kienan
/
AlternC
mirror of https://github.com/kienanstewart/AlternC.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge branch 'pdo_migration' into 20160515-secu 

Conflicts:
	bureau/class/config.php
	bureau/class/db_mysql.php
	bureau/class/m_action.php
	bureau/class/m_variables.php
This commit is contained in:
Emmanuel Monbroussou 2016-05-17 15:10:37 +02:00
parent 28f09e31e1 0dc8c4c71a
commit bc5c8f7e34
6 changed files with 344 additions and 476 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
bureau/class/config.php
View File

@ -114,34 +114,24 @@ require_once($root . "/class/db_mysql.php");
require_once($root . "/class/functions.php"); require_once($root . "/class/functions.php");
require_once($root . "/class/variables.php"); require_once($root . "/class/variables.php");
// child class of the phplib parent DB class
// Classe h<>rit<69>e de la classe db de la phplib.
/** /**
* Class for MySQL management in the bureau * Class for MySQL management in the bureau
* *
* This class heriting from the db class of the phplib manages * This class heriting from the db class of the phplib manages
* the connection to the MySQL database. * the connection to the MySQL database.
*/ */
class DB_system extends DB_Sql { class DB_system extends DB_Sql {
function __construct() {
var $Host = null; global $L_MYSQL_HOST,$L_MYSQL_DATABASE,$L_MYSQL_LOGIN,$L_MYSQL_PWD;
var $Database = null; parent::__construct($L_MYSQL_DATABASE, $L_MYSQL_HOST, $L_MYSQL_LOGIN, $L_MYSQL_PWD);
var $User = null;
var $Password = null;
/**
* Creator
*/
function DB_system() {
global $L_MYSQL_HOST, $L_MYSQL_DATABASE, $L_MYSQL_LOGIN, $L_MYSQL_PWD;
$this->Host = $L_MYSQL_HOST;
$this->Database = $L_MYSQL_DATABASE;
$this->User = $L_MYSQL_LOGIN;
$this->Password = $L_MYSQL_PWD;
} }
} }
$db = new DB_system(); $db = new DB_system();
// $db = new Sql($L_MYSQL_DATABASE, $L_MYSQL_HOST, $L_MYSQL_LOGIN, $L_MYSQL_PWD);
// https: Redirection if not calling https://!fqdn or if https is forced // https: Redirection if not calling https://!fqdn or if https is forced
if ((variable_get('force_https', '0', "This variable is set to 0 (default) if users can access the management desktop through HTTP, otherwise we force HTTPS")&&(!isset($_SERVER["HTTPS"])|| ($_SERVER["HTTPS"] != "on"))) if ((variable_get('force_https', '0', "This variable is set to 0 (default) if users can access the management desktop through HTTP, otherwise we force HTTPS")&&(!isset($_SERVER["HTTPS"])|| ($_SERVER["HTTPS"] != "on")))

