From b1210f0af422e7f870010dfacccdb477645be47b Mon Sep 17 00:00:00 2001 From: Jesse Norell Date: Tue, 7 Aug 2018 19:11:40 -0600 Subject: [PATCH 01/13] fix mysqli connection errors and db::getDatabaseSize() --- server/lib/classes/db_mysql.inc.php | 29 +++++++++++------------------ 1 file changed, 11 insertions(+), 18 deletions(-) diff --git a/server/lib/classes/db_mysql.inc.php b/server/lib/classes/db_mysql.inc.php index 4eb691ce44..1726557075 100644 --- a/server/lib/classes/db_mysql.inc.php +++ b/server/lib/classes/db_mysql.inc.php @@ -78,12 +78,15 @@ class db $this->_iConnId = mysqli_init(); mysqli_real_connect($this->_iConnId, $this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort, NULL, $this->dbClientFlags); - for($try=0;(!is_object($this->_iConnId) || mysqli_connect_error()) && $try < 5;++$try) { + for($try=0;(!is_object($this->_iConnId) || mysqli_connect_errno()) && $try < 5;++$try) { sleep($try); + if(!is_object($this->_iConnId)) { + $this->_iConnId = mysqli_init(); + } mysqli_real_connect($this->_iConnId, $this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort, NULL, $this->dbClientFlags); } - if(!is_object($this->_iConnId) || mysqli_connect_error()) { + if(!is_object($this->_iConnId) || mysqli_connect_errno()) { $this->_iConnId = null; $this->_sqlerror('Zugriff auf Datenbankserver fehlgeschlagen! / Database server not accessible!', '', true); return false; @@ -193,7 +196,7 @@ class db $try = 0; do { $try++; - $ok = mysqli_ping($this->_iConnId); + $ok = (is_object($this->_iConnId)) ? mysqli_ping($this->_iConnId) : false; if(!$ok) { if(!mysqli_real_connect(mysqli_init(), $this->dbHost, $this->dbUser, $this->dbPass, $this->dbName, (int)$this->dbPort, NULL, $this->dbClientFlags)) { if($this->errorNumber == '111') { @@ -550,28 +553,18 @@ class db * @param string $database_name * @return int - database-size in bytes */ - - public function getDatabaseSize($database_name) { global $app; - include 'lib/mysql_clientdb.conf'; - - /* Connect to the database */ - $link = mysqli_connect($clientdb_host, $clientdb_user, $clientdb_password); - if (!$link) { - $app->log('Unable to connect to the database'.mysqli_connect_error(), LOGLEVEL_DEBUG); - return; - } + require_once 'lib/mysql_clientdb.conf'; - /* Get database-size from information_schema */ - $result = mysqli_query($link, "SELECT SUM(data_length+index_length) FROM information_schema.TABLES WHERE table_schema='".mysqli_real_escape_string($link, $database_name)."'"); + $result = $this->_query("SELECT SUM(data_length+index_length) FROM information_schema.TABLES WHERE table_schema='".$this->escape($database_name)."'"); if(!$result) { - $app->log('Unable to get the database-size for ' . $database_name . ': '.mysqli_error($link), LOGLEVEL_DEBUG); + $this->_sqlerror('Unable to get the database-size for ' . $database_name); return; } - $database_size = mysqli_fetch_row($result); - mysqli_close($link); + $database_size = $result->getAsRow(); + $result->free(); return $database_size[0]; } -- GitLab From 2c915aec1d67f5890d7fc6bb1ade1956c912c7f6 Mon Sep 17 00:00:00 2001 From: Jesse Norell Date: Wed, 8 Aug 2018 17:01:28 -0600 Subject: [PATCH 02/13] add config variable name prefix --- server/lib/classes/db_mysql.inc.php | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/server/lib/classes/db_mysql.inc.php b/server/lib/classes/db_mysql.inc.php