULT NULL,
|
content VARCHAR(65535) DEFAULT NULL,
|
||||||
ttl INT DEFAULT NULL,
|
ttl INT DEFAULT NULL,
|
||||||
prio INT DEFAULT NULL,
|
prio INT DEFAULT NULL,
|
||||||
|
@ -189,22 +190,24 @@ CREATE INDEX IF NOT EXISTS nametype_index ON records(name,type);
|
||||||
CREATE INDEX IF NOT EXISTS domain_id ON records(domain_id);
|
CREATE INDEX IF NOT EXISTS domain_id ON records(domain_id);
|
||||||
CREATE INDEX IF NOT EXISTS recordorder ON records (domain_id, ordername text_pattern_ops);
|
CREATE INDEX IF NOT EXISTS recordorder ON records (domain_id, ordername text_pattern_ops);
|
||||||
|
|
||||||
CREATE TABLE IF NOT EXISTS user (
|
CREATE TABLE IF NOT EXISTS \"user\" (
|
||||||
id SERIAL PRIMARY KEY,
|
id SERIAL PRIMARY KEY,
|
||||||
name varchar(50) NOT NULL,
|
name varchar(50) NOT NULL,
|
||||||
password varchar(200) NOT NULL,
|
password varchar(200) NOT NULL,
|
||||||
type varchar(20) NOT NULL
|
\"type\" varchar(20) NOT NULL
|
||||||
);
|
);
|
||||||
|
|
||||||
|
CREATE UNIQUE INDEX IF NOT EXISTS user_name_index ON \"user\"(name);
|
||||||
|
|
||||||
CREATE TABLE IF NOT EXISTS permissions (
|
CREATE TABLE IF NOT EXISTS permissions (
|
||||||
user INT NOT NULL,
|
\"user\" INT NOT NULL,
|
||||||
domain INT NOT NULL,
|
\"domain\" INT NOT NULL,
|
||||||
PRIMARY KEY (user,domain),
|
PRIMARY KEY (\"user\",domain),
|
||||||
CONSTRAINT domain_exists
|
CONSTRAINT domain_exists
|
||||||
FOREIGN KEY(domain_id) REFERENCES domains(id)
|
FOREIGN KEY(domain) REFERENCES domains(id)
|
||||||
ON DELETE CASCADE,
|
ON DELETE CASCADE,
|
||||||
CONSTRAINT user_exists
|
CONSTRAINT user_exists
|
||||||
FOREIGN KEY(user) REFERENCES user(id)
|
FOREIGN KEY(\"user\") REFERENCES \"user\"(id)
|
||||||
ON DELETE CASCADE
|
ON DELETE CASCADE
|
||||||
);
|
);
|
||||||
|
|
||||||
|
@ -214,11 +217,11 @@ CREATE TABLE IF NOT EXISTS remote (
|
||||||
id SERIAL PRIMARY KEY,
|
id SERIAL PRIMARY KEY,
|
||||||
record INT NOT NULL,
|
record INT NOT NULL,
|
||||||
description varchar(255) NOT NULL,
|
description varchar(255) NOT NULL,
|
||||||
type varchar(20) NOT NULL,
|
\"type\" varchar(20) NOT NULL,
|
||||||
security varchar(2000) NOT NULL,
|
\"security\" varchar(2000) NOT NULL,
|
||||||
nonce varchar(255) DEFAULT NULL,
|
nonce varchar(255) DEFAULT NULL,
|
||||||
CONSTRAINT record_exists
|
CONSTRAINT record_exists
|
||||||
FOREIGN KEY(record_id) REFERENCES records(id)
|
FOREIGN KEY(record) REFERENCES records(id)
|
||||||
ON DELETE CASCADE
|
ON DELETE CASCADE
|
||||||
);
|
);
|
||||||
|
|
||||||
|
@ -244,7 +247,7 @@ CREATE TABLE IF NOT EXISTS comments (
|
||||||
id SERIAL PRIMARY KEY,
|
id SERIAL PRIMARY KEY,
|
||||||
domain_id INT NOT NULL,
|
domain_id INT NOT NULL,
|
||||||
name VARCHAR(255) NOT NULL,
|
name VARCHAR(255) NOT NULL,
|
||||||
type VARCHAR(10) NOT NULL,
|
\"type\" VARCHAR(10) NOT NULL,
|
||||||
modified_at INT NOT NULL,
|
modified_at INT NOT NULL,
|
||||||
account VARCHAR(40) DEFAULT NULL,
|
account VARCHAR(40) DEFAULT NULL,
|
||||||
comment VARCHAR(65535) NOT NULL,
|
comment VARCHAR(65535) NOT NULL,
|
||||||
|
@ -297,13 +300,25 @@ catch (PDOException $e) {
|
||||||
$retval['status'] = "error";
|
$retval['status'] = "error";
|
||||||
$retval['message'] = serialize($e);
|
$retval['message'] = serialize($e);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||||||
|
|
||||||
if (!isset($retval)) {
|
if (!isset($retval)) {
|
||||||
$passwordHash = password_hash($input->userPassword, PASSWORD_DEFAULT);
|
$passwordHash = password_hash($input->userPassword, PASSWORD_DEFAULT);
|
||||||
|
|
||||||
$stmt = $db->query($sql[$input->type]);
|
$queries = explode(";", $sql[$input->type]);
|
||||||
while ($stmt->nextRowset()) {;}
|
|
||||||
|
|
||||||
$stmt = $db->prepare("INSERT INTO user(name,password,type) VALUES (:user,:hash,'admin')");
|
