You've already forked postfixadmin
mirror of
https://github.com/postfixadmin/postfixadmin.git
synced 2025-08-06 06:42:37 +03:00
reformat; fix some transition bugs
This commit is contained in:
David Goodwin
committed by
David Goodwin
David Goodwin
parent
ea33d9951a
commit
1176c9ce78
@@ -327,39 +327,13 @@ function check_email($email) {
|
||||
* @return string cleaned data, suitable for use within an SQL statement.
|
||||
*/
|
||||
function escape_string($string) {
|
||||
global $CONF;
|
||||
|
||||
if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
|
||||
$string = stripslashes($string);
|
||||
if (is_numeric($string)) {
|
||||
return $string;
|
||||
}
|
||||
|
||||
$escaped_string = '';
|
||||
|
||||
if (!is_numeric($string)) {
|
||||
$link = db_connect();
|
||||
|
||||
if ($CONF['database_type'] == "mysql" && is_resource($link)) {
|
||||
$escaped_string = mysql_real_escape_string($string, $link);
|
||||
}
|
||||
if ($CONF['database_type'] == "mysqli" && $link instanceof mysqli) {
|
||||
$escaped_string = mysqli_real_escape_string($link, $string);
|
||||
}
|
||||
if (db_sqlite()) {
|
||||
$escaped_string = SQLite3::escapeString($string);
|
||||
}
|
||||
if (db_pgsql() && is_resource($link)) {
|
||||
// php 5.2+ allows for $link to be specified.
|
||||
if (version_compare(phpversion(), "5.2.0", ">=")) {
|
||||
$escaped_string = pg_escape_string($link, $string);
|
||||
} else {
|
||||
$escaped_string = pg_escape_string($string);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$escaped_string = $string;
|
||||
}
|
||||
|
||||
return $escaped_string;
|
||||
return trim($link->quote($string), "'");
|
||||
}
|
||||
|
||||
|
||||
@@ -588,12 +562,10 @@ function create_page_browser($idxfield, $querypart) {
|
||||
if (isset($result[$k + 1])) {
|
||||
$row2 = $result[$k + 1];
|
||||
$label = substr($row['label'], 0, $label_len) . '-' . substr($row2['label'], 0, $label_len);
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
$label = substr($row['label'], 0, $label_len);
|
||||
}
|
||||
$pagebrowser[] = $label;
|
||||
|
||||
}
|
||||
|
||||
if (db_pgsql()) {
|
||||
@@ -652,7 +624,6 @@ function check_owner($username, $domain) {
|
||||
* @return array of domain names.
|
||||
*/
|
||||
function list_domains_for_admin($username) {
|
||||
|
||||
$table_domain = table_by_key('domain');
|
||||
$table_domain_admins = table_by_key('domain_admins');
|
||||
|
||||
@@ -683,7 +654,6 @@ function list_domains_for_admin($username) {
|
||||
$result = db_prepared_fetch_all($query, $pvalues);
|
||||
|
||||
return array_column($result, 'domain');
|
||||
|
||||
}
|
||||
|
||||
|
||||
@@ -729,6 +699,7 @@ function list_admins() {
|
||||
$handler = new AdminHandler();
|
||||
|
||||
$handler->getList('');
|
||||
|
||||
return $handler->result();
|
||||
}
|
||||
|
||||
@@ -1509,8 +1480,7 @@ function db_connect_with_errors() {
|
||||
}
|
||||
$queries[] = 'SET CHARACTER SET utf8';
|
||||
$queries[] = "SET COLLATION_CONNECTION='utf8_general_ci'";
|
||||
}
|
||||
elseif (db_sqlite()) {
|
||||
} elseif (db_sqlite()) {
|
||||
$dsn = "sqlite:{$CONF['database_name']}";
|
||||
$username_password = false;
|
||||
} elseif (db_pgsql()) {
|
||||
@@ -1523,9 +1493,8 @@ function db_connect_with_errors() {
|
||||
}
|
||||
|
||||
if ($username_password) {
|
||||
$link = new PDO($dsn, Config::read_string('database_user'), Config::read_string('database_pass'), $options);
|
||||
}
|
||||
else {
|
||||
$link = new PDO($dsn, Config::read_string('database_user'), Config::read_string('database_password'), $options);
|
||||
} else {
|
||||
$link = new PDO($dsn, null, null, $options);
|
||||
}
|
||||
|
||||
@@ -1658,8 +1627,7 @@ function db_prepared_insert($sql, array $values = array()) {
|
||||
try {
|
||||
$stmt = $link->prepare($sql);
|
||||
$stmt->execute($values);
|
||||
}
|
||||
catch(PDOException $e) {
|
||||
} catch (PDOException $e) {
|
||||
$error_text = "Invalid query: " . $e->getMessage() . " caused by " . $sql ;
|
||||
error_log($error_text);
|
||||
}
|
||||
@@ -1673,15 +1641,13 @@ function db_prepared_insert($sql, array $values = array()) {
|
||||
* @return array e.g. ['result' => PDOStatement, 'error' => string ]
|
||||
*/
|
||||
function db_prepared_query($sql, array $values = array(), $ignore_errors = false) {
|
||||
|
||||
$link = db_connect();
|
||||
$error_text = '';
|
||||
|
||||
try {
|
||||
$stmt = $link->prepare($sql);
|
||||
$stmt->execute($values);
|
||||
}
|
||||
catch(PDOException $e) {
|
||||
} catch (PDOException $e) {
|
||||
$error_text = "Invalid query: " . $e->getMessage() . " caused by " . $sql ;
|
||||
error_log($error_text);
|
||||
if (!$ignore_errors) {
|
||||
@@ -1701,32 +1667,10 @@ function db_prepared_query($sql, array $values = array(), $ignore_errors = false
|
||||
* @param int $ignore_errors (default 0 aka do not ignore errors)
|
||||
* @return array ['result' => resource, 'rows' => int ,'error' => string]
|
||||
*/
|
||||
function db_query($query, $ignore_errors = 0)
|
||||
{
|
||||
function db_query($query, $ignore_errors = 0) {
|
||||
return db_prepared_query($query, array(), $ignore_errors == 0);
|
||||
}
|
||||
|
||||
// db_row
|
||||
// Action: Returns a row from a table
|
||||
// Call: db_row (int result)
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* Get an associative array from a DB query resource.
|
||||
*
|
||||
* @param PDOStatement $result
|
||||
* @return array
|
||||
*/
|
||||
function db_assoc(PDOStatement $result) {
|
||||
|
||||
$row = $result->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
if (!is_array($row)) {
|
||||
$row = [];
|
||||
}
|
||||
return $row;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
@@ -1746,7 +1690,6 @@ function db_delete($table, $where, $delete, $additionalwhere='') {
|
||||
$query = "DELETE FROM $table WHERE $where = ? $additionalwhere";
|
||||
|
||||
return db_prepared_insert($query, [$delete]);
|
||||
|
||||
}
|
||||
|
||||
|
||||
@@ -1799,8 +1742,7 @@ function db_insert($table, array $values, $timestamp = array('created', 'modifie
|
||||
if (in_array($field, $timestamp)) {
|
||||
$value_string .= $comma . $value; // see above.
|
||||
unset($prepared_statment_values[$field]);
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
$value_string .= $comma . ":{$field}";
|
||||
}
|
||||
$comma = ',';
|
||||
@@ -1810,7 +1752,6 @@ function db_insert($table, array $values, $timestamp = array('created', 'modifie
|
||||
return db_prepared_insert(
|
||||
"INSERT INTO $table (" . implode(",", array_keys($values)) .") VALUES ($value_string)",
|
||||
$prepared_statment_values);
|
||||
|
||||
}
|
||||
|
||||
|
||||
@@ -1826,7 +1767,6 @@ function db_insert($table, array $values, $timestamp = array('created', 'modifie
|
||||
* @return int - number of updated rows
|
||||
*/
|
||||
function db_update($table, $where_col, $where_value, $values, $timestamp = array('modified')) {
|
||||
|
||||
$table_key = table_by_key($table);
|
||||
$sql_values = array();
|
||||
|
||||
@@ -1837,16 +1777,13 @@ function db_update($table, $where_col, $where_value, $values, $timestamp = array
|
||||
if (in_array($key, $timestamp)) {
|
||||
if (db_sqlite()) {
|
||||
$set[] = " $key = datetime('now') ";
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
$set[] = " $key = now() ";
|
||||
}
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
$set[] = " $key = :$key ";
|
||||
$pvalues[$key] = $value;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
/* @todo this needs refactoring/moving out from here */
|
||||
@@ -1867,7 +1804,6 @@ function db_update($table, $where_col, $where_value, $values, $timestamp = array
|
||||
$sql="UPDATE $table_key SET " . implode(",", $set) . " WHERE $where_col = :where";
|
||||
|
||||
return db_prepared_insert($sql, $pvalues);
|
||||
|
||||
}
|
||||
|
||||
|
||||
@@ -2042,8 +1978,7 @@ function check_db_version($error_out = true) {
|
||||
|
||||
if (isset($row['value'])) {
|
||||
$dbversion = (int) $row['value'];
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
db_query("INSERT INTO $table (name, value) VALUES ('version', '0')", 0);
|
||||
}
|
||||
|
||||
@@ -2071,10 +2006,10 @@ function gen_show_status($show_alias) {
|
||||
$stat_string = "";
|
||||
|
||||
$stat_goto = "";
|
||||
$stat_result = db_prepared_fetch_all("SELECT goto FROM $table_alias WHERE address=?", [$show_alias]);
|
||||
$stat_result = db_prepared_fetch_one("SELECT goto FROM $table_alias WHERE address=?", array($show_alias));
|
||||
|
||||
if (sizeof($stat_result) > 0) {
|
||||
$stat_goto = $stat_result[0]['goto'];
|
||||
if ($stat_result) {
|
||||
$stat_goto = $stat_result['goto'];
|
||||
}
|
||||
|
||||
$delimiter_regex = null;
|
||||
@@ -2115,11 +2050,12 @@ function gen_show_status($show_alias) {
|
||||
$sql .= " OR address = ? ";
|
||||
}
|
||||
|
||||
$stat_result = db_prepared_query($sql, $v);
|
||||
$stat_result = db_prepared_fetch_one($sql, $v);
|
||||
|
||||
if (array_key_exists('rows', $stat_result) && $stat_result['rows'] == 0) {
|
||||
if (empty($stat_result)) {
|
||||
$stat_ok = 0;
|
||||
}
|
||||
|
||||
if ($stat_ok == 0) {
|
||||
if ($stat_domain == $CONF['vacation_domain'] || in_array($stat_domain, $CONF['show_undeliverable_exceptions'])) {
|
||||
$stat_ok = 1;
|
||||
@@ -2135,8 +2071,8 @@ function gen_show_status($show_alias) {
|
||||
|
||||
// Vacation CHECK
|
||||
if ( $CONF['show_vacation'] == 'YES' ) {
|
||||
$stat_result = db_prepared_query("SELECT * FROM ". $CONF['database_tables']['vacation'] ." WHERE email = ? AND active = ? ", array($show_alias, db_get_boolean(true) )) ;
|
||||
if ($stat_result['rows'] == 1) {
|
||||
$stat_result = db_prepared_fetch_one("SELECT * FROM ". $CONF['database_tables']['vacation'] ." WHERE email = ? AND active = ? ", array($show_alias, db_get_boolean(true) )) ;
|
||||
if (!empty($stat_result)) {
|
||||
$stat_string .= "<span style='background-color:" . $CONF['show_vacation_color'] . "'>" . $CONF['show_status_text'] . "</span> ";
|
||||
} else {
|
||||
$stat_string .= $CONF['show_status_text'] . " ";
|
||||
@@ -2145,11 +2081,11 @@ function gen_show_status($show_alias) {
|
||||
|
||||
// Disabled CHECK
|
||||
if ( $CONF['show_disabled'] == 'YES' ) {
|
||||
$stat_result = db_prepared_query(
|
||||
$stat_result = db_prepared_fetch_one(
|
||||
"SELECT * FROM ". $CONF['database_tables']['mailbox'] ." WHERE username = ? AND active = ?",
|
||||
array($show_alias, db_get_boolean(false))
|
||||
);
|
||||
if ($stat_result['rows'] == 1) {
|
||||
if (!empty($stat_result)) {
|
||||
$stat_string .= "<span style='background-color:" . $CONF['show_disabled_color'] . "'>" . $CONF['show_status_text'] . "</span> ";
|
||||
} else {
|
||||
$stat_string .= $CONF['show_status_text'] . " ";
|
||||
@@ -2163,9 +2099,9 @@ function gen_show_status($show_alias) {
|
||||
$now = "datetime('now')";
|
||||
}
|
||||
|
||||
$stat_result = db_prepared_query("SELECT * FROM ". $CONF['database_tables']['mailbox'] ." WHERE username = ? AND password_expiry <= ? AND active = ?", array( $show_alias , $now , db_get_boolean(true) ));
|
||||
$stat_result = db_prepared_fetch_one("SELECT * FROM ". $CONF['database_tables']['mailbox'] ." WHERE username = ? AND password_expiry <= ? AND active = ?", array( $show_alias , $now , db_get_boolean(true) ));
|
||||
|
||||
if ($stat_result['rows'] == 1) {
|
||||
if (!empty($stat_result)) {
|
||||
$stat_string .= "<span style='background-color:" . $CONF['show_expired_color'] . "'>" . $CONF['show_status_text'] . "</span> ";
|
||||
} else {
|
||||
$stat_string .= $CONF['show_status_text'] . " ";
|
||||
|
||||
@@ -154,8 +154,8 @@ class AdminHandler extends PFAHandler {
|
||||
'domain' => 'ALL',
|
||||
);
|
||||
$where = db_where_clause(array('username' => $this->id, 'domain' => 'ALL'), $this->struct);
|
||||
$result = db_query("SELECT username from " . table_by_key('domain_admins') . " " . $where);
|
||||
if ($result['rows'] == 0) {
|
||||
$result = db_prepared_fetch_one("SELECT username from " . table_by_key('domain_admins') . " " . $where);
|
||||
if(empty($result)) {
|
||||
db_insert('domain_admins', $values, array('created'));
|
||||
# TODO: check for errors
|
||||
}
|
||||
|
||||
@@ -727,7 +727,9 @@ abstract class PFAHandler {
|
||||
|
||||
$db_result = array();
|
||||
|
||||
|
||||
$result = db_prepared_fetch_all($query);
|
||||
|
||||
foreach ($result as $row) {
|
||||
$db_result[$row[$this->id_field]] = $row;
|
||||
}
|
||||
@@ -814,7 +816,6 @@ abstract class PFAHandler {
|
||||
* @return boolean true on successful login (i.e. password matches etc)
|
||||
*/
|
||||
public function login($username, $password) {
|
||||
|
||||
$table = table_by_key($this->db_table);
|
||||
$active = db_get_boolean(true);
|
||||
$query = "SELECT password FROM $table WHERE {$this->id_field} = :username AND active = :active";
|
||||
@@ -861,7 +862,6 @@ abstract class PFAHandler {
|
||||
* @return boolean true on success (i.e. code matches etc)
|
||||
*/
|
||||
public function checkPasswordRecoveryCode($username, $token) {
|
||||
|
||||
$table = table_by_key($this->db_table);
|
||||
$active = db_get_boolean(true);
|
||||
|
||||
|
||||
@@ -186,7 +186,6 @@ class VacationHandler extends PFAHandler {
|
||||
* will return false if no existing data
|
||||
*/
|
||||
public function get_details() {
|
||||
|
||||
$table_vacation = table_by_key('vacation');
|
||||
|
||||
$sql = "SELECT * FROM $table_vacation WHERE email = :username";
|
||||
@@ -244,8 +243,8 @@ class VacationHandler extends PFAHandler {
|
||||
|
||||
// is there an entry in the vacaton table for the user, or do we need to insert?
|
||||
$table_vacation = table_by_key('vacation');
|
||||
$result = db_query("SELECT * FROM $table_vacation WHERE email = '$E_username'");
|
||||
if ($result['rows'] == 1) {
|
||||
$result = db_prepared_fetch_one("SELECT * FROM $table_vacation WHERE email = ?", array($this->username));
|
||||
if(!empty($result)) {
|
||||
$result = db_update('vacation', 'email', $this->username, $vacation_data);
|
||||
} else {
|
||||
$result = db_insert('vacation', $vacation_data);
|
||||
|
||||
@@ -101,7 +101,6 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") {
|
||||
foreach ($result as $row) {
|
||||
fwrite($fh, array_pop($row));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
for ($i = 0 ; $i < sizeof($tables) ; ++$i) {
|
||||
@@ -120,7 +119,6 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") {
|
||||
$fields = "";
|
||||
$values = "";
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
header("Content-Type: text/plain");
|
||||
|
||||
@@ -229,7 +229,6 @@ $delimiter = preg_quote($CONF['recipient_delimiter'], "/");
|
||||
$goto_single_rec_del = "";
|
||||
|
||||
foreach ($result as $row) {
|
||||
|
||||
if ($display_mailbox_aliases) {
|
||||
$goto_split = explode(",", $row['goto']);
|
||||
$row['goto_mailbox'] = 0;
|
||||
|
||||
@@ -76,6 +76,7 @@ if (count($search)) {
|
||||
} else {
|
||||
$handler->getList('');
|
||||
}
|
||||
|
||||
$items = $handler->result();
|
||||
|
||||
if (count($handler->errormsg)) {
|
||||
|
||||
@@ -1416,7 +1416,6 @@ function upgrade_1284_mysql_pgsql() {
|
||||
printdebug("Setting superadmin flag for " . $row['username']);
|
||||
db_update('admin', 'username', $row['username'], array('superadmin' => db_get_boolean(true)));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
function upgrade_1345_mysql() {
|
||||
|
||||
@@ -3,7 +3,6 @@
|
||||
require_once('common.php');
|
||||
|
||||
class DbBasicTest extends \PHPUnit\Framework\TestCase {
|
||||
|
||||
private $test_domain;
|
||||
|
||||
public function setUp() {
|
||||
@@ -12,10 +11,8 @@ class DbBasicTest extends \PHPUnit\Framework\TestCase {
|
||||
$this->test_domain = $test_domain;
|
||||
|
||||
$db->exec("DELETE FROM domain WHERE domain = '$test_domain'");
|
||||
|
||||
}
|
||||
public function testInsertDeleteDomain() {
|
||||
|
||||
$domain = $this->test_domain;
|
||||
|
||||
$username = 'testusername' . uniqid();
|
||||
|
||||
Reference in New Issue
Block a user