index 1726557075..f79f87fc8a 100644 --- a/server/lib/classes/db_mysql.inc.php +++ b/server/lib/classes/db_mysql.inc.php @@ -35,6 +35,8 @@ class db private $_iQueryId; private $_iConnId; + private $_Prefix = ''; // config variable name prefix + private $dbHost = ''; // hostname of the MySQL server private $dbPort = ''; // port of the MySQL server private $dbName = ''; // logical database name on that server @@ -64,17 +66,18 @@ class db */ // constructor - public function __construct($host = NULL , $user = NULL, $pass = NULL, $database = NULL, $port = NULL, $flags = NULL) { + public function __construct($host = NULL , $user = NULL, $pass = NULL, $database = NULL, $port = NULL, $flags = NULL, $confPrefix = '') { global $app, $conf; - $this->dbHost = $host ? $host : $conf['db_host']; - $this->dbPort = $port ? $port : $conf['db_port']; - $this->dbName = $database ? $database : $conf['db_database']; - $this->dbUser = $user ? $user : $conf['db_user']; - $this->dbPass = $pass ? $pass : $conf['db_password']; - $this->dbCharset = $conf['db_charset']; - $this->dbNewLink = $conf['db_new_link']; - $this->dbClientFlags = $flags ? $flags : $conf['db_client_flags']; + if($confPrefix != '') $this->_Prefix = $confPrefix . '_'; + $this->dbHost = $host ? $host : $conf[$this->_Prefix.'db_host']; + $this->dbPort = $port ? $port : $conf[$this->_Prefix.'db_port']; + $this->dbName = $database ? $database : $conf[$this->_Prefix.'db_database']; + $this->dbUser = $user ? $user : $conf[$this->_Prefix.'db_user']; + $this->dbPass = $pass ? $pass : $conf[$this->_Prefix.'db_password']; + $this->dbCharset = $conf[$this->_Prefix.'db_charset']; + $this->dbNewLink = $conf[$this->_Prefix.'db_new_link']; + $this->dbClientFlags = $flags ? $flags : $conf[$this->_Prefix.'db_client_flags']; $this->_iConnId = mysqli_init(); mysqli_real_connect($this->_iConnId, $this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort, NULL, $this->dbClientFlags); @@ -187,7 +190,6 @@ class db private function _query($sQuery = '') { global $app; - //if($this->isConnected == false) return false; if ($sQuery == '') { $this->_sqlerror('Keine Anfrage angegeben / No query given'); return false; @@ -211,7 +213,7 @@ class db } if($try > 9) { - $this->_sqlerror('DB::query -> reconnect', '', true); + $this->_sqlerror('DB::_query -> reconnect', '', true); return false; } else { sleep(($try > 7 ? 5 : 1)); @@ -474,7 +476,7 @@ class db //$sAddMsg .= getDebugBacktrace(); - if($this->show_error_messages && $conf['demo_mode'] === false) { + if($this->show_error_messages && $conf[$this->_Prefix.'demo_mode'] === false) { echo $sErrormsg . $sAddMsg; } elseif(is_object($app) && method_exists($app, 'log') && $bNoLog == false) { $app->log($sErrormsg . $sAddMsg . ' -> ' . $mysql_errno . ' (' . $mysql_error . ')', LOGLEVEL_WARN, false); @@ -570,7 +572,7 @@ class db //** Function to fill the datalog with a full differential record. public function datalogSave($db_table, $action, $primary_field, $primary_id, $record_old, $record_new, $force_update = false) { - global $app, $conf; + global $app; // Insert backticks only for incomplete table names. if(stristr($db_table, '.')) { -- GitLab From 629a8ddfe022ed519631bd6dfd6645a6f1374bbd Mon Sep 17 00:00:00 2001 From: Jesse Norell Date: Wed, 8 Aug 2018 17:02:19 -0600 Subject: [PATCH 03/13] add db::securityScan() --- server/lib/classes/db_mysql.inc.php | 54 ++++++++++++++++++++++++++++- 1 file changed, 53 insertions(+), 1 deletion(-) diff --git a/server/lib/classes/db_mysql.inc.php b/server/lib/classes/db_mysql.inc.php index f79f87fc8a..1c1cfc5ad8 100644 --- a/server/lib/classes/db_mysql.inc.php +++ b/server/lib/classes/db_mysql.inc.php @@ -187,6 +187,58 @@ class db mysqli_query($this->_iConnId, "SET character_set_results = '".