$db->beginTransaction();
|
||||||
|
|
||||||
|
foreach ($queries as $query) {
|
||||||
|
if (preg_replace('/\s+/', '', $query) != '') {
|
||||||
|
$db->exec($query);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$db->commit();
|
||||||
|
|
||||||
|
$stmt = $db->prepare("INSERT INTO \"user\"(name,password,type) VALUES (:user,:hash,'admin')");
|
||||||
$stmt->bindValue(':user', $input->userName, PDO::PARAM_STR);
|
$stmt->bindValue(':user', $input->userName, PDO::PARAM_STR);
|
||||||
$stmt->bindValue(':hash', $passwordHash, PDO::PARAM_STR);
|
$stmt->bindValue(':hash', $passwordHash, PDO::PARAM_STR);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
|
@ -318,15 +333,14 @@ if (!isset($retval)) {
|
||||||
$configFile[] = '$config[\'db_port\'] = ' . addslashes($input->port) . ";";
|
$configFile[] = '$config[\'db_port\'] = ' . addslashes($input->port) . ";";
|
||||||
$configFile[] = '$config[\'db_type\'] = \'' . addslashes($input->type) . "';";
|
$configFile[] = '$config[\'db_type\'] = \'' . addslashes($input->type) . "';";
|
||||||
|
|
||||||
|
$retval['status'] = "success";
|
||||||
try {
|
try {
|
||||||
file_put_contents("../config/config-user.php", implode("\n", $configFile));
|
file_put_contents("../config/config-user.php", implode("\n", $configFile));
|
||||||
$retval['status'] = "success";
|
|
||||||
}
|
}
|
||||||
catch (Exception $e) {
|
catch (Exception $e) {
|
||||||
$retval['status'] = "error";
|
$retval['status'] = "error";
|
||||||
$retval['message'] = serialize($e);
|
$retval['message'] = serialize($e);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if(isset($retval)) {
|
if(isset($retval)) {
|
||||||
|
|
|
@ -30,7 +30,7 @@ if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
|
||||||
if(isset($input->action) && $input->action == "changePassword") {
|
if(isset($input->action) && $input->action == "changePassword") {
|
||||||
$passwordHash = password_hash($input->password, PASSWORD_DEFAULT);
|
$passwordHash = password_hash($input->password, PASSWORD_DEFAULT);
|
||||||
|
|
||||||
$stmt = $db->prepare("UPDATE user SET password=:password WHERE id=:id");
|
$stmt = $db->prepare("UPDATE \"user\" SET password=:password WHERE id=:id");
|
||||||
$stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR);
|
$stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR);
|
||||||
$stmt->bindValue(':id', $_SESSION['id'], PDO::PARAM_INT);
|
$stmt->bindValue(':id', $_SESSION['id'], PDO::PARAM_INT);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
|
|
|
@ -55,8 +55,17 @@ if(isset($input->action) && $input->action == "requestUpgrade") {
|
||||||
INSERT INTO options(name,value) VALUES ('schema_version', 1);
|
INSERT INTO options(name,value) VALUES ('schema_version', 1);
|
||||||
";
|
";
|
||||||
$sql["pgsql"] = "INSERT INTO options(name,value) VALUES ('schema_version', 1);";
|
$sql["pgsql"] = "INSERT INTO options(name,value) VALUES ('schema_version', 1);";
|
||||||
$stmt = $db->query($sql[$dbType]);
|
$queries = explode(";", $sql[$dbType]);
|
||||||
while ($stmt->nextRowset()) {;}
|
|
||||||
|
$db->beginTransaction();
|
||||||
|
|
||||||
|
foreach ($queries as $query) {
|
||||||
|
if (preg_replace('/\s+/', '', $query) != '') {
|
||||||
|
$db->exec($query);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$db->commit();
|
||||||
}
|
}
|
||||||
if($currentVersion < 2) {
|
if($currentVersion < 2) {
|
||||||
$sql["mysql"] = "
|
$sql["mysql"] = "
|
||||||
|
@ -80,8 +89,18 @@ if(isset($input->action) && $input->action == "requestUpgrade") {
|
||||||
UPDATE options SET value=2 WHERE name='schema_version';
|
UPDATE options SET value=2 WHERE name='schema_version';
|
||||||
";
|
";
|
||||||
$sql["pgsql"] = "UPDATE options SET value=2 WHERE name='schema_version';";
|
$sql["pgsql"] = "UPDATE options SET value=2 WHERE name='schema_version';";
