webapp/postfixadmin
1
0
Fork 0
mirror of https://github.com/postfixadmin/postfixadmin.git synced 2025-08-07 17:42:53 +03:00
Code Activity

functions.inc.php: fix escape_string to handle arrays, move magic_quotes stuff to common.php; add flash message stuff (See also header.php)

Browse Source 
git-svn-id: https://svn.code.sf.net/p/postfixadmin/code/trunk@101 a1433add-5e2c-0410-b055-b7f2511e0802
This commit is contained in:
David Goodwin
2007-09-28 19:27:51 +00:00
parent 9c0a7f4ad3
commit b15d558c81
1 changed files with 76 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

94
functions.inc.php
View File

@@ -98,6 +98,39 @@ function authentication_is_user() {
} }
/**
* Add an error message for display on the next page that is rendered.
* @param String message to show.
*
* Stores string in session. Flushed through header template.
* @see _flash_string()
*/
function flash_error($string) {
_flash_string('error', $string);
}
/**
* Used to display an info message on successful update.
* @param String $string
* Stores data in sessio.
* @see _flash_string()
*/
function flash_info($string) {
_flash_string('info', $string);
}
/**
* 'Private' method used for flash_info() and flash_error().
*/
function _flash_string($type, $string) {
if(!isset($_SESSION['flash'])) {
$_SESSION['flash'] = array();
}
if(!isset($_SESSION['flash'][$type])) {
$_SESSION['flash'][$type] = array();
}
$_SESSION['flash'][$type][] = $string;
}
// //
// check_language // check_language
// Action: checks what language the browser uses // Action: checks what language the browser uses
@@ -232,16 +265,26 @@ function check_email ($email)
// /**
// escape_string * Clean a string, escaping any meta characters that could be
// Action: Escape a string * used to disrupt an SQL string. i.e. "'" => "\'" etc.
// Call: escape_string (string string) *
// * @param String (or Array)
(ini_get('magic_quotes_gpc') ? ini_set('magic_quotes_runtime', '0') : '1'); * @return String (or Array) of cleaned data, suitable for use within an SQL
(ini_get('magic_quotes_gpc') ? ini_set('magic_quotes_sybase', '0') : '1'); * statement.
*/
function escape_string ($string) function escape_string ($string)
{ {
global $CONF; global $CONF;
// if the string is actually an array, do a recursive cleaning.
// Note, the array keys are not cleaned.
if(is_array($string)) {
$clean = array();
foreach($string as $row) {
$clean[] = escape_string($row);
}
return $clean;
}
if (get_magic_quotes_gpc ()) if (get_magic_quotes_gpc ())
{ {
$string = stripslashes($string); $string = stripslashes($string);
@@ -619,23 +662,38 @@ function check_alias_owner ($username, $alias)
} }
/**
// * List domains for an admin user. If $username is empty, it returns all
// list_domains_for_admin * available damains for a user.
// Action: Lists all the domains for an admin. * Otherwise, it returns only those domains for a particular user.
// Call: list_domains_for_admin (string admin) * @param String $username
// * @return array of domain names.
*/
function list_domains_for_admin ($username) function list_domains_for_admin ($username)
{ {
global $CONF; global $CONF;
global $table_domain, $table_domain_admins; global $table_domain, $table_domain_admins;
$list = array (); $list = array ();
$query = "SELECT $table_domain.domain FROM $table_domain LEFT JOIN $table_domain_admins ON $table_domain.domain=$table_domain_admins.domain WHERE $table_domain_admins.username='$username' AND $table_domain.active='1' AND $table_domain.backupmx='0' ORDER BY $table_domain_admins.domain"; $username_sql = '';
if ('pgsql'==$CONF['database_type']) $active_sql = db_get_boolean(True);
{ $backupmx_sql = db_get_boolean(False);
$query = "SELECT $table_domain.domain FROM $table_domain LEFT JOIN $table_domain_admins ON $table_domain.domain=$table_domain_admins.domain WHERE $table_domain_admins.username='$username' AND $table_domain.active=true AND $table_domain.backupmx=false ORDER BY $table_domain_admins.domain"; if($username != '') {
$query = "SELECT $table_domain.domain, $table_domain_admins.username FROM $table_domain
LEFT JOIN $table_domain_admins ON $table_domain.domain=$table_domain_admins.domain
WHERE $table_domain_admins.username='$username'
AND $table_domain.active=$active_sql
AND $table_domain.backupmx=$backupmx_sql
ORDER BY $table_domain_admins.domain";
} }
else {
$query = "SELECT $table_domain.domain FROM $table_domain
LEFT JOIN $table_domain_admins ON $table_domain.domain=$table_domain_admins.domain
WHERE $table_domain.active=$active_sql
AND $table_domain.backupmx=$backupmx_sql
ORDER BY $table_domain_admins.domain";
}
$result = db_query ($query); $result = db_query ($query);
if ($result['rows'] > 0) if ($result['rows'] > 0)
{ {
@@ -1233,7 +1291,7 @@ function db_connect ()
if (function_exists ("pg_pconnect")) if (function_exists ("pg_pconnect"))
{ {
$connect_string = "host=" . $CONF['database_host'] . " dbname=" . $CONF['database_name'] . " user=" . $CONF['database_user'] . " password=" . $CONF['database_password']; $connect_string = "host=" . $CONF['database_host'] . " dbname=" . $CONF['database_name'] . " user=" . $CONF['database_user'] . " password=" . $CONF['database_password'];
$link = @pg_pconnect ($connect_string) or die ("<p />DEBUG INFORMATION:<br />Connect: " . pg_last_error($link) . "$DEBUG_TEXT"); $link = @pg_pconnect ($connect_string) or die ("<p />DEBUG INFORMATION:<br />Connect: failed to connect to database. $DEBUG_TEXT");
pg_set_client_encoding($link, 'UNICODE'); pg_set_client_encoding($link, 'UNICODE');
} }
else else