$this->dbCharset."', character_set_client = '".$this->dbCharset."', character_set_connection = '".$this->dbCharset."', character_set_database = '".$this->dbCharset."', character_set_server = '".$this->dbCharset."'"); } + private function securityScan($string) { + global $app, $conf; + + // get security config + if(isset($app)) { + $app->uses('getconf'); + $ids_config = $app->getconf->get_security_config('ids'); + + if($ids_config['sql_scan_enabled'] == 'yes') { + + // Remove whitespace + $string = trim($string); + if(substr($string,-1) == ';') $string = substr($string,0,-1); + + // Save original string + $string_orig = $string; + + //echo $string; + $chars = array(';', '#', '/*', '*/', '--', '\\\'', '\\"'); + + $string = str_replace('\\\\', '', $string); + $string = preg_replace('/(^|[^\\\])([\'"])\\2/is', '$1', $string); + $string = preg_replace('/(^|[^\\\])([\'"])(.*?[^\\\])\\2/is', '$1', $string); + $ok = true; + + if(substr_count($string, "`") % 2 != 0 || substr_count($string, "'") % 2 != 0 || substr_count($string, '"') % 2 != 0) { + $app->log("SQL injection warning (" . $string_orig . ")",2); + $ok = false; + } else { + foreach($chars as $char) { + if(strpos($string, $char) !== false) { + $ok = false; + $app->log("SQL injection warning (" . $string_orig . ")",2); + break; + } + } + } + if($ok == true) { + return true; + } else { + if($ids_config['sql_scan_action'] == 'warn') { + // we return false in warning level. + return false; + } else { + // if sql action = 'block' or anything else then stop here. + $app->error('Possible SQL injection. All actions have been logged.'); + } + } + } + } + } + private function _query($sQuery = '') { global $app; @@ -227,7 +279,7 @@ class db $aArgs = func_get_args(); $sQuery = call_user_func_array(array(&$this, '_build_query_string'), $aArgs); - + $this->securityScan($sQuery); $this->_iQueryId = mysqli_query($this->_iConnId, $sQuery); if (!$this->_iQueryId) { $this->_sqlerror('Falsche Anfrage / Wrong Query', 'SQL-Query = ' . $sQuery); -- GitLab From e8f8b1f197bb3cd5ad6864763e9541d900901694 Mon Sep 17 00:00:00 2001 From: Jesse Norell Date: Wed, 8 Aug 2018 17:19:05 -0600 Subject: [PATCH 04/13] add db::insertFromArray() --- server/lib/classes/db_mysql.inc.php | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/server/lib/classes/db_mysql.inc.php b/server/lib/classes/db_mysql.inc.php index 1c1cfc5ad8..2a7f206b21 100644 --- a/server/lib/classes/db_mysql.inc.php +++ b/server/lib/classes/db_mysql.inc.php @@ -567,6 +567,26 @@ class db return $out; } + public function insertFromArray($tablename, $data) { + if(!is_array($data)) return false; + + $k_query = ''; + $v_query = ''; + + $params = array($tablename); + $v_params = array(); + + foreach($data as $key => $value) { + $k_query .= ($k_query != '' ? ', ' : '') . '??'; + $v_query .