|
||||||
$stmt = $db->query($sql[$dbType]);
|
$queries = explode(";", $sql[$dbType]);
|
||||||
while ($stmt->nextRowset()) {;}
|
|
||||||
|
$db->beginTransaction();
|
||||||
|
|
||||||
|
foreach ($queries as $query) {
|
||||||
|
if (preg_replace('/\s+/', '', $query) != '') {
|
||||||
|
$db->exec($query);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$db->commit();
|
||||||
|
|
||||||
}
|
}
|
||||||
if($currentVersion < 3) {
|
if($currentVersion < 3) {
|
||||||
$sql["mysql"] = "
|
$sql["mysql"] = "
|
||||||
|
@ -99,8 +118,17 @@ if(isset($input->action) && $input->action == "requestUpgrade") {
|
||||||
UPDATE options SET value=3 WHERE name='schema_version';
|
UPDATE options SET value=3 WHERE name='schema_version';
|
||||||
";
|
";
|
||||||
$sql["pgsql"] = "UPDATE options SET value=3 WHERE name='schema_version';";
|
$sql["pgsql"] = "UPDATE options SET value=3 WHERE name='schema_version';";
|
||||||
$stmt = $db->query($sql[$dbType]);
|
$queries = explode(";", $sql[$dbType]);
|
||||||
while ($stmt->nextRowset()) {;}
|
|
||||||
|
$db->beginTransaction();
|
||||||
|
|
||||||
|
foreach ($queries as $query) {
|
||||||
|
if (preg_replace('/\s+/', '', $query) != '') {
|
||||||
|
$db->exec($query);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$db->commit();
|
||||||
|
|
||||||
}
|
}
|
||||||
if($currentVersion < 4) {
|
if($currentVersion < 4) {
|
||||||
|
@ -146,11 +174,22 @@ if(isset($input->action) && $input->action == "requestUpgrade") {
|
||||||
UNIQUE KEY namealgoindex (name, algorithm)
|
UNIQUE KEY namealgoindex (name, algorithm)
|
||||||
) Engine=InnoDB DEFAULT CHARSET=latin1;
|
) Engine=InnoDB DEFAULT CHARSET=latin1;
|
||||||
|
|
||||||
|
ALTER TABLE user ADD UNIQUE KEY user_name_index (name);
|
||||||
|
|
||||||
UPDATE options SET value=4 WHERE name='schema_version';
|
UPDATE options SET value=4 WHERE name='schema_version';
|
||||||
";
|
";
|
||||||
$sql["pgsql"] = "UPDATE options SET value=4 WHERE name='schema_version';";
|
$sql["pgsql"] = "UPDATE options SET value=4 WHERE name='schema_version';";
|
||||||
$stmt = $db->query($sql[$dbType]);
|
$queries = explode(";", $sql[$dbType]);
|
||||||
while ($stmt->nextRowset()) {;}
|
|
||||||
|
$db->beginTransaction();
|
||||||
|
|
||||||
|
foreach ($queries as $query) {
|
||||||
|
if (preg_replace('/\s+/', '', $query) != '') {
|
||||||
|
$db->exec($query);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
$db->commit();
|
||||||
}
|
}
|
||||||
$retval['status'] = "success";
|
$retval['status'] = "success";
|
||||||
}
|
}
|
||||||
|
|
|
@ -36,7 +36,7 @@ if(isset($input->action) && $input->action == "getUsers") {
|
||||||
|
|
||||||
$sql = "
|
$sql = "
|
||||||
SELECT id,name,type
|
SELECT id,name,type
|
||||||
FROM user
|
FROM \"user\"
|
||||||
WHERE
|
WHERE
|
||||||
(name LIKE :name1 OR :name2) AND
|
(name LIKE :name1 OR :name2) AND
|
||||||
(type=:type1 OR :type2)
|
(type=:type1 OR :type2)
|
||||||
|
@ -96,11 +96,11 @@ if(isset($input->action) && $input->action == "deleteUser") {
|
||||||
|
|
||||||
$db->beginTransaction();
|
$db->beginTransaction();
|
||||||
|
|
||||||
$stmt = $db->prepare("DELETE FROM permissions WHERE user=:userid");
|
$stmt = $db->prepare("DELETE FROM permissions WHERE \"user\"=:userid");
|
||||||
$stmt->bindValue(':userid', $userId, PDO::PARAM_INT);
|
$stmt->bindValue(':userid', $userId, PDO::PARAM_INT);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
|
|
||||||
$stmt = $db->prepare("DELETE FROM user WHERE id=:id");
|
$stmt = $db->prepare("DELETE FROM \"user\" WHERE id=:id");
|
||||||
$stmt->bindValue(':id', $userId, PDO::PARAM_INT);
|
$stmt->bindValue(':id', $userId, PDO::PARAM_INT);
|
||||||
$stmt->execute();
|
$stmt->execute();
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue