From 8500be3f1ba7bcab6b8523507e74a132df58d925 Mon Sep 17 00:00:00 2001
From: tbrehm <t.brehm@ispconfig.org>
Date: Thu, 18 Sep 2008 10:25:41 +0000
Subject: [PATCH] - Changed addslashes to mysql_real_escape_string in several
files. - Updated Debian installation instructions.
---
INSTALL_DEBIAN.txt | 2 +-
install/lib/installer_base.lib.php | 2 +-
install/lib/mysql.lib.php | 2 +-
install/sql/ispconfig3.sql | 44 ++
install/update.php | 2 +-
interface/lib/classes/db_mysql.inc.php | 10 +-
interface/lib/classes/form.inc.php | 4 +-
interface/lib/classes/listform.inc.php | 4 +-
interface/lib/classes/remoting_lib.inc.php | 6 +-
interface/lib/classes/searchform.inc.php | 700 +++++++++---------
interface/lib/classes/tform.inc.php | 22 +-
interface/web/client/client_edit.php | 16 +-
interface/web/mail/mail_domain_edit.php | 20 +-
interface/web/mail/mail_get_edit.php | 2 +-
interface/web/mail/mail_user_edit.php | 8 +-
interface/web/mail/mail_user_filter_del.php | 2 +-
interface/web/mail/mail_user_filter_edit.php | 2 +-
server/lib/classes/db_mysql.inc.php | 7 +-
.../mysql_clientdb_plugin.inc.php | 22 +-
19 files changed, 471 insertions(+), 406 deletions(-)
diff --git a/INSTALL_DEBIAN.txt b/INSTALL_DEBIAN.txt
index ae2e1b04eb..ed53cff9d6 100644
--- a/INSTALL_DEBIAN.txt
+++ b/INSTALL_DEBIAN.txt
@@ -5,7 +5,7 @@ It is recommended to use a clean (fresh) Debian etch install where you just sele
1) Install Postfix, Courier, Saslauthd, MySQL, phpMyAdmin with the following command line (on one line!):
-apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl postfix-tls libsasl2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl courier-maildrop getmail4
+apt-get install postfix postfix-mysql postfix-doc mysql-client mysql-server courier-authdaemon courier-authlib-mysql courier-pop courier-pop-ssl courier-imap courier-imap-ssl libsasl2 libsasl2-modules libsasl2-modules-sql sasl2-bin libpam-mysql openssl courier-maildrop getmail4
Answer the questions from the package manager as follows.
diff --git a/install/lib/installer_base.lib.php b/install/lib/installer_base.lib.php
index 3ca35b4508..c1780d91be 100644
--- a/install/lib/installer_base.lib.php
+++ b/install/lib/installer_base.lib.php
@@ -177,7 +177,7 @@ class installer_base {
$this->db->dbName = $cf['database'];
$server_ini_content = rf("tpl/server.ini.master");
- $server_ini_content = addslashes($server_ini_content);
+ $server_ini_content = mysql_real_escape_string($server_ini_content);
$sql = "INSERT INTO `server` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_name`, `mail_server`, `web_server`, `dns_server`, `file_server`, `db_server`, `vserver_server`, `config`, `updated`, `active`) VALUES (1, 1, 'riud', 'riud', 'r', '".$conf['hostname']."', 1, 1, 1, 1, 1, 1, '$server_ini_content', 0, 1);";
$this->db->query($sql);
diff --git a/install/lib/mysql.lib.php b/install/lib/mysql.lib.php
index eac33e5924..e24fcc65d9 100644
--- a/install/lib/mysql.lib.php
+++ b/install/lib/mysql.lib.php
@@ -171,7 +171,7 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// Check der variablen
function quote($formfield)
{
- return addslashes($formfield);
+ return mysql_real_escape_string($formfield);
}
// Check der variablen
diff --git a/install/sql/ispconfig3.sql b/install/sql/ispconfig3.sql
index 40c2c75fd0..67cad8402f 100644
--- a/install/sql/ispconfig3.sql
+++ b/install/sql/ispconfig3.sql
@@ -608,6 +608,50 @@ CREATE TABLE `shell_user` (
-- --------------------------------------------------------
+--
+-- Tabellenstruktur für Tabelle `software_repo`
+--
+
+CREATE TABLE `software_repo` (
+ `software_repo_id` bigint(20) NOT NULL auto_increment,
+ `sys_userid` int(11) NOT NULL default '0',
+ `sys_groupid` int(11) NOT NULL default '0',
+ `sys_perm_user` varchar(5) default NULL,
+ `sys_perm_group` varchar(5) default NULL,
+ `sys_perm_other` varchar(5) default NULL,
+ `repo_name` varchar(40) default NULL,
+ `repo_url` varchar(40) default NULL,
+ `repo_username` varchar(30) default NULL,
+ `repo_password` varchar(30) default NULL,
+ `active` varchar(255) NOT NULL default 'y',
+ PRIMARY KEY (`software_repo_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
+
+-- --------------------------------------------------------
+
+--
+-- Tabellenstruktur für Tabelle `software_update`
+--
+
+CREATE TABLE `software_update` (
+ `software_update_id` int(11) NOT NULL auto_increment,
+ `software_repo_id` int(11) NOT NULL,
+ `update_url` varchar(255) NOT NULL,
+ `update_md5` varchar(255) NOT NULL,
+ `install` char(1) NOT NULL,
+ `depenencies` varchar(255) NOT NULL,
+ `update_title` varchar(255) NOT NULL,
+ PRIMARY KEY (`software_update_id`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;
+
+--
+-- Daten für Tabelle `software_update`
+--
+
+
+-- --------------------------------------------------------
+
+
--
-- Tabellenstruktur für Tabelle `spamfilter_policy`
--
diff --git a/install/update.php b/install/update.php
index 2a0054e5ab..3200a6d3a4 100644
--- a/install/update.php
+++ b/install/update.php
@@ -157,7 +157,7 @@ foreach($old_ini_array as $tmp_section_name => $tmp_section_content) {
}
$new_ini = array_to_ini($tpl_ini_array);
-$inst->db->query("UPDATE server SET config = '".addslashes($new_ini)."' WHERE server_id = ".$conf['server_id']);
+$inst->db->query("UPDATE server SET config = '".mysql_real_escape_string($new_ini)."' WHERE server_id = ".$conf['server_id']);
unset($old_ini_array);
unset($tpl_ini_array);
unset($new_ini);
diff --git a/interface/lib/classes/db_mysql.inc.php b/interface/lib/classes/db_mysql.inc.php
index eaa57b0cab..ca3b38cf38 100644
--- a/interface/lib/classes/db_mysql.inc.php
+++ b/interface/lib/classes/db_mysql.inc.php
@@ -160,10 +160,14 @@ class db
return $this->quote($formfield);
}
- /** Escapes quotes in variable. addslashes() */
+ /** Escapes quotes in variable. mysql_real_escape_string() */
public function quote($formfield)
- {
- return addslashes($formfield);
+ {
+ if(!$this->connect()){
+ $this->updateError('WARNING: mysql_connect: Used addslashes instead of mysql_real_escape_string');
+ return addslashes($formfield);
+ }
+ return mysql_real_escape_string($formfield, $this->linkId);
}
/** Unquotes a variable, strip_slashes() */
diff --git a/interface/lib/classes/form.inc.php b/interface/lib/classes/form.inc.php
index c45936a63f..6c3d0ccbc0 100644
--- a/interface/lib/classes/form.inc.php
+++ b/interface/lib/classes/form.inc.php
@@ -293,7 +293,7 @@ class form {
switch ($this->tableDef[$key]['datatype']) {
case 'VARCHAR':
if(!is_array($val)) {
- $new_record[$key] = addslashes($val);
+ $new_record[$key] = mysql_real_escape_string($val);
} else {
$new_record[$key] = implode($this->tableDef[$key]['separator'],$val);