= ($v_query != '' ? ', ' : '') . '?'; + $params[] = $key; + $v_params[] = $value; + } + + $query = 'INSERT INTO ?? (' . $k_query . ') VALUES (' . $v_query . ')'; + return $this->query($query, true, array_merge($params, $v_params)); + } + public function diffrec($record_old, $record_new) { $diffrec_full = array(); $diff_num = 0; -- GitLab From e4f5781ef92cafabee19c5d3e81470e4d1b8f264 Mon Sep 17 00:00:00 2001 From: Jesse Norell Date: Wed, 8 Aug 2018 18:01:48 -0600 Subject: [PATCH 05/13] fix db quota messages --- server/lib/classes/cron.d/100-monitor_database_size.inc.php | 4 ++-- server/lib/classes/db_mysql.inc.php | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/server/lib/classes/cron.d/100-monitor_database_size.inc.php b/server/lib/classes/cron.d/100-monitor_database_size.inc.php index d2981dd314..02d90a4042 100644 --- a/server/lib/classes/cron.d/100-monitor_database_size.inc.php +++ b/server/lib/classes/cron.d/100-monitor_database_size.inc.php @@ -95,12 +95,12 @@ class cronjob_monitor_database_size extends cronjob { if(!is_numeric($quota)) continue; if($quota < 1 || $quota > $data[$i]['size']) { - print $rec['database_name'] . ' does not exceed quota qize: ' . $quota . ' > ' . $data[$i]['size'] . "\n"; + print 'database ' . $rec['database_name'] . ' size does not exceed quota: ' . $quota . ' (quota) > ' . $data[$i]['size'] . " (used)\n"; if($rec['quota_exceeded'] == 'y') { $app->dbmaster->datalogUpdate('web_database', array('quota_exceeded' => 'n'), 'database_id', $rec['database_id']); } } elseif($rec['quota_exceeded'] == 'n') { - print $rec['database_name'] . ' exceeds quota qize: ' . $quota . ' < ' . $data[$i]['size'] . "\n"; + print 'database ' . $rec['database_name'] . ' size exceeds quota: ' . $quota . ' (quota) < ' . $data[$i]['size'] . " (used)\n"; $app->dbmaster->datalogUpdate('web_database', array('quota_exceeded' => 'y'), 'database_id', $rec['database_id']); } } diff --git a/server/lib/classes/db_mysql.inc.php b/server/lib/classes/db_mysql.inc.php index 2a7f206b21..279e12a77a 100644 --- a/server/lib/classes/db_mysql.inc.php +++ b/server/lib/classes/db_mysql.inc.php @@ -634,12 +634,12 @@ class db $result = $this->_query("SELECT SUM(data_length+index_length) FROM information_schema.TABLES WHERE table_schema='".$this->escape($database_name)."'"); if(!$result) { - $this->_sqlerror('Unable to get the database-size for ' . $database_name); + $this->_sqlerror('Unable to determine the size of database ' . $database_name); return; } $database_size = $result->getAsRow(); $result->free(); - return $database_size[0]; + return $database_size[0] ? $database_size[0] : 0; } //** Function to fill the datalog with a full differential record. -- GitLab From b94c90305cadfa5c31a6f73beff4a5cc9c46671c Mon Sep 17 00:00:00 2001 From: Jesse Norell Date: Thu, 9 Aug 2018 10:45:24 -0600 Subject: [PATCH 06/13] suppress warnings for missing log file --- .../classes/cron.d/200-ftplogfiles.inc.php | 34 ++++++++++--------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/server/lib/classes/cron.d/200-ftplogfiles.inc.php b/server/lib/classes/cron.d/200-ftplogfiles.inc.php index e471967555..36b4335240 100644 --- a/server/lib/classes/cron.d/200-ftplogfiles.inc.php +++ b/server/lib/classes/cron.d/200-ftplogfiles.inc.php @@ -71,24 +71,26 @@ class cronjob_ftplogfiles extends cronjob { } } - $fp = fopen('/var/log/pure-ftpd/transfer.log.1', 'r'); + $fp = @fopen('/var/log/pure-ftpd/transfer.log.1', 'r'); $ftp_traffic = array(); - // cumule des stats journalière dans un tableau - while($line = fgets($fp)) - { - $parsed_line = parse_ftp_log($line); - - $sql = "SELECT wd.domain FROM ftp_user AS fu INNER JOIN web_domain AS wd ON fu.parent_domain_id = wd.domain_id WHERE fu.username = ? "; - $temp = $app->db->queryOneRecord($sql, $parsed_line['username'] ); - - $parsed_line['domain'] = $temp['domain']; - - add_ftp_traffic($ftp_traffic, $parsed_line); + if ($fp) { + // cumule des stats journalière dans un tableau + while($line = fgets($fp)) + { + $parsed_line = parse_ftp_log($line); + + $sql = "SELECT wd.domain FROM ftp_user AS fu INNER JOIN web_domain AS wd ON fu.parent_domain_id = wd.domain_id WHERE fu.username = ? "; + $temp = $app->db->queryOneRecord($sql, $parsed_line['username'] ); + + $parsed_line['domain'] = $temp['domain']; + + add_ftp_traffic($ftp_traffic, $parsed_line); + } + + fclose($fp); } - - fclose($fp); - + // Save du tableau en BD foreach($ftp_traffic as $traffic_date => $all_traffic) { @@ -123,4 +125,4 @@ class cronjob_ftplogfiles extends cronjob { } } -?> \ No newline at end of file +?> -- GitLab From c0069d7aa813b2b460cf6ab548367e87e90e50cc Mon Sep 17 00:00:00 2001 From: Jesse Norell Date: Thu, 9 Aug 2018 15:05:39 -0600 Subject: [PATCH 07/13] fix unlimited db quota message --- server/lib/classes/cron.d/100-monitor_database_size.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/lib/classes/cron.d/100-monitor_database_size.inc.php b/server/lib/classes/cron.d/100-monitor_database_size.inc.php index 02d90a4042..97f1225371 100644 --- a/server/lib/classes/cron.d/100-monitor_database_size.inc.php +++ b/server/lib/classes/cron.d/100-monitor_database_size.inc.php @@ -95,7 +95,7 @@ class cronjob_monitor_database_size extends cronjob { if(!is_numeric($quota)) continue; if($quota < 1 || $quota > $data[$i]['size']) { - print 'database ' . $rec['database_name'] . ' size does not exceed quota: ' . $quota . ' (quota) > ' . $data[$i]['size'] . " (used)\n"; + print 'database ' . $rec['database_name'] . ' size does not exceed quota: ' . ($quota < 1 ? 'unlimited' : $quota) . ' (quota) > ' . $data[$i]['size'] . " (used)\n"; if($rec['quota_exceeded'] == 'y') { $app->dbmaster->datalogUpdate('web_database', array('quota_exceeded' => 'n'), 'database_id', $rec['database_id']); } -- GitLab From b1b26f0e58a5b565cadbbfede8089cf298df0d7a Mon Sep 17 00:00:00 2001 From: Jesse Norell Date: Thu, 9 Aug 2018 18:08:26 -0600 Subject: [PATCH 08/13] merging differences between 'server' and 'interface' --- server/lib/classes/db_mysql.inc.php | 58 +++++++++++++++++++++++++---- 1 file changed, 51 insertions(+), 7 deletions(-) diff --git a/server/lib/classes/db_mysql.inc.php b/server/lib/classes/db_mysql.inc.php index 279e12a77a..6e9d7b8355 100644 --- a/server/lib/classes/db_mysql.inc.php +++ b/server/lib/classes/db_mysql.inc.php @@ -1,4 +1,12 @@ escape($sValue); + $sTxt = str_replace('`', '', $sTxt); if(strpos($sTxt, '.') !== false) { $sTxt = preg_replace('/^(.+)\.(.+)$/', '`$1`.`$2`', $sTxt); $sTxt = str_replace('.`*`', '.*', $sTxt); @@ -180,11 +189,11 @@ class db /**#@+ - * @access private - */ + * @access private + */ private function _setCharset() { - mysqli_query($this->_iConnId, 'SET NAMES '.$this->dbCharset); - mysqli_query($this->_iConnId, "SET character_set_results = '".$this->dbCharset."', character_set_client = '".$this->dbCharset."', character_set_connection = '".$this->dbCharset."', character_set_database = '".$this->dbCharset."', character_set_server = '".$this->dbCharset."'"); + $this->query('SET NAMES '.$this->dbCharset); + $this->query("SET character_set_results = '".$this->dbCharset."', character_set_client = '".$this->dbCharset."', character_set_connection = '".$this->dbCharset."', character_set_database = '".$this->dbCharset."', character_set_server = '".$this->dbCharset."'"); } private function securityScan($string) { @@ -693,6 +702,10 @@ class db public function datalogInsert($tablename, $insert_data, $index_field) { global $app; + // Check fields + if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$tablename)) $app->error('Invalid table name '.$tablename); + if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$index_field)) $app->error('Invalid index field '.$index_field.' in table '.$tablename); + if(is_array($insert_data)) { $key_str = ''; $val_str = ''; @@ -728,6 +741,10 @@ class db public function datalogUpdate($tablename, $update_data, $index_field, $index_value, $force_update = false) { global $app; + // Check fields + if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$tablename)) $app->error('Invalid table name '.$tablename); + if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$index_field)) $app->error('Invalid index field '.$index_field.' in table '.$tablename); + $old_rec = $this->queryOneRecord("SELECT * FROM ?? WHERE ?? = ?", $tablename, $index_field, $index_value); if(is_array($update_data)) { @@ -759,6 +776,10 @@ class db public function datalogDelete($tablename, $index_field, $index_value) { global $app; + // Check fields + if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$tablename)) $app->error('Invalid table name '.$tablename); + if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$index_field)) $app->error('Invalid index field '.$index_field.' in table '.$tablename); + $old_rec = $this->queryOneRecord("SELECT * FROM ?? WHERE ?? = ?", $tablename, $index_field, $index_value); $this->query("DELETE FROM ?? WHERE ?? = ?", $tablename, $index_field, $index_value); $new_rec = array(); @@ -776,6 +797,26 @@ class db return true; } + //* get the current datalog status for the specified login (or currently logged in user) + public function datalogStatus($login = '') { + global $app; + + $return = array('count' => 0, 'entries' => array()); + + if($login == '' && isset($_SESSION['s']['user'])) { + $login = $_SESSION['s']['user']['username']; + } + + $result = $this->queryAllRecords("SELECT COUNT( * ) AS cnt, sys_datalog.action, sys_datalog.dbtable FROM sys_datalog, server WHERE server.server_id = sys_datalog.server_id AND sys_datalog.user = ? AND sys_datalog.datalog_id > server.updated GROUP BY sys_datalog.dbtable, sys_datalog.action", $login); + foreach($result as $row) { + if(!$row['dbtable'] || in_array($row['dbtable'], array('aps_instances', 'aps_instances_settings', 'mail_access', 'mail_content_filter'))) continue; // ignore some entries, maybe more to come + $return['entries'][] = array('table' => $row['dbtable'], 'action' => $row['action'], 'count' => $row['cnt'], 'text' => $app->lng('datalog_status_' . $row['action'] . '_' . $row['dbtable'])); $return['count'] += $row['cnt']; + } + unset($result); + + return $return; + } + public function freeResult($query) { @@ -906,10 +947,10 @@ class db function tableInfo($table_name) { - global $go_api, $go_info; + global $go_api, $go_info, $app; // Tabellenfelder einlesen - if($rows = $go_api->db->queryAllRecords('SHOW FIELDS FROM ??', $table_name)){ + if($rows = $app->db->queryAllRecords('SHOW FIELDS FROM ??', $table_name)){ foreach($rows as $row) { $name = $row['Field']; $default = $row['Default']; @@ -1011,7 +1052,7 @@ class db return 'char'; break; case 'varchar': - if($typeValue < 1) die('Database failure: Lenght required for these data types.'); + if($typeValue < 1) die('Database failure: Length required for these data types.'); return 'varchar('.$typeValue.')'; break; case 'text': @@ -1020,6 +1061,9 @@ class db case 'blob': return 'blob'; break; + case 'date': + return 'date'; + break; } } -- GitLab From 04f35dfc213cf18e7088555421b6b16253f8bf59 Mon Sep 17 00:00:00 2001 From: Jesse Norell Date: Thu, 9 Aug 2018 18:11:35 -0600 Subject: [PATCH 09/13] copy db_mysql.inc.php from 'server' to 'interface' --- interface/lib/classes/db_mysql.inc.php | 216 ++++++++++++++++--------- 1 file changed, 140 insertions(+), 76 deletions(-) diff --git a/interface/lib/classes/db_mysql.inc.php b/interface/lib/classes/db_mysql.inc.php index e3bf695dfc..6e9d7b8355 100644 --- a/interface/lib/classes/db_mysql.inc.php +++ b/interface/lib/classes/db_mysql.inc.php @@ -1,4 +1,12 @@ dbHost = $conf[$prefix.'db_host']; - $this->dbPort = $conf[$prefix.'db_port']; - $this->dbName = $conf[$prefix.'db_database']; - $this->dbUser = $conf[$prefix.'db_user']; - $this->dbPass = $conf[$prefix.'db_password']; - $this->dbCharset = $conf[$prefix.'db_charset']; - $this->dbNewLink = $conf[$prefix.'db_new_link']; - $this->dbClientFlags = $conf[$prefix.'db_client_flags']; + public function __construct($host = NULL , $user = NULL, $pass = NULL, $database = NULL, $port = NULL, $flags = NULL, $confPrefix = '') { + global $app, $conf; + + if($confPrefix != '') $this->_Prefix = $confPrefix . '_'; + $this->dbHost = $host ? $host : $conf[$this->_Prefix.'db_host']; + $this->dbPort = $port ? $port : $conf[$this->_Prefix.'db_port']; + $this->dbName = $database ? $database : $conf[$this->_Prefix.'db_database']; + $this->dbUser = $user ? $user : $conf[$this->_Prefix.'db_user']; + $this->dbPass = $pass ? $pass : $conf[$this->_Prefix.'db_password']; + $this->dbCharset = $conf[$this->_Prefix.'db_charset']; + $this->dbNewLink = $conf[$this->_Prefix.'db_new_link']; + $this->dbClientFlags = $flags ? $flags : $conf[$this->_Prefix.'db_client_flags']; $this->_iConnId = mysqli_init(); mysqli_real_connect($this->_iConnId, $this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort, NULL, $this->dbClientFlags); - for($try=0;(!is_object($this->_iConnId) || mysqli_connect_error()) && $try < 5;++$try) { + for($try=0;(!is_object($this->_iConnId) || mysqli_connect_errno()) && $try < 5;++$try) { sleep($try); + if(!is_object($this->_iConnId)) { + $this->_iConnId = mysqli_init(); + } mysqli_real_connect($this->_iConnId, $this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort, NULL, $this->dbClientFlags); } - if(!is_object($this->_iConnId) || mysqli_connect_error()) { + if(!is_object($this->_iConnId) || mysqli_connect_errno()) { $this->_iConnId = null; - $this->_sqlerror('Zugriff auf Datenbankserver fehlgeschlagen! / Database server not accessible!'); + $this->_sqlerror('Zugriff auf Datenbankserver fehlgeschlagen! / Database server not accessible!', '', true); return false; } if(!