You've already forked postfixadmin
mirror of
https://github.com/postfixadmin/postfixadmin.git
synced 2025-08-06 06:42:37 +03:00
changed db_update parameters for the most common usecase "WHERE col=value" -
column and value are separate parameters now functions.inc.php: - changed function db_update() parameters - column name and value for the WHERE condition are now two separate parameters. This means we don't need to escape_string(), add quotes etc. for most UPDATE queries. Example call: db_update('alias', 'address', $this->username, $values_array) - the previous db_update() is now called db_update_q() model/UserHandler.php: - changed db_update call to the new parameters - removed now unused variables - renamed $username to $E_username - call pacrypt directly when setting the $set array, no need for $new_db_password model/AliasHandler.php - changed db_update call to the new parameters edit-mailbox.php - switched to db_update_q() git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@931 a1433add-5e2c-0410-b055-b7f2511e0802
This commit is contained in:
@@ -154,7 +154,7 @@ if ($_SERVER['REQUEST_METHOD'] == "POST")
|
|||||||
if(preg_match('/^(.*)@/', $fUsername, $matches)) {
|
if(preg_match('/^(.*)@/', $fUsername, $matches)) {
|
||||||
$formvars['local_part'] = $matches[1];
|
$formvars['local_part'] = $matches[1];
|
||||||
}
|
}
|
||||||
$result = db_update('mailbox', "username='$fUsername' AND domain='$fDomain'", $formvars, array('modified'));
|
$result = db_update_q('mailbox', "username='$fUsername' AND domain='$fDomain'", $formvars, array('modified')); # TODO: check if we need the AND domain=... clause, if not, switch to db_update()
|
||||||
$maildir = $user_details['maildir'];
|
$maildir = $user_details['maildir'];
|
||||||
if ($result != 1 || !mailbox_postedit($fUsername,$fDomain,$maildir, $quota)) {
|
if ($result != 1 || !mailbox_postedit($fUsername,$fDomain,$maildir, $quota)) {
|
||||||
$tMessage = $PALANG['pEdit_mailbox_result_error'];
|
$tMessage = $PALANG['pEdit_mailbox_result_error'];
|
||||||
|
@@ -1728,15 +1728,30 @@ function db_insert ($table, $values, $timestamp = array('created', 'modified') )
|
|||||||
/**
|
/**
|
||||||
* db_update
|
* db_update
|
||||||
* Action: Updates a specified table
|
* Action: Updates a specified table
|
||||||
* Call: db_update (string table, string where, array values [, array timestamp])
|
* Call: db_update (string table, string where_col, string where_value, array values [, array timestamp])
|
||||||
* @param String - table name
|
* @param String - table name
|
||||||
* @param String - WHERE condition
|
* @param String - column of WHERE condition
|
||||||
|
* @param String - value of WHERE condition
|
||||||
* @param array - key/value map of data to insert into the table.
|
* @param array - key/value map of data to insert into the table.
|
||||||
* @param array (optional) - array of fields to set to now() - default: array('modified')
|
* @param array (optional) - array of fields to set to now() - default: array('modified')
|
||||||
* @return int - number of updated rows
|
* @return int - number of updated rows
|
||||||
*/
|
*/
|
||||||
function db_update ($table, $where, $values, $timestamp = array('modified') )
|
function db_update ($table, $where_col, $where_value, $values, $timestamp = array('modified') ) {
|
||||||
{
|
$where = $where_col . " = '" . escape_string($where_value) . "'";
|
||||||
|
return db_update_q ($table, $where, $values, $timestamp = array('modified') );
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* db_update_q
|
||||||
|
* Action: Updates a specified table
|
||||||
|
* Call: db_update_q (string table, string where, array values [, array timestamp])
|
||||||
|
* @param String - table name
|
||||||
|
* @param String - WHERE condition (as SQL)
|
||||||
|
* @param array - key/value map of data to insert into the table.
|
||||||
|
* @param array (optional) - array of fields to set to now() - default: array('modified')
|
||||||
|
* @return int - number of updated rows
|
||||||
|
*/
|
||||||
|
function db_update_q ($table, $where, $values, $timestamp = array('modified') ) {
|
||||||
$table = table_by_key ($table);
|
$table = table_by_key ($table);
|
||||||
|
|
||||||
foreach(array_keys($values) as $key) {
|
foreach(array_keys($values) as $key) {
|
||||||
|
@@ -167,7 +167,7 @@ class AliasHandler {
|
|||||||
$alias_data = array(
|
$alias_data = array(
|
||||||
'goto' => $goto,
|
'goto' => $goto,
|
||||||
);
|
);
|
||||||
$result = db_update('alias', "address = '$E_username'", $alias_data);
|
$result = db_update('alias', 'address', $this->username, $alias_data);
|
||||||
}
|
}
|
||||||
if($result != 1) {
|
if($result != 1) {
|
||||||
return false;
|
return false;
|
||||||
|
@@ -28,17 +28,14 @@ class UserHandler {
|
|||||||
* as per the configuration in config.inc.php
|
* as per the configuration in config.inc.php
|
||||||
*/
|
*/
|
||||||
public function change_pw($new_password, $old_password, $match = true) {
|
public function change_pw($new_password, $old_password, $match = true) {
|
||||||
$username = $this->username;
|
|
||||||
list(/*NULL*/,$domain) = explode('@', $username);
|
list(/*NULL*/,$domain) = explode('@', $username);
|
||||||
|
|
||||||
$username = escape_string($username);
|
$E_username = escape_string($this->username);
|
||||||
$table_mailbox = table_by_key('mailbox');
|
$table_mailbox = table_by_key('mailbox');
|
||||||
|
|
||||||
$new_db_password = pacrypt($new_password);
|
|
||||||
|
|
||||||
if ($match == true) {
|
if ($match == true) {
|
||||||
$active = db_get_boolean(True);
|
$active = db_get_boolean(True);
|
||||||
$result = db_query("SELECT password FROM $table_mailbox WHERE username='$username' AND active='$active'");
|
$result = db_query("SELECT password FROM $table_mailbox WHERE username='$E_username' AND active='$active'");
|
||||||
$result = db_assoc($result['result']);
|
$result = db_assoc($result['result']);
|
||||||
|
|
||||||
if (pacrypt($old_password, $result['password']) != $result['password']) {
|
if (pacrypt($old_password, $result['password']) != $result['password']) {
|
||||||
@@ -49,10 +46,10 @@ class UserHandler {
|
|||||||
}
|
}
|
||||||
|
|
||||||
$set = array(
|
$set = array(
|
||||||
'password' => $new_db_password
|
'password' => pacrypt($new_password) ,
|
||||||
);
|
);
|
||||||
|
|
||||||
$result = db_update('mailbox', 'username=\''.$username.'\'', $set );
|
$result = db_update('mailbox', 'username', $this->username, $set );
|
||||||
|
|
||||||
if ($result != 1) {
|
if ($result != 1) {
|
||||||
db_log ('CONSOLE', $domain, 'edit_password', "FAILURE: " . $this->username); # TODO: replace hardcoded CONSOLE - class is used by XMLRPC and users/
|
db_log ('CONSOLE', $domain, 'edit_password', "FAILURE: " . $this->username); # TODO: replace hardcoded CONSOLE - class is used by XMLRPC and users/
|
||||||
|
Reference in New Issue
Block a user