}
@@ -308,7 +308,7 @@ class form {
$new_record[$key] = intval($val);
break;
case 'DOUBLE':
- $new_record[$key] = addslashes($val);
+ $new_record[$key] = mysql_real_escape_string($val);
break;
case 'CURRENCY':
$new_record[$key] = str_replace(",",".",$val);
diff --git a/interface/lib/classes/listform.inc.php b/interface/lib/classes/listform.inc.php
index dae026980f..ca3b97db91 100644
--- a/interface/lib/classes/listform.inc.php
+++ b/interface/lib/classes/listform.inc.php
@@ -312,7 +312,7 @@ class listform {
case 'VARCHAR':
case 'TEXT':
if(!is_array($record[$key])) {
- $record[$key] = addslashes($record[$key]);
+ $record[$key] = mysql_real_escape_string($record[$key]);
} else {
$record[$key] = implode($this->tableDef[$key]['separator'],$record[$key]);
}
@@ -330,7 +330,7 @@ class listform {
break;
case 'DOUBLE':
- $record[$key] = addslashes($record[$key]);
+ $record[$key] = mysql_real_escape_string($record[$key]);
break;
case 'CURRENCY':
diff --git a/interface/lib/classes/remoting_lib.inc.php b/interface/lib/classes/remoting_lib.inc.php
index 0ba041469a..eca27ad0f0 100644
--- a/interface/lib/classes/remoting_lib.inc.php
+++ b/interface/lib/classes/remoting_lib.inc.php
@@ -291,14 +291,14 @@ class remoting_lib {
switch ($field['datatype']) {
case 'VARCHAR':
if(!@is_array($record[$key])) {
- $new_record[$key] = (isset($record[$key]))?addslashes($record[$key]):'';
+ $new_record[$key] = (isset($record[$key]))?mysql_real_escape_string($record[$key]):'';
} else {
$new_record[$key] = implode($field['separator'],$record[$key]);
}
break;
case 'TEXT':
if(!is_array($record[$key])) {
- $new_record[$key] = addslashes($record[$key]);
+ $new_record[$key] = mysql_real_escape_string($record[$key]);
} else {
$new_record[$key] = implode($field['separator'],$record[$key]);
}
@@ -317,7 +317,7 @@ class remoting_lib {
//if($key == 'refresh') die($record[$key]);
break;
case 'DOUBLE':
- $new_record[$key] = addslashes($record[$key]);
+ $new_record[$key] = mysql_real_escape_string($record[$key]);
break;
case 'CURRENCY':
$new_record[$key] = str_replace(",",".",$record[$key]);
diff --git a/interface/lib/classes/searchform.inc.php b/interface/lib/classes/searchform.inc.php
index 7711cca2d8..25a941293d 100644
--- a/interface/lib/classes/searchform.inc.php
+++ b/interface/lib/classes/searchform.inc.php
@@ -1,351 +1,351 @@
-<?php
-
-/*
-Copyright (c) 2005, Till Brehm, projektfarm Gmbh
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without modification,
-are permitted provided that the following conditions are met:
-
- * Redistributions of source code must retain the above copyright notice,
- this list of conditions and the following disclaimer.
- * Redistributions in binary form must reproduce the above copyright notice,
- this list of conditions and the following disclaimer in the documentation
- and/or other materials provided with the distribution.
- * Neither the name of ISPConfig nor the names of its contributors
- may be used to endorse or promote products derived from this software without
- specific prior written permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
-ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
-IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
-INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
-OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
-EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-*/
-
-/**
-* Listenbehandlung
-*
-* @package searchform
-* @author Till Brehm
-* @version 1.1
-*/
-
-class searchform {
-
- public $debug = 0;
- public $errorMessage;
- public $listDef;
- public $searchValues;
- public $pagingHTML;
- public $pagingValues;
- public $searchChanged = 0;
- public $module;
-
- public function loadListDef($file, $module = '')
- {
- global $app, $conf;
- if(!is_file($file)){
- die("List-Definition: $file not found.");
- }
- include_once($file);
- $this->listDef = $liste;
- $this->module = $module;
-
- //* Fill datasources
- foreach($this->listDef['item'] as $key => $field) {
- if(is_array($field['datasource'])) {
- $this->listDef['item'][$key]['value'] = $this->getDatasourceData($field);
- }
- }
- return true;
- }
-
- /**
- * Get the key => value array of a form filed from a datasource definitiom
- *
- * @param field = array with field definition
- * @param record = Dataset as array
- * @return key => value array for the value field of a form
- */
-
- public function getDatasourceData($field)
- {
- global $app;
- $values = array();
-
- if($field['datasource']['type'] == 'SQL') {
- //* Preparing SQL string. We will replace some common placeholders
- $querystring = $field['datasource']['querystring'];
- $querystring = str_replace('{USERID}', $_SESSION['s']['user']['userid'], $querystring);
- $querystring = str_replace('{GROUPID}', $_SESSION['s']['user']['default_group'], $querystring);
- $querystring = str_replace('{GROUPS}', $_SESSION['s']['user']['groups'], $querystring);
- $table_idx = $this->formDef['db_table_idx'];
- //$querystring = str_replace('{RECORDID}',$record[$table_idx],$querystring);
- $app->uses('tform');
- $querystring = str_replace('{AUTHSQL}', $app->tform->getAuthSQL('r'), $querystring);
-
- //* Getting the records
- $tmp_records = $app->db->queryAllRecords($querystring);
- if($app->db->errorMessage != ''){
- die($app->db->errorMessage);
- }
- if(is_array($tmp_records)) {
- $key_field = $field['datasource']['keyfield'];
- $value_field = $field['datasource']['valuefield'];
- foreach($tmp_records as $tmp_rec) {
- $values[$tmp_rec[$key_field]] = $tmp_rec[$value_field];
- }
- }
- }
- if($field['datasource']['type'] == 'CUSTOM') {
- //* Calls a custom class to validate this record
- if($field['datasource']['class'] != '' and $field['datasource']['function'] != '') {
- $datasource_class = $field['datasource']['class'];
- $datasource_function = $field['datasource']['function'];
- $app->uses($datasource_class);
- $record = array();
- $values = $app->$datasource_class->$datasource_function($field, $record);
- }else{
- $this->errorMessage .= "Custom datasource class or function is empty<br>\r\n";
- }
- }
- return $values;
- }
-
- public function getSearchSQL($sql_where = '')
- {
- global $db;
-
- //* Config vars
- $list_name = $this->listDef['name'];
- $search_prefix = $this->listDef['search_prefix'];
-
- //* store retrieval query
- foreach($this->listDef['item'] as $i) {
- $field = $i['field'];
-
- //* TODO ? hat sich die suche ge�ndert - has itself search ?
- $ki = $search_prefix.$field;
- if(isset($_REQUEST) and $_REQUEST[$ki] != $_SESSION['search'][$list_name][$ki]){
- $this->searchChanged = 1;
- }
-
- //* suchfield in session store.