408
bureau/class/db_mysql.php
View File

@ -1,65 +1,58 @@
<?php <?php
/** /**
* Session Management for PHP3 * Mysql Database class
* *
* Copyright (c) 1998-2000 NetUSE AG * François - aka fser - Serman
* Boris Erdmann, Kristian Koehntopp
*
* $Id: db_mysql.php,v 1.3 2005/03/05 16:27:30 said Exp $
* *
* 2014/06/24
*/ */
class DB_Sql {
/* public: connection parameters */
var $Host = ""; class DB_Sql {
var $Database = "";
var $User = ""; /* public: connection parameters */
var $Password = ""; private $Host;
private $Database;
private $User;
private $Password;
/* public: configuration parameters */ /* public: configuration parameters */
var $Auto_Free = 0; ## Set to 1 for automatic mysql_free_result() private $Auto_Free = False; // Set to True for automatic mysql_free_result()
var $Debug = 0; ## Set to 1 for debugging messages. private $Debug = False; // Set to 1 for debugging messages.
var $Halt_On_Error = "no"; ## "yes" (halt with message), "no" (ignore errors quietly), "report" (ignore errror, but spit a warning) private $Halt_On_Error = "no"; // "yes" (halt with message), "no" (ignore errors quietly), "report" (ignore errror, but spit a warning)
var $Seq_Table = "db_sequence"; private $Seq_Table = "db_sequence";
/* public: result array and current row number */ /* public: result array and current row number */
var $Record = array(); public /* FIXME */ $Record = array();
var $Row; private $Row = 0;
var $num_rows; private $num_rows;
/* public: current error number and error text */ /* public: current error number and error text */
var $Errno = 0; private $Errno;
var $Error = ""; private $Error;
/* public: this is an api revision, not a CVS revision. */
var $type = "mysql";
var $revision = "1.2";
/* private: link and query handles */ /* private: link and query handles */
var $Link_ID = 0; private $Query_String;
var $Query_ID = 0;
var $Query_String = "";
/* PDO related variables */
private $pdo_instance = NULL;
private $pdo_query = NULL;
/** /**
* Constructor * Constructor
*/ */
function DB_Sql($query = "") { function __construct($db, $host, $user, $passwd) {
$this->query($query);
}
/** $dsn = sprintf('mysql:dbname=%s;host=%s', $db, $host);
* @return resource class variable Link_ID
*/
function link_id() {
return $this->Link_ID;
}
/** try {
* @return integer class variable Query_ID $this->pdo_instance = new PDO($dsn, $user, $passwd);
*/ } catch (PDOException $e) {
function query_id() { echo "Mysql", "PDO instance", $e->getMessage();
return $this->Query_ID; return FALSE;
}
} }
/** /**
@ -75,42 +68,30 @@ class DB_Sql {
* @return the class variable $Link_ID * @return the class variable $Link_ID
*/ */
function connect($Database = "", $Host = "", $User = "", $Password = "") { function connect($Database = "", $Host = "", $User = "", $Password = "") {
global $err;
$this->halt('Mysql::connect() : This function should no longer be used');
/* Handle defaults */ /* Handle defaults */
if ("" == $Database) { if ("" == $Database)
$Database = $this->Database; $Database = $this->Database;
} if ("" == $Host)
if ("" == $Host) {
$Host = $this->Host; $Host = $this->Host;
} if ("" == $User)
if ("" == $User) {
$User = $this->User; $User = $this->User;
} if ("" == $Password)
if ("" == $Password) {
$Password = $this->Password; $Password = $this->Password;
}
/* establish connection, select database */ if (!$this->pdo_instance) {
if (0 == $this->Link_ID) { $dsn = sprintf('mysql:dbname=%s;host=%s', $Database, $Host);
$this->Link_ID = mysql_pconnect($Host, $User, $Password); try {
if (!$this->Link_ID) { $this->pdo_instance = new PDO($dsn, $User, $Password);
$this->halt("pconnect($Host, $User, \$Password) failed."); } catch (PDOException $e) {
return 0; $this->halt("Mysql::PDO_instance" . $e->getMessage());
} return FALSE;
if (!@mysql_select_db($Database, $this->Link_ID)) {
$this->halt("cannot use database " . $this->Database);
return 0;
} }
} }
//persistent connection don't conserve database selection return True;
//if needed do a correct database selection
$db_connected = @mysql_fetch_array(@mysql_query("SELECT DATABASE();", $this->Link_ID));
if ($db_connected[0] != $this->Database)
mysql_select_db($Database, $this->Link_ID);
return $this->Link_ID;
} }
/** /**
@ -119,69 +100,62 @@ class DB_Sql {
* This function discards the last query result. * This function discards the last query result.
*/ */
function free() { function free() {
@mysql_free_result($this->Query_ID); $this->pdo_query->closeCursor();
$this->Query_ID = 0;
} }
function is_connected() {
return $this->pdo_instance != FALSE;
}
function last_error() {
return $this->Error;
}
/** /**
* Perform a query * Perform a query
* *
* This function performs the MySQL query described in the string parameter * This function performs the MySQL query described in the string parameter
* *
* @param a string describing the MySQL query * @param a string describing the MySQL query
* @param arguments is an optionnal array for future use with PDO parametrized requests
* @return the $Query_ID class variable (null if fails) * @return the $Query_ID class variable (null if fails)
*/ */
function query($Query_String) { function query($Query_String, $arguments = False) {
global $debug_alternc; global $debug_alternc;
/* No empty queries, please, since PHP4 chokes on them. */ if (empty($Query_String) || !$this->is_connected())
if ($Query_String == "") { return FALSE;
/* The empty query string is passed on from the constructor,
* when calling the class without a query, e.g. in situations
* like these: '$db = new DB_Sql_Subclass;'
*/
return 0;
}
if (!$this->connect()) {
return 0; /* we already complained in connect() about that. */
}
# New query, discard previous result.
if ($this->Query_ID) {
$this->free();
$this->Query_String = $Query_String; $this->Query_String = $Query_String;
} if ($this->Debug)
if ($this->Debug) {
printf("Debug: query = %s<br />\n", $Query_String); printf("Debug: query = %s<br />\n", $Query_String);
}
$debug_chrono_start = microtime(true); $debug_chrono_start = microtime(true);
$this->Query_ID = @mysql_query($Query_String, $this->Link_ID);
$debug_chrono_start = (microtime(true) - $debug_chrono_start) * 1000; $this->pdo_query = $this->pdo_instance->prepare($this->Query_String);
$exec_state = ($arguments) ? $this->pdo_query->execute($arguments)
: $this->pdo_query->execute();
$debug_chrono_start = (microtime(true) - $debug_chrono_start)*1000;
$this->Row = 0; $this->Row = 0;
$this->Errno = mysql_errno();
$this->Error = mysql_error(); if ($exec_state == FALSE) {
if (0 != $this->Errno) { $this->Errno = $this->pdo_query->errorCode();
if (defined("THROW_EXCEPTIONS") && THROW_EXCEPTIONS) { $this->Error = $this->pdo_query->errorInfo();
if( defined("THROW_EXCEPTIONS") && THROW_EXCEPTIONS ){
throw new \Exception("Mysql query failed : $this->Error"); throw new \Exception("Mysql query failed : $this->Error");
} }
$this->halt("SQL Error: " . $Query_String); $this->halt("SQL Error: ".$Query_String);
return FALSE; return FALSE;
} }
if (!$this->Query_ID) {
$this->halt("Invalid SQL: " . $Query_String);
}
if (isset($debug_alternc)) { if (isset($debug_alternc)) {
$debug_alternc->add("SQL Query : (" . substr($debug_chrono_start, 0, 5) . " ms)\t $Query_String"); $debug_alternc->add("SQL Query : (".substr($debug_chrono_start,0,5)." ms)\t $Query_String");
$debug_alternc->nb_sql_query++; $debug_alternc->nb_sql_query++;
$debug_alternc->tps_sql_query += $debug_chrono_start; $debug_alternc->tps_sql_query += $debug_chrono_start;
} }
# Will return nada if it fails. That's fine. return TRUE;
return $this->Query_ID;
} }
/** /**
@ -193,96 +167,79 @@ class DB_Sql {
* @return TRUE if a new record is available * @return TRUE if a new record is available
*/ */
function next_record() { function next_record() {
if (!$this->Query_ID) { if (!$this->pdo_query) {
$this->halt("next_record called with no query pending."); $this->halt("next_record called with no query pending.");
return 0; return FALSE;
} }
$this->Record = @mysql_fetch_array($this->Query_ID); $this->Record = $this->pdo_query->fetch(PDO::FETCH_BOTH);
$this->Row += 1; $this->Row++;
$this->Errno = mysql_errno(); $this->Errno = $this->pdo_query->errorCode();
$this->Error = mysql_error(); $this->Error = $this->pdo_query->errorInfo();
$stat = is_array($this->Record); if ($this->Record == FALSE) {
if (!$stat && $this->Auto_Free) { if ($this->Auto_Free)
$this->free(); $this->free();
} return FALSE;
return $stat;
} }
/** return TRUE;
*
* public: position in result set
*/
function seek($pos = 0) {
$status = @mysql_data_seek($this->Query_ID, $pos);
if ($status) {
$this->Row = $pos;
} else {
$this->halt("seek($pos) failed: result has " . $this->num_rows() . " rows");
/* half assed attempt to save the day,
* but do not consider this documented or even
* desireable behaviour.
*/
@mysql_data_seek($this->Query_ID, $this->num_rows());
$this->Row = $this->num_rows;
return 0;
} }
return 1; /* public: table locking */
} function lock($table, $mode="write") {
if (!$this->is_connected())
return FALSE;
/** public: table locking */ $query="lock tables ";
function lock($table, $mode = "write") {
$this->connect();
$query = "lock tables ";
if (is_array($table)) { if (is_array($table)) {
while (list($key, $value) = each($table)) { while (list($key,$value)=each($table)) {
if ($key == "read" && $key != 0) { if ($key=="read" && $key!=0) {
$query.="$value read, "; $query.="$value read, ";
} else { } else {
$query.="$value $mode, "; $query.="$value $mode, ";
} }
} }
$query = substr($query, 0, -2); $query=substr($query,0,-2);
} else { } else {
$query.="$table $mode"; $query.="$table $mode";
} }
$res = @mysql_query($query, $this->Link_ID);
if (!$res) {
if (!$this->query($query)) {
$this->halt("lock($table, $mode) failed."); $this->halt("lock($table, $mode) failed.");
return 0; return FALSE;
} }
return $res;
return TRUE;
} }
function unlock() { function unlock() {
$this->connect(); if (!$this->is_connected())
return FALSE;
$res = @mysql_query("unlock tables", $this->Link_ID); if (!$this->query('unlock tables')) {
if (!$res) {
$this->halt("unlock() failed."); $this->halt("unlock() failed.");
return 0; return FALSE;
} }
return $res;
} }
/** public: evaluate the result (size, width) */
/* public: evaluate the result (size, width) */
function affected_rows() { function affected_rows() {
return @mysql_affected_rows($this->Link_ID); return $this->pdo_query->rowCount();
} }
function num_rows() { function num_rows() {
return @mysql_num_rows($this->Query_ID); return $this->pdo_query->rowCount();
} }
function num_fields() { function num_fields() {
return @mysql_num_fields($this->Query_ID); return $this->pdo_query->columnCount();
} }
/** public: shorthand notation */ /* public: shorthand notation */
function nf() { function nf() {
return $this->num_rows(); return $this->num_rows();
} }
@ -302,147 +259,92 @@ class DB_Sql {
return false; return false;
} }
function current_record() {
return $this->Record;
}
function p($Name) { function p($Name) {
print $this->Record[$Name]; print $this->Record[$Name];
} }
function lastid() { function lastid() {
return @mysql_insert_id($this->Link_ID); return $this->pdo_instance->lastInsertId();
} }
/** public: sequence numbers */ /* public: sequence numbers */
function nextid($seq_name) { function nextid($seq_name) {
$this->connect(); if (!$this->is_connected())
return FALSE;
if ($this->lock($this->Seq_Table)) { if ($this->lock($this->Seq_Table)) {
/* get sequence number (locked) and increment */ /* get sequence number (locked) and increment */
$q = sprintf("select nextid from %s where seq_name = '%s'", $this->Seq_Table, $seq_name); $q = sprintf("select nextid from %s where seq_name = '%s'",
$id = @mysql_query($q, $this->Link_ID); $this->Seq_Table,
$res = @mysql_fetch_array($id); $seq_name);
$this->query($q);
$this->next_record();
$id = $this->f('nextid');
/* No current value, make one */ /* No current value, make one */
if (!is_array($res)) { if (!$id) {
$currentid = 0; $currentid = 0;
$q = sprintf("insert into %s values('%s', %s)", $this->Seq_Table, $seq_name, $currentid); $q = sprintf("insert into %s values('%s', %s)",
@mysql_query($q, $this->Link_ID); $this->Seq_Table,
$seq_name,
$currentid);
$this->query($q);
} else { } else {
$currentid = $res["nextid"]; $currentid = $id;
} }
$nextid = $currentid + 1; $nextid = $currentid + 1;
$q = sprintf("update %s set nextid = '%s' where seq_name = '%s'", $this->Seq_Table, $nextid, $seq_name); $q = sprintf("update %s set nextid = '%s' where seq_name = '%s'",
@mysql_query($q, $this->Link_ID); $this->Seq_Table,
$nextid,
$seq_name);
$this->query($q);
$this->unlock(); $this->unlock();
} else { } else {
$this->halt("cannot lock " . $this->Seq_Table . " - has it been created?"); $this->halt("cannot lock ".$this->Seq_Table." - has it been created?");
return 0; return FALSE;
} }
return $nextid; return $nextid;
} }
/** public: return table metadata */ /* public: return table metadata */
function metadata($table = '', $full = false) { function metadata($table='',$full=false) {
$res = array(); global $err;
$err->raise('Mysql', 'function is no longer implemented (metadata())');
/* return FALSE;
* Due to compatibility problems with Table we changed the behavior
* of metadata();
* depending on $full, metadata returns the following values:
*
* - full is false (default):
* $result[]:
* [0]["table"] table name
* [0]["name"] field name
* [0]["type"] field type
* [0]["len"] field length
* [0]["flags"] field flags
*
* - full is true
* $result[]:
* ["num_fields"] number of metadata records
* [0]["table"] table name
* [0]["name"] field name
* [0]["type"] field type
* [0]["len"] field length
* [0]["flags"] field flags
* ["meta"][field name] index of field named "field name"
* The last one is used, if you have a field name, but no index.
* Test: if (isset($result['meta']['myfield'])) { ...
*/
// if no $table specified, assume that we are working with a query
// result
if ($table) {
$this->connect();
$id = @mysql_list_fields($this->Database, $table);
if (!$id)
$this->halt("Metadata query failed.");
} else {
$id = $this->Query_ID;
if (!$id)
$this->halt("No query specified.");
} }
$count = @mysql_num_fields($id); /* private: error handling */
// made this IF due to performance (one if is faster than $count if's)
if (!$full) {
for ($i = 0; $i < $count; $i++) {
$res[$i]["table"] = @mysql_field_table($id, $i);
$res[$i]["name"] = @mysql_field_name($id, $i);
$res[$i]["type"] = @mysql_field_type($id, $i);
$res[$i]["len"] = @mysql_field_len($id, $i);
$res[$i]["flags"] = @mysql_field_flags($id, $i);
}
} else { // full
$res["num_fields"] = $count;
for ($i = 0; $i < $count; $i++) {
$res[$i]["table"] = @mysql_field_table($id, $i);
$res[$i]["name"] = @mysql_field_name($id, $i);
$res[$i]["type"] = @mysql_field_type($id, $i);
$res[$i]["len"] = @mysql_field_len($id, $i);
$res[$i]["flags"] = @mysql_field_flags($id, $i);
$res["meta"][$res[$i]["name"]] = $i;
}
}
// free the result only if we were called on a table
if ($table) {
@mysql_free_result($id);
}
return $res;
}
/** private: error handling */
function halt($msg) { function halt($msg) {
$this->Error = @mysql_error($this->Link_ID);
$this->Errno = @mysql_errno($this->Link_ID);
if ($this->Halt_On_Error == "no") if ($this->Halt_On_Error == "no")
return; return;
$this->haltmsg($msg); $this->haltmsg($msg);
if ($this->Halt_On_Error != "report") { if ($this->Halt_On_Error != "report")
die("Session halted."); die("Session halted.");
} }
}
function haltmsg($msg) { function haltmsg($msg) {
printf("</td></tr></table><b>Database error:</b> %s<br />\n", $msg); printf("</td></tr></table><b>Database error:</b> %s<br />\n", $msg);
printf("<b>MySQL Error</b>: %s (%s)<br />\n", $this->Errno, $this->Error); printf("<b>MySQL Error</b>: %s (%s)<br />\n",
$this->Errno,
implode("\n", $this->Error));
} }
function table_names() { function table_names() {
$this->query("SHOW TABLES"); $this->query("SHOW TABLES");
$i = 0;
$return = array(); $return = array();
while ($info = mysql_fetch_row($this->Query_ID)) { while ($this->next_record())
$return[$i]["table_name"] = $info[0]; $return[] = array('table_name' => $this->p(0), 'tablespace_name' => $this->Database, 'database' => $this->Database);
$return[$i]["tablespace_name"] = $this->Database;
$return[$i]["database"] = $this->Database;
$i++;
}
return $return; return $return;
} }
} }
?>

40
bureau/class/m_action.php
View File

@ -196,34 +196,20 @@ class m_action {
global $db, $err; global $db, $err;
$err->log("action", "set", $type); $err->log("action", "set", $type);
$serialized = serialize($parameters); $serialized = serialize($parameters);
switch ($type) { $type = strtoupper($type);
case 'chmod': if (in_array($type, array('CHMOD',
$query = "insert into actions values ('','CHMOD','$serialized',now(),'','','$user','');"; 'CREATE_FILE',
break; 'CREATE_DIR',
case 'create_file': 'MOVE',
$query = "insert into actions values ('','CREATE_FILE','$serialized',now(),'','','$user','');"; 'FIX_USER',
break; 'FIX_FILE',
case 'create_dir': 'FIX_DIR',
$query = "insert into actions values ('','CREATE_DIR','$serialized',now(),'','','$user','');"; 'DELETE'))) {
break; $query = "INSERT INTO `actions` (type, parameters, creation, user) VALUES('$type', '$serialized', now(), '$user');";
case 'move': } else {
$query = "insert into actions values ('','MOVE','$serialized',now(),'','','$user','');"; return False;
break;
case 'fix_user':
$query = "insert into actions values ('','FIX_USER','$serialized',now(),'','','$user','');";
break;
case 'fix_file':
$query = "insert into actions values ('','FIX_FILE','$serialized',now(),'','','$user','');";
break;
case 'fix_dir':
$query = "insert into actions values ('','FIX_DIR','$serialized',now(),'','','$user','');";
break;
case 'delete':
$query = "insert into actions values ('','DELETE','$serialized',now(),'','','$user','');";
break;
default:
return false;
} }
if (!$db->query($query)) { if (!$db->query($query)) {
$err->raise("action", _("Error setting actions")); $err->raise("action", _("Error setting actions"));
return false; return false;

17
phpunit/bootstrap.php
View File

@ -1,5 +1,4 @@
<?php <?php
// ***************************************************************************** // *****************************************************************************
// //
// Alternc bootstrapping // Alternc bootstrapping
@ -120,20 +119,11 @@ foreach ($mysqlConfigFile as $line) {
* the connection to the MySQL database. * the connection to the MySQL database.
*/ */
class DB_system extends DB_Sql { class DB_system extends DB_Sql {
var $Host,$Database,$User,$Password; function __construct($database, $user, $password) {
/** parent::__construct($database, '127.0.0.1', $user, $password);
* Constructor
*/
function DB_system($user,$database,$password) {
global $L_MYSQL_HOST,$L_MYSQL_DATABASE,$L_MYSQL_LOGIN,$L_MYSQL_PWD;
$this->Host = "127.0.0.1";
$this->Database = $database;
$this->User = $user;
$this->Password = $password;
} }
} }
// Creates database from schema // Creates database from schema
// ********************************************* // *********************************************
@ -151,8 +141,7 @@ foreach ($queryList as $exec_command) {
} }
echo "*** In progress: mysql.sql imported\n"; echo "*** In progress: mysql.sql imported\n";
$db = new \DB_system($user,$database,$password); $db = new \DB_system($database, $user, $password);
$db->connect();
$cuid = 0; $cuid = 0;
$variables = new \m_variables(); $variables = new \m_variables();
$mem = new \m_mem(); $mem = new \m_mem();

2
phpunit/phpunit.xml
View File

@ -1,4 +1,4 @@
<phpunit <phpunit backupGlobals="false"
bootstrap="bootstrap.php" bootstrap="bootstrap.php"
> >
<testsuites> <testsuites>

1
phpunit/tests/bureau/class/m_actionTest.php
View File

@ -64,6 +64,7 @@ class m_actionTest extends AlterncTest {
*/ */
public function testDo_action() { public function testDo_action() {
global $L_INOTIFY_DO_ACTION; global $L_INOTIFY_DO_ACTION;
file_put_contents("/tmp/log_fser", "hello world from fser");
$result = $this->object->do_action(); $result = $this->object->do_action();
$this->assertTrue($result); $this->assertTrue($result);
$this->assertFileExists($L_INOTIFY_DO_ACTION); $this->assertFileExists($L_INOTIFY_DO_ACTION);