- if(isset($_REQUEST[$ki])){
- $_SESSION['search'][$list_name][$ki] = $_REQUEST[$ki];
- }
-
- if($i['formtype'] == 'SELECT'){
- if(is_array($i['value'])) {
- $out = '<option value=""></option>';
- foreach($i['value'] as $k => $v) {
- $selected = ($k == $_SESSION['search'][$list_name][$ki] && $_SESSION['search'][$list_name][$ki] != '') ? ' SELECTED' : '';
- $out .= "<option value='$k'$selected>$v</option>\r\n";
- }
- }
- $this->searchValues[$ki] = $out;
- }else{
- $this->searchValues[$ki] = $_SESSION['search'][$list_name][$ki];
- }
- }
-
- //* store variables in object. $this->searchValues = $_SESSION["search"][$list_name];
- foreach($this->listDef['item'] as $i) {
- $field = $i['field'];
- //if($_REQUEST[$search_prefix.$field] != '') $sql_where .= " $field ".$i["op"]." '".$i["prefix"].$_REQUEST[$search_prefix.$field].$i["suffix"]."' and";
- if($_SESSION['search'][$list_name][$ki] != ''){
- $sql_where .= " $field ".$i['op']." '".$i['prefix'].$_SESSION['search'][$list_name][$ki].$i['suffix']."' and";
- }
- }
- return ($sql_where != '') ? substr($sql_where, 0, -3) : '1';
- }
-
- public function getPagingSQL($sql_where = '1') {
- global $app, $conf;
-
- $list_name = $this->listDef['name'];
- $search_prefix = $this->listDef['search_prefix'];
- $records_per_page = $this->listDef['records_per_page'];
- $table = $this->listDef['table'];
-
- //* set page to seror id session not set
- if($_SESSION['search'][$list_name]['page'] == '') $_SESSION['search'][$list_name]['page'] = 0;
-
- //* Set page size to request if set
- if(isset($_REQUEST['page'])) $_SESSION['search'][$list_name]['page'] = $_REQUEST['page'];
-
- //* TODO PAGE to 0 set, if look for themselves ge?ndert. = page auf 0 setzen, wenn suche sich ge�ndert hat.
- if($this->searchChanged == 1) $_SESSION['search'][$list_name]['page'] = 0;
-
- $sql_von = $_SESSION['search'][$list_name]['page'] * $records_per_page;
- $record_count = $app->db->queryOneRecord("SELECT count(*) AS anzahl FROM $table WHERE $sql_where");
- $pages = intval(($record_count['anzahl'] - 1) / $records_per_page);
-
- $vars['list_file'] = $this->listDef['file'];
- $vars['page'] = $_SESSION['search'][$list_name]['page'];
- $vars['last_page'] = $_SESSION['search'][$list_name]['page'] - 1;
- $vars['next_page'] = $_SESSION['search'][$list_name]['page'] + 1;
- $vars['pages'] = $pages;
- $vars['max_pages'] = $pages + 1;
- $vars['records_gesamt'] = $record_count['anzahl'];
- $vars['page_params'] = $this->listDef['page_params'];
-
- if($_SESSION['search'][$list_name]['page'] > 0) $vars['show_page_back'] = 1;
- if($_SESSION['search'][$list_name]['page'] <= $vars['pages'] - 1) $vars['show_page_next'] = 1;
-
- $this->pagingValues = $vars;
- $this->pagingHTML = $this->getPagingHTML($vars);
-
- return "LIMIT $sql_von, $records_per_page";
- }
-
- public function getPagingHTML($vars) {
- global $app;
- $page_params = $vars['page_params'];
- $list_file = $vars['list_file'];
- $content = '<a href="'.$list_file.'?page=0'.$page_params.'"><img src="../themes/iprg/images/btn_left.png" border="0"></a> ';
- if($vars['show_page_back'] == 1){
- $content .= '<a href="'.$list_file.'?page='.$vars['last_page'].$page_params.'"><img src="../themes/iprg/images/btn_back.png" border="0"></a> ';
- }
- $content .= ' '.$app->lng('Page').' '.$vars['next_page'].' '.$app->lng('of').' '.$vars['max_pages'].' ';
- if($vars['show_page_next'] == 1){
- $content .= '<a href="'.$list_file.'?page='.$vars['next_page'].$page_params.'"><img src="../themes/iprg/images/btn_next.png" border="0"></a> ';
- }
- $content .= '<a href="'.$list_file.'?page='.$vars['pages'].$page_params.'"> <img src="../themes/iprg/images/btn_right.png" border="0"></a>';
- return $content;
- }
-
- public function getPagingHTMLasTXT($vars)
- {
- global $app;
- $page_params = $vars['page_params'];
- $list_file = $vars['list_file'];
- $content = '[<a href="'.$list_file.'?page=0'.$page_params.'">|<< </a>]';
- if($vars['show_page_back'] == 1){
- $content .= '[<< <a href="'.$list_file.'?page='.$vars['last_page'].$page_params.'">'.$app->lng('Back').'</a>] ';
- }
- $content .= ' '.$app->lng('Page').' '.$vars['next_page'].' '.$app->lng('of').' '.$vars['max_pages'].' ';
- if($vars['show_page_next'] == 1){
- $content .= '[<a href="'.$vars['list_file'].'?page='.$vars['next_page'].$page_params.'">'.$app->lng('Next').' >></a>] ';
- }
- $content .= '[<a href="'.$list_file.'?page='.$vars['pages'].$page_params.'"> >>|</a>]';
- return $content;
- }
-
- public function getSortSQL()
- {
- $sort_field = $this->listDef['sort_field'];
- $sort_direction = $this->listDef['sort_direction'];
- return ($sort_field != '' && $sort_direction != '') ? "ORDER BY $sort_field $sort_direction" : '';
- }
-
- public function saveSearchSettings($searchresult_name)
- {
- global $app, $conf;
-
- $list_name = $this->listDef['name'];
- $settings = $_SESSION['search'][$list_name];
- unset($settings['page']);
- $data = addslashes(serialize($settings));
-
- $userid = $_SESSION['s']['user']['userid'];
- $groupid = $_SESSION['s']['user']['default_group'];
- $sys_perm_user = 'riud';
- $sys_perm_group = 'r';
- $sys_perm_other = '';
- $module = $_SESSION['s']['module']['name'];
- $searchform = $this->listDef['name'];
- $title = $searchresult_name;
-
- $sql = 'INSERT INTO `searchform` ( '
- .'`sys_userid` , `sys_groupid` , `sys_perm_user` , `sys_perm_group` , `sys_perm_other` , `module` , `searchform` , `title` , `data` '
- .')VALUES ('
- ."'$userid', '$groupid', '$sys_perm_user', '$sys_perm_group', '$sys_perm_other', '$module', '$searchform', '$title', '$data')";
- $app->db->query($sql);
- }
-
- public function decode($record)
- {
- if(is_array($record)) {
- foreach($this->listDef['item'] as $field) {
- $key = $field['field'];
- switch ($field['datatype'])
- {
- case 'DATE':
- if($val > 0) {
- $record[$key] = date($this->dateformat, $record[$key]);
- }
- break;
-
- case 'INTEGER':
- $record[$key] = intval($record[$key]);
- break;
-
- case 'DOUBLE':
- $record[$key] = $record[$key];
- break;
-
- case 'CURRENCY':
- $record[$key] = number_format($record[$key], 2, ',', '');
- break;
-
-
- case 'VARCHAR':
- case 'TEXT':
- default:
- $record[$key] = stripslashes($record[$key]);
- break;
- }
- }
- }
- return $record;
- }
-
- public function encode($record)
- {
- if(is_array($record)) {
- foreach($this->listDef['item'] as $field) {
- $key = $field['field'];
- switch ($field['datatype'])
- {
- case 'VARCHAR':
- case 'TEXT':
- if(!is_array($record[$key])) {
- $record[$key] = addslashes($record[$key]);
- } else {
- $record[$key] = implode($this->tableDef[$key]['separator'],$record[$key]);
- }
- break;
-
- case 'DATE':
- if($record[$key] > 0) {
- list($tag, $monat, $jahr) = explode('.', $record[$key]);
- $record[$key] = mktime(0, 0, 0, $monat, $tag, $jahr);
- }
- break;
-
- case 'INTEGER':
- $record[$key] = intval($record[$key]);
- break;
-
- case 'DOUBLE':
- $record[$key] = addslashes($record[$key]);
- break;
-
- case 'CURRENCY':
- $record[$key] = str_replace(',', '.', $record[$key]);
- break;
- }
- }
- }
- return $record;
- }
-}
-
+<?php
+
+/*
+Copyright (c) 2005, Till Brehm, projektfarm Gmbh
+All rights reserved.
+
+Redistribution and use in source and binary forms, with or without modification,
+are permitted provided that the following conditions are met:
+
+ * Redistributions of source code must retain the above copyright notice,
+ this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+ * Neither the name of ISPConfig nor the names of its contributors
+ may be used to endorse or promote products derived from this software without
+ specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
+BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
+OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+*/
+
+/**
+* Listenbehandlung
+*
+* @package searchform
+* @author Till Brehm
+* @version 1.1
+*/
+
+class searchform {
+
+ public $debug = 0;
+ public $errorMessage;
+ public $listDef;
+ public $searchValues;
+ public $pagingHTML;
+ public $pagingValues;
+ public $searchChanged = 0;
+ public $module;
+
+ public function loadListDef($file, $module = '')
+ {
+ global $app, $conf;
+ if(!is_file($file)){
+ die("List-Definition: $file not found.");
+ }
+ include_once($file);
+ $this->listDef = $liste;
+ $this->module = $module;
+
+ //* Fill datasources
+ foreach($this->listDef['item'] as $key => $field) {
+ if(is_array($field['datasource'])) {
+ $this->listDef['item'][$key]['value'] = $this->getDatasourceData($field);
+ }
+ }
+ return true;
+ }
+
+ /**
+ * Get the key => value array of a form filed from a datasource definitiom
+ *
+ * @param field = array with field definition
+ * @param record = Dataset as array
+ * @return key => value array for the value field of a form
+ */
+
+ public function getDatasourceData($field)
+ {
+ global $app;
+ $values = array();
+
+ if($field['datasource']['type'] == 'SQL') {
+ //* Preparing SQL string. We will replace some common placeholders
+ $querystring = $field['datasource']['querystring'];
+ $querystring = str_replace('{USERID}', $_SESSION['s']['user']['userid'], $querystring);
+ $querystring = str_replace('{GROUPID}', $_SESSION['s']['user']['default_group'], $querystring);
+ $querystring = str_replace('{GROUPS}', $_SESSION['s']['user']['groups'], $querystring);
+ $table_idx = $this->formDef['db_table_idx'];
+ //$querystring = str_replace('{RECORDID}',$record[$table_idx],$querystring);
+ $app->uses('tform');
+ $querystring = str_replace('{AUTHSQL}', $app->tform->getAuthSQL('r'), $querystring);
+
+ //* Getting the records
+ $tmp_records = $app->db->queryAllRecords($querystring);
+ if($app->db->errorMessage != ''){
+ die($app->db->errorMessage);
+ }
+ if(is_array($tmp_records)) {
+ $key_field = $field['datasource']['keyfield'];
+ $value_field = $field['datasource']['valuefield'];
+ foreach($tmp_records as $tmp_rec) {
+ $values[$tmp_rec[$key_field]] = $tmp_rec[$value_field];
+ }
+ }
+ }
+ if($field['datasource']['type'] == 'CUSTOM') {
+ //* Calls a custom class to validate this record
+ if($field['datasource']['class'] != '' and $field['datasource']['function'] != '') {
+ $datasource_class = $field['datasource']['class'];
+ $datasource_function = $field['datasource']['function'];
+ $app->uses($datasource_class);
+ $record = array();
+ $values = $app->$datasource_class->$datasource_function($field, $record);
+ }else{
+ $this->errorMessage .= "Custom datasource class or function is empty<br>\r\n";
+ }
+ }
+ return $values;
+ }
+
+ public function getSearchSQL($sql_where = '')
+ {
+ global $db;
+
+ //* Config vars
+ $list_name = $this->listDef['name'];
+ $search_prefix = $this->listDef['search_prefix'];
+
+ //* store retrieval query
+ foreach($this->listDef['item'] as $i) {
+ $field = $i['field'];
+
+ //* TODO ? hat sich die suche ge�ndert - has itself search ?
+ $ki = $search_prefix.$field;
+ if(isset($_REQUEST) and $_REQUEST[$ki] != $_SESSION['search'][$list_name][$ki]){
+ $this->searchChanged = 1;
+ }
+
+ //* suchfield in session store.
+ if(isset($_REQUEST[$ki])){
+ $_SESSION['search'][$list_name][$ki] = $_REQUEST[$ki];
+ }
+
+ if($i['formtype'] == 'SELECT'){
+ if(is_array($i['value'])) {
+ $out = '<option value=""></option>';
+ foreach($i['value'] as $k => $v) {
+ $selected = ($k == $_SESSION['search'][$list_name][$ki] && $_SESSION['search'][$list_name][$ki] != '') ? ' SELECTED' : '';
+ $out .= "<option value='$k'$selected>$v</option>\r\n";
+ }
+ }
+ $this->searchValues[$ki] = $out;
+ }else{
+ $this->searchValues[$ki] = $_SESSION['search'][$list_name][$ki];
+ }
+ }
+
+ //* store variables in object. $this->searchValues = $_SESSION["search"][$list_name];
+ foreach($this->listDef['item'] as $i) {
+ $field = $i['field'];
+ //if($_REQUEST[$search_prefix.$field] != '') $sql_where .= " $field ".$i["op"]." '".$i["prefix"].$_REQUEST[$search_prefix.$field].$i["suffix"]."' and";
+ if($_SESSION['search'][$list_name][$ki] != ''){
+ $sql_where .= " $field ".$i['op']." '".$i['prefix'].$_SESSION['search'][$list_name][$ki].$i['suffix']."' and";
+ }
+ }
+ return ($sql_where != '') ? substr($sql_where, 0, -3) : '1';
+ }
+
+ public function getPagingSQL($sql_where = '1') {
+ global $app, $conf;
+
+ $list_name = $this->listDef['name'];
+ $search_prefix = $this->listDef['search_prefix'];
+ $records_per_page = $this->listDef['records_per_page'];
+ $table = $this->listDef['table'];
+
+ //* set page to seror id session not set
+ if($_SESSION['search'][$list_name]['page'] == '') $_SESSION['search'][$list_name]['page'] = 0;
+
+ //* Set page size to request if set
+ if(isset($_REQUEST['page'])) $_SESSION['search'][$list_name]['page'] = $_REQUEST['page'];
+
+ //* TODO PAGE to 0 set, if look for themselves ge?ndert. = page auf 0 setzen, wenn suche sich ge�ndert hat.
+ if($this->searchChanged == 1) $_SESSION['search'][$list_name]['page'] = 0;
+
+ $sql_von = $_SESSION['search'][$list_name]['page'] * $records_per_page;
+ $record_count = $app->db->queryOneRecord("SELECT count(*) AS anzahl FROM $table WHERE $sql_where");
+ $pages = intval(($record_count['anzahl'] - 1) / $records_per_page);
+
+ $vars['list_file'] = $this->listDef['file'];
+ $vars['page'] = $_SESSION['search'][$list_name]['page'];
+ $vars['last_page'] = $_SESSION['search'][$list_name]['page'] - 1;
+ $vars['next_page'] = $_SESSION['search'][$list_name]['page'] + 1;
+ $vars['pages'] = $pages;
+ $vars['max_pages'] = $pages + 1;
+ $vars['records_gesamt'] = $record_count['anzahl'];
+ $vars['page_params'] = $this->listDef['page_params'];
+
+ if($_SESSION['search'][$list_name]['page'] > 0) $vars['show_page_back'] = 1;
+ if($_SESSION['search'][$list_name]['page'] <= $vars['pages'] - 1) $vars['show_page_next'] = 1;
+
+ $this->pagingValues = $vars;
+ $this->pagingHTML = $this->getPagingHTML($vars);
+
+ return "LIMIT $sql_von, $records_per_page";
+ }
+
+ public function getPagingHTML($vars) {
+ global $app;
+ $page_params = $vars['page_params'];
+ $list_file = $vars['list_file'];
+ $content = '<a href="'.$list_file.'?page=0'.$page_params.'"><img src="../themes/iprg/images/btn_left.png" border="0"></a> ';
+ if($vars['show_page_back'] == 1){
+ $content .= '<a href="'.$list_file.'?page='.$vars['last_page'].$page_params.'"><img src="../themes/iprg/images/btn_back.png" border="0"></a> ';
+ }
+ $content .= ' '.$app->lng('Page').' '.$vars['next_page'].' '.$app->lng('of').' '.$vars['max_pages'].' ';
+ if($vars['show_page_next'] == 1){
+ $content .= '<a href="'.$list_file.'?page='.$vars['next_page'].$page_params.'"><img src="../themes/iprg/images/btn_next.png" border="0"></a> ';
+ }
+ $content .= '<a href="'.$list_file.'?page='.$vars['pages'].$page_params.'"> <img src="../themes/iprg/images/btn_right.png" border="0"></a>';
+ return $content;
+ }
+
+ public function getPagingHTMLasTXT($vars)
+ {
+ global $app;
+ $page_params = $vars['page_params'];
+ $list_file = $vars['list_file'];
+ $content = '[<a href="'.$list_file.'?page=0'.$page_params.'">|<< </a>]';
+ if($vars['show_page_back'] == 1){
+ $content .= '[<< <a href="'.$list_file.'?page='.$vars['last_page'].$page_params.'">'.$app->lng('Back').'</a>] ';
+ }
+ $content .= ' '.$app->lng('Page').' '.$vars['next_page'].' '.$app->lng('of').' '.$vars['max_pages'].' ';
+ if($vars['show_page_next'] == 1){
+ $content .= '[<a href="'.$vars['list_file'].'?page='.$vars['next_page'].$page_params.'">'.$app->lng('Next').' >></a>] ';
+ }
+ $content .= '[<a href="'.$list_file.'?page='.$vars['pages'].$page_params.'"> >>|</a>]';
+ return $content;
+ }
+
+ public function getSortSQL()
+ {
+ $sort_field = $this->listDef['sort_field'];
+ $sort_direction = $this->listDef['sort_direction'];
+ return ($sort_field != '' && $sort_direction != '') ? "ORDER BY $sort_field $sort_direction" : '';
+ }
+
+ public function saveSearchSettings($searchresult_name)
+ {
+ global $app, $conf;
+
+ $list_name = $this->listDef['name'];
+ $settings = $_SESSION['search'][$list_name];
+ unset($settings['page']);
+ $data = mysql_real_escape_string(serialize($settings));
+
+ $userid = $_SESSION['s']['user']['userid'];
+ $groupid = $_SESSION['s']['user']['default_group'];
+ $sys_perm_user = 'riud';
+ $sys_perm_group = 'r';
+ $sys_perm_other = '';
+ $module = $_SESSION['s']['module']['name'];
+ $searchform = $this->listDef['name'];
+ $title = $searchresult_name;
+
+ $sql = 'INSERT INTO `searchform` ( '
+ .'`sys_userid` , `sys_groupid` , `sys_perm_user` , `sys_perm_group` , `sys_perm_other` , `module` , `searchform` , `title` , `data` '
+ .')VALUES ('
+ ."'$userid', '$groupid', '$sys_perm_user', '$sys_perm_group', '$sys_perm_other', '$module', '$searchform', '$title', '$data')";
+ $app->db->query($sql);
+ }
+
+ public function decode($record)
+ {
+ if(is_array($record)) {
+ foreach($this->listDef['item'] as $field) {
+ $key = $field['field'];
+ switch ($field['datatype'])
+ {
+ case 'DATE':
+ if($val > 0) {
+ $record[$key] = date($this->dateformat, $record[$key]);
+ }
+ break;
+
+ case 'INTEGER':
+ $record[$key] = intval($record[$key]);
+ break;
+
+ case 'DOUBLE':
+ $record[$key] = $record[$key];
+ break;
+
+ case 'CURRENCY':
+ $record[$key] = number_format($record[$key], 2, ',', '');
+ break;
+
+
+ case 'VARCHAR':
+ case 'TEXT':
+ default:
+ $record[$key] = stripslashes($record[$key]);
+ break;
+ }
+ }
+ }
+ return $record;
+ }
+
+ public function encode($record)
+ {
+ if(is_array($record)) {
+ foreach($this->listDef['item'] as $field) {
+ $key = $field['field'];
+ switch ($field['datatype'])
+ {
+ case 'VARCHAR':
+ case 'TEXT':
+ if(!is_array($record[$key])) {
+ $record[$key] = mysql_real_escape_string($record[$key]);
+ } else {
+ $record[$key] = implode($this->tableDef[$key]['separator'],$record[$key]);
+ }
+ break;
+
+ case 'DATE':
+ if($record[$key] > 0) {
+ list($tag, $monat, $jahr) = explode('.', $record[$key]);
+ $record[$key] = mktime(0, 0, 0, $monat, $tag, $jahr);
+ }
+ break;
+
+ case 'INTEGER':
+ $record[$key] = intval($record[$key]);
+ break;
+
+ case 'DOUBLE':
+ $record[$key] = mysql_real_escape_string($record[$key]);
+ break;
+
+ case 'CURRENCY':
+ $record[$key] = str_replace(',', '.', $record[$key]);
+ break;
+ }
+ }
+ }
+ return $record;
+ }
+}
+
?>
\ No newline at end of file
diff --git a/interface/lib/classes/tform.inc.php b/interface/lib/classes/tform.inc.php
index 3d017aaf87..51e5ffe9d1 100644
--- a/interface/lib/classes/tform.inc.php
+++ b/interface/lib/classes/tform.inc.php
@@ -482,14 +482,14 @@ class tform {
switch ($field['datatype']) {
case 'VARCHAR':
if(!@is_array($record[$key])) {
- $new_record[$key] = (isset($record[$key]))?addslashes($record[$key]):'';
+ $new_record[$key] = (isset($record[$key]))?mysql_real_escape_string($record[$key]):'';
} else {
$new_record[$key] = implode($field['separator'],$record[$key]);
}
break;
case 'TEXT':
if(!is_array($record[$key])) {
- $new_record[$key] = addslashes($record[$key]);
+ $new_record[$key] = mysql_real_escape_string($record[$key]);
} else {
$new_record[$key] = implode($field['separator'],$record[$key]);
}
@@ -508,7 +508,7 @@ class tform {
//if($key == 'refresh') die($record[$key]);
break;
case 'DOUBLE':
- $new_record[$key] = addslashes($record[$key]);
+ $new_record[$key] = mysql_real_escape_string($record[$key]);
break;
case 'CURRENCY':
$new_record[$key] = str_replace(",",".",$record[$key]);
@@ -699,10 +699,16 @@ class tform {
$salt.="$";
// $salt = substr(md5(time()),0,2);
$record[$key] = crypt($record[$key],$salt);
+ $sql_insert_val .= "'".mysql_real_escape_string($record[$key])."', ";
+ } elseif ($field['encryption'] == 'MYSQL') {
+ $sql_insert_val .= "PASSWORD('".mysql_real_escape_string($record[$key])."'), ";
+ } elseif ($field['encryption'] == 'CLEARTEXT') {
+ $sql_insert_val .= "'".mysql_real_escape_string($record[$key])."', ";
} else {
$record[$key] = md5($record[$key]);
+ $sql_insert_val .= "'".mysql_real_escape_string($record[$key])."', ";
}
- $sql_insert_val .= "'".addslashes($record[$key])."', ";
+
} elseif ($field['formtype'] == 'CHECKBOX') {
$sql_insert_key .= "`$key`, ";
if($record[$key] == '') {
@@ -726,10 +732,16 @@ class tform {
$salt.="$";
// $salt = substr(md5(time()),0,2);
$record[$key] = crypt($record[$key],$salt);
+ $sql_update .= "`$key` = '".mysql_real_escape_string($record[$key])."', ";
+ } elseif (isset($field['encryption']) && $field['encryption'] == 'MYSQL') {
+ $sql_update .= "`$key` = PASSWORD('".mysql_real_escape_string($record[$key])."'), ";
+ } elseif (isset($field['encryption']) && $field['encryption'] == 'CLEARTEXT') {
+ $sql_update .= "`$key` = '".mysql_real_escape_string($record[$key])."', ";
} else {
$record[$key] = md5($record[$key]);
+ $sql_update .= "`$key` = '".mysql_real_escape_string($record[$key])."', ";
}
- $sql_update .= "`$key` = '".addslashes($record[$key])."', ";
+
} elseif ($field['formtype'] == 'CHECKBOX') {
if($record[$key] == '') {
// if a checkbox is not set, we set it to the unchecked value
diff --git a/interface/web/client/client_edit.php b/interface/web/client/client_edit.php
index 11b20a7298..23e445fa4b 100644
--- a/interface/web/client/client_edit.php
+++ b/interface/web/client/client_edit.php
@@ -57,20 +57,20 @@ class page_action extends tform_actions {
function onAfterInsert() {
global $app;
// Create the group for the client
- $sql = "INSERT INTO sys_group (name,description,client_id) VALUES ('".addslashes($this->dataRecord["username"])."','',".$this->id.")";
+ $sql = "INSERT INTO sys_group (name,description,client_id) VALUES ('".mysql_real_escape_string($this->dataRecord["username"])."','',".$this->id.")";
$app->db->query($sql);
$groupid = $app->db->insertID();
$groups = $groupid;
- $username = addslashes($this->dataRecord["username"]);
- $password = addslashes($this->dataRecord["password"]);
+ $username = mysql_real_escape_string($this->dataRecord["username"]);
+ $password = mysql_real_escape_string($this->dataRecord["password"]);
$modules = ISPC_INTERFACE_MODULES_ENABLED;
if($this->dataRecord["limit_client"] > 0) $modules .= ',client';
$startmodule = 'mail';
- $usertheme = addslashes($this->dataRecord["usertheme"]);
+ $usertheme = mysql_real_escape_string($this->dataRecord["usertheme"]);
$type = 'user';
$active = 1;
- $language = addslashes($this->dataRecord["language"]);
+ $language = mysql_real_escape_string($this->dataRecord["language"]);
// Create the controlpaneluser for the client
$sql = "INSERT INTO sys_user (username,passwort,modules,startmodule,app_theme,typ,active,language,groups,default_group,client_id)
@@ -97,7 +97,7 @@ class page_action extends tform_actions {
// username changed
if(isset($app->tform->diffrec['username'])) {
- $username = addslashes($this->dataRecord["username"]);
+ $username = mysql_real_escape_string($this->dataRecord["username"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET username = '$username' WHERE client_id = $client_id";
$app->db->query($sql);
@@ -107,7 +107,7 @@ class page_action extends tform_actions {
// password changed
if(isset($this->dataRecord["password"]) && $this->dataRecord["password"] != '') {
- $password = addslashes($this->dataRecord["password"]);
+ $password = mysql_real_escape_string($this->dataRecord["password"]);
$client_id = $this->id;
$sql = "UPDATE sys_user SET passwort = md5('$password') WHERE client_id = $client_id";
$app->db->query($sql);
@@ -117,7 +117,7 @@ class page_action extends tform_actions {
if(isset($this->dataRecord["limit_client"])) {
$modules = ISPC_INTERFACE_MODULES_ENABLED;
if($this->dataRecord["limit_client"] > 0) $modules .= ',client';
- $modules = addslashes($modules);
+ $modules = mysql_real_escape_string($modules);
$client_id = $this->id;
$sql = "UPDATE sys_user SET modules = '$modules' WHERE client_id = $client_id";
$app->db->query($sql);
diff --git a/interface/web/mail/mail_domain_edit.php b/interface/web/mail/mail_domain_edit.php
index a9377c6d90..e32dc9c315 100644
--- a/interface/web/mail/mail_domain_edit.php
+++ b/interface/web/mail/mail_domain_edit.php
@@ -160,7 +160,7 @@ class page_action extends tform_actions {
// Spamfilter policy
$policy_id = intval($this->dataRecord["policy"]);
if($policy_id > 0) {
- $tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '@".addslashes($this->dataRecord["domain"])."'");
+ $tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '@".mysql_real_escape_string($this->dataRecord["domain"])."'");
if($tmp_user["id"] > 0) {
// There is already a record that we will update
$sql = "UPDATE spamfilter_users SET policy_id = $ploicy_id WHERE id = ".$tmp_user["id"];
@@ -169,7 +169,7 @@ class page_action extends tform_actions {
$tmp_domain = $app->db->queryOneRecord("SELECT sys_groupid FROM mail_domain WHERE domain_id = ".$this->id);
// We create a new record
$sql = "INSERT INTO `spamfilter_users` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `priority`, `policy_id`, `email`, `fullname`, `local`)
- VALUES (".$_SESSION["s"]["user"]["userid"].", ".$tmp_domain["sys_groupid"].", 'riud', 'riud', '', ".$this->dataRecord["server_id"].", 5, ".$policy_id.", '@".addslashes($this->dataRecord["domain"])."', '@".addslashes($this->dataRecord["domain"])."', 'Y')";
+ VALUES (".$_SESSION["s"]["user"]["userid"].", ".$tmp_domain["sys_groupid"].", 'riud', 'riud', '', ".$this->dataRecord["server_id"].", 5, ".$policy_id.", '@".mysql_real_escape_string($this->dataRecord["domain"])."', '@".mysql_real_escape_string($this->dataRecord["domain"])."', 'Y')";
$app->db->query($sql);
unset($tmp_domain);
}
@@ -192,7 +192,7 @@ class page_action extends tform_actions {
// Spamfilter policy
$policy_id = intval($this->dataRecord["policy"]);
- $tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '@".addslashes($this->dataRecord["domain"])."'");
+ $tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '@".mysql_real_escape_string($this->dataRecord["domain"])."'");
if($policy_id > 0) {
if($tmp_user["id"] > 0) {
// There is already a record that we will update
@@ -202,7 +202,7 @@ class page_action extends tform_actions {
$tmp_domain = $app->db->queryOneRecord("SELECT sys_groupid FROM mail_domain WHERE domain_id = ".$this->id);
// We create a new record
$sql = "INSERT INTO `spamfilter_users` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `priority`, `policy_id`, `email`, `fullname`, `local`)
- VALUES (".$_SESSION["s"]["user"]["userid"].", ".$tmp_domain["sys_groupid"].", 'riud', 'riud', '', ".$this->dataRecord["server_id"].", 5, ".$policy_id.", '@".addslashes($this->dataRecord["domain"])."', '@".addslashes($this->dataRecord["domain"])."', 'Y')";
+ VALUES (".$_SESSION["s"]["user"]["userid"].", ".$tmp_domain["sys_groupid"].", 'riud', 'riud', '', ".$this->dataRecord["server_id"].", 5, ".$policy_id.", '@".mysql_real_escape_string($this->dataRecord["domain"])."', '@".mysql_real_escape_string($this->dataRecord["domain"])."', 'Y')";
$app->db->query($sql);
unset($tmp_domain);
}
@@ -220,25 +220,25 @@ class page_action extends tform_actions {
$mail_config = $app->getconf->get_server_config($this->dataRecord["server_id"],'mail');
//* Update the mailboxes
- $mailusers = $app->db->queryAllRecords("SELECT * FROM mail_user WHERE email like '%@".addslashes($this->oldDataRecord['domain'])."'");
+ $mailusers = $app->db->queryAllRecords("SELECT * FROM mail_user WHERE email like '%@".mysql_real_escape_string($this->oldDataRecord['domain'])."'");
if(is_array($mailusers)) {
foreach($mailusers as $rec) {
// setting Maildir, Homedir, UID and GID
$mail_parts = explode("@",$rec['email']);
$maildir = str_replace("[domain]",$this->dataRecord['domain'],$mail_config["maildir_path"]);
$maildir = str_replace("[localpart]",$mail_parts[0],$maildir);
- $maildir = addslashes($maildir);
- $email = addslashes($mail_parts[0].'@'.$this->dataRecord['domain']);
+ $maildir = mysql_real_escape_string($maildir);
+ $email = mysql_real_escape_string($mail_parts[0].'@'.$this->dataRecord['domain']);
$app->db->datalogUpdate('mail_user', "maildir = '$maildir', email = '$email'", 'mailuser_id', $rec['mailuser_id']);
}
}
//* Update the aliases
- $forwardings = $app->db->queryAllRecords("SELECT * FROM mail_forwarding WHERE source like '%@".addslashes($this->oldDataRecord['domain'])."' OR destination like '%@".addslashes($this->oldDataRecord['domain'])."'");
+ $forwardings = $app->db->queryAllRecords("SELECT * FROM mail_forwarding WHERE source like '%@".mysql_real_escape_string($this->oldDataRecord['domain'])."' OR destination like '%@".mysql_real_escape_string($this->oldDataRecord['domain'])."'");
if(is_array($forwardings)) {
foreach($forwardings as $rec) {
- $destination = addslashes(str_replace($this->oldDataRecord['domain'],$this->dataRecord['domain'],$rec['destination']));
- $source = addslashes(str_replace($this->oldDataRecord['domain'],$this->dataRecord['domain'],$rec['source']));
+ $destination = mysql_real_escape_string(str_replace($this->oldDataRecord['domain'],$this->dataRecord['domain'],$rec['destination']));
+ $source = mysql_real_escape_string(str_replace($this->oldDataRecord['domain'],$this->dataRecord['domain'],$rec['source']));
$app->db->datalogUpdate('mail_forwarding', "source = '$source', destination = '$destination'", 'forwarding_id', $rec['forwarding_id']);
}
}
diff --git a/interface/web/mail/mail_get_edit.php b/interface/web/mail/mail_get_edit.php
index c17ae06b57..573fe78a37 100644
--- a/interface/web/mail/mail_get_edit.php
+++ b/interface/web/mail/mail_get_edit.php
@@ -92,7 +92,7 @@ class page_action extends tform_actions {
} // end if user is not admin
// Set the server ID according to the selected destination
- $tmp = $app->db->queryOneRecord("SELECT server_id FROM mail_user WHERE email = '".addslashes($this->dataRecord["destination"])."'");
+ $tmp = $app->db->queryOneRecord("SELECT server_id FROM mail_user WHERE email = '".mysql_real_escape_string($this->dataRecord["destination"])."'");
$this->dataRecord["server_id"] = $tmp["server_id"];
unset($tmp);
diff --git a/interface/web/mail/mail_user_edit.php b/interface/web/mail/mail_user_edit.php
index 2c666b0044..9bc4225e4d 100644
--- a/interface/web/mail/mail_user_edit.php
+++ b/interface/web/mail/mail_user_edit.php
@@ -205,7 +205,7 @@ class page_action extends tform_actions {
// Spamfilter policy
$policy_id = intval($this->dataRecord["policy"]);
if($policy_id > 0) {
- $tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '".addslashes($this->dataRecord["email"])."'");
+ $tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '".mysql_real_escape_string($this->dataRecord["email"])."'");
if($tmp_user["id"] > 0) {
// There is already a record that we will update
$sql = "UPDATE spamfilter_users SET policy_id = $ploicy_id WHERE id = ".$tmp_user["id"];
@@ -213,7 +213,7 @@ class page_action extends tform_actions {
} else {
// We create a new record
$sql = "INSERT INTO `spamfilter_users` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `priority`, `policy_id`, `email`, `fullname`, `local`)
- VALUES (".$_SESSION["s"]["user"]["userid"].", ".$domain["sys_groupid"].", 'riud', 'riud', '', ".$domain["server_id"].", 1, ".$policy_id.", '".addslashes($this->dataRecord["email"])."', '".addslashes($this->dataRecord["email"])."', 'Y')";
+ VALUES (".$_SESSION["s"]["user"]["userid"].", ".$domain["sys_groupid"].", 'riud', 'riud', '', ".$domain["server_id"].", 1, ".$policy_id.", '".mysql_real_escape_string($this->dataRecord["email"])."', '".mysql_real_escape_string($this->dataRecord["email"])."', 'Y')";
$app->db->query($sql);
}
} // endif spamfilter policy
@@ -230,7 +230,7 @@ class page_action extends tform_actions {
// Spamfilter policy
$policy_id = intval($this->dataRecord["policy"]);
- $tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '".addslashes($this->dataRecord["email"])."'");
+ $tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = '".mysql_real_escape_string($this->dataRecord["email"])."'");
if($policy_id > 0) {
if($tmp_user["id"] > 0) {
// There is already a record that we will update
@@ -239,7 +239,7 @@ class page_action extends tform_actions {
} else {
// We create a new record
$sql = "INSERT INTO `spamfilter_users` (`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `priority`, `policy_id`, `email`, `fullname`, `local`)
- VALUES (".$_SESSION["s"]["user"]["userid"].", ".$domain["sys_groupid"].", 'riud', 'riud', '', ".$domain["server_id"].", 1, ".$policy_id.", '".addslashes($this->dataRecord["email"])."', '".addslashes($this->dataRecord["email"])."', 'Y')";
+ VALUES (".$_SESSION["s"]["user"]["userid"].", ".$domain["sys_groupid"].", 'riud', 'riud', '', ".$domain["server_id"].", 1, ".$policy_id.", '".mysql_real_escape_string($this->dataRecord["email"])."', '".mysql_real_escape_string($this->dataRecord["email"])."', 'Y')";
$app->db->query($sql);
}
}else {
diff --git a/interface/web/mail/mail_user_filter_del.php b/interface/web/mail/mail_user_filter_del.php
index dac44aec7d..52164d957a 100644
--- a/interface/web/mail/mail_user_filter_del.php
+++ b/interface/web/mail/mail_user_filter_del.php
@@ -70,7 +70,7 @@ class page_action extends tform_actions {
}
}
- $out = addslashes($out);
+ $out = mysql_real_escape_string($out);
$app->db->datalogUpdate('mail_user', "custom_mailfilter = '$out'", 'mailuser_id', $this->dataRecord["mailuser_id"]);
}
diff --git a/interface/web/mail/mail_user_filter_edit.php b/interface/web/mail/mail_user_filter_edit.php
index e2fdc81ef7..c62dcd4787 100644
--- a/interface/web/mail/mail_user_filter_edit.php
+++ b/interface/web/mail/mail_user_filter_edit.php
@@ -101,7 +101,7 @@ class page_action extends tform_actions {
$out .= $this->getRule();
}
- $out = addslashes($out);
+ $out = mysql_real_escape_string($out);
$app->db->datalogUpdate('mail_user', "custom_mailfilter = '$out'", 'mailuser_id', $this->dataRecord["mailuser_id"]);
}
diff --git a/server/lib/classes/db_mysql.inc.php b/server/lib/classes/db_mysql.inc.php
index bc26ac5670..f25153260b 100644
--- a/server/lib/classes/db_mysql.inc.php
+++ b/server/lib/classes/db_mysql.inc.php
@@ -163,7 +163,12 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// Check der variablen
function quote($formfield)
{
- return addslashes($formfield);
+ if(!$this->connect()){
+ $this->updateError('WARNING: mysql_connect: Used addslashes instead of mysql_real_escape_string');
+ return addslashes($formfield);
+ }
+
+ return mysql_real_escape_string($formfield);
}
// Check der variablen
diff --git a/server/plugins-available/mysql_clientdb_plugin.inc.php b/server/plugins-available/mysql_clientdb_plugin.inc.php
index 81ada6ed83..e9c3400868 100644
--- a/server/plugins-available/mysql_clientdb_plugin.inc.php
+++ b/server/plugins-available/mysql_clientdb_plugin.inc.php
@@ -71,7 +71,7 @@ class mysql_clientdb_plugin {
}
//* Create the new database
- if (mysql_query('CREATE DATABASE '.addslashes($data["new"]["database_name"]),$link)) {
+ if (mysql_query('CREATE DATABASE '.mysql_real_escape_string($data["new"]["database_name"]),$link)) {
$app->log('Created MySQL database: '.$data["new"]["database_name"],LOGLEVEL_DEBUG);
} else {
$app->log('Unable to connect to the database'.mysql_error($link),LOGLEVEL_ERROR);
@@ -84,8 +84,8 @@ class mysql_clientdb_plugin {
$db_host = 'localhost';
}
- mysql_query("GRANT ALL ON ".addslashes($data["new"]["database_name"]).".* TO '".addslashes($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".addslashes($data["new"]["database_password"])."';",$link);
- //echo "GRANT ALL ON ".addslashes($data["new"]["database_name"]).".* TO '".addslashes($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".addslashes($data["new"]["database_password"])."';";
+ mysql_query("GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"]).".* TO '".mysql_real_escape_string($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"])."';",$link);
+ //echo "GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"]).".* TO '".mysql_real_escape_string($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"])."';";
mysql_query("FLUSH PRIVILEGES;",$link);
mysql_close($link);
@@ -110,18 +110,18 @@ class mysql_clientdb_plugin {
//* Rename User
if($data["new"]["database_user"] != $data["old"]["database_user"]) {
- mysql_query("RENAME USER '".addslashes($data["old"]["database_user"])."' TO '".addslashes($data["new"]["database_user"])."'",$link);
+ mysql_query("RENAME USER '".mysql_real_escape_string($data["old"]["database_user"])."' TO '".mysql_real_escape_string($data["new"]["database_user"])."'",$link);
$app->log('Renaming mysql user: '.$data["old"]["database_user"].' to '.$data["new"]["database_user"],LOGLEVEL_DEBUG);
}
//* Remote access option has changed.
if($data["new"]["remote_access"] != $data["old"]["remote_access"]) {
if($data["new"]["remote_access"] == 'y') {
- mysql_query("UPDATE mysql.user SET Host = '%' WHERE User = '".addslashes($data["new"]["database_user"])."' and Host = 'localhost';",$link);
- mysql_query("UPDATE mysql.db SET Host = '%' WHERE User = '".addslashes($data["new"]["database_user"])."' and Host = 'localhost';",$link);
+ mysql_query("UPDATE mysql.user SET Host = '%' WHERE User = '".mysql_real_escape_string($data["new"]["database_user"])."' and Host = 'localhost';",$link);
+ mysql_query("UPDATE mysql.db SET Host = '%' WHERE User = '".mysql_real_escape_string($data["new"]["database_user"])."' and Host = 'localhost';",$link);
} else {
- mysql_query("UPDATE mysql.user SET Host = 'localhost' WHERE User = '".addslashes($data["new"]["database_user"])."' and Host = '%';",$link);
- mysql_query("UPDATE mysql.db SET Host = 'localhost' WHERE User = '".addslashes($data["new"]["database_user"])."' and Host = '%';",$link);
+ mysql_query("UPDATE mysql.user SET Host = 'localhost' WHERE User = '".mysql_real_escape_string($data["new"]["database_user"])."' and Host = '%';",$link);
+ mysql_query("UPDATE mysql.db SET Host = 'localhost' WHERE User = '".mysql_real_escape_string($data["new"]["database_user"])."' and Host = '%';",$link);
}
$app->log('Changing mysql remote access priveliges for database: '.$data["new"]["database_name"],LOGLEVEL_DEBUG);
}
@@ -142,7 +142,7 @@ class mysql_clientdb_plugin {
//* Change password
if($data["new"]["database_password"] != $data["old"]["database_password"]) {
- mysql_query("SET PASSWORD FOR '".addslashes($data["new"]["database_user"])."'@'$db_host' = PASSWORD('".addslashes($data["new"]["database_password"])."');",$link);
+ mysql_query("SET PASSWORD FOR '".mysql_real_escape_string($data["new"]["database_user"])."'@'$db_host' = PASSWORD('".mysql_real_escape_string($data["new"]["database_password"])."');",$link);
$app->log('Changing mysql user password for: '.$data["new"]["database_user"],LOGLEVEL_DEBUG);
}
@@ -175,13 +175,13 @@ class mysql_clientdb_plugin {
$db_host = 'localhost';
}
- if(mysql_query("DROP USER '".addslashes($data["old"]["database_user"])."'@'$db_host';",$link)) {
+ if(mysql_query("DROP USER '".mysql_real_escape_string($data["old"]["database_user"])."'@'$db_host';",$link)) {
$app->log('Dropping mysql user: '.$data["old"]["database_user"],LOGLEVEL_DEBUG);
} else {
$app->log('Error while dropping mysql user: '.$data["old"]["database_user"].' '.mysql_error($link),LOGLEVEL_ERROR);
}
- if(mysql_query('DROP DATABASE '.addslashes($data["old"]["database_name"]),$link)) {
+ if(mysql_query('DROP DATABASE '.mysql_real_escape_string($data["old"]["database_name"]),$link)) {
$app->log('Dropping mysql database: '.$data["old"]["database_name"],LOGLEVEL_DEBUG);
} else {
$app->log('Error while dropping mysql database: '.$data["old"]["database_name"].' '.mysql_error($link),LOGLEVEL_ERROR);
--
GitLab