((bool)mysqli_query( $this->_iConnId, 'USE `' . $this->dbName . '`'))) { $this->close(); - $this->_sqlerror('Datenbank nicht gefunden / Database not found'); + $this->_sqlerror('Datenbank nicht gefunden / Database not found', '', true); return false; } @@ -105,6 +120,11 @@ class db { $this->_iConnId = null; } + /* This allows our private variables to be "read" out side of the class */ + public function __get($var) { + return isset($this->$var) ? $this->$var : NULL; + } + public function _build_query_string($sQuery = '') { $iArgs = func_num_args(); if($iArgs > 1) { @@ -127,7 +147,7 @@ class db { if($iPos2 !== false && ($iPos === false || $iPos2 <= $iPos)) { $sTxt = $this->escape($sValue); - + $sTxt = str_replace('`', '', $sTxt); if(strpos($sTxt, '.') !== false) { $sTxt = preg_replace('/^(.+)\.(.+)$/', '`$1`.`$2`', $sTxt); @@ -169,33 +189,33 @@ class db { /**#@+ - * @access private - */ + * @access private + */ private function _setCharset() { - mysqli_query($this->_iConnId, 'SET NAMES '.$this->dbCharset); - mysqli_query($this->_iConnId, "SET character_set_results = '".$this->dbCharset."', character_set_client = '".$this->dbCharset."', character_set_connection = '".$this->dbCharset."', character_set_database = '".$this->dbCharset."', character_set_server = '".$this->dbCharset."'"); + $this->query('SET NAMES '.$this->dbCharset); + $this->query("SET character_set_results = '".$this->dbCharset."', character_set_client = '".$this->dbCharset."', character_set_connection = '".$this->dbCharset."', character_set_database = '".$this->dbCharset."', character_set_server = '".$this->dbCharset."'"); } - + private function securityScan($string) { global $app, $conf; - + // get security config if(isset($app)) { $app->uses('getconf'); $ids_config = $app->getconf->get_security_config('ids'); - + if($ids_config['sql_scan_enabled'] == 'yes') { - + // Remove whitespace $string = trim($string); if(substr($string,-1) == ';') $string = substr($string,0,-1); - + // Save original string $string_orig = $string; - + //echo $string; $chars = array(';', '#', '/*', '*/', '--', '\\\'', '\\"'); - + $string = str_replace('\\\\', '', $string); $string = preg_replace('/(^|[^\\\])([\'"])\\2/is', '$1', $string); $string = preg_replace('/(^|[^\\\])([\'"])(.*?[^\\\])\\2/is', '$1', $string); @@ -239,14 +259,25 @@ class db { $try = 0; do { $try++; - $ok = mysqli_ping($this->_iConnId); + $ok = (is_object($this->_iConnId)) ? mysqli_ping($this->_iConnId) : false; if(!$ok) { if(!mysqli_real_connect(mysqli_init(), $this->dbHost, $this->dbUser, $this->dbPass, $this->dbName, (int)$this->dbPort, NULL, $this->dbClientFlags)) { - if($try > 4) { - $this->_sqlerror('DB::query -> reconnect'); + if($this->errorNumber == '111') { + // server is not available + if($try > 9) { + if(isset($app) && isset($app->forceErrorExit)) { + $app->forceErrorExit('Database connection failure!'); + } + // if we reach this, the app object is missing or has no exit method, so we continue as normal + } + sleep(30); // additional seconds, please! + } + + if($try > 9) { + $this->_sqlerror('DB::_query -> reconnect', '', true); return false; } else { - sleep(1); + sleep(($try > 7 ? 5 : 1)); } } else { $this->_setCharset(); @@ -258,7 +289,7 @@ class db { $aArgs = func_get_args(); $sQuery = call_user_func_array(array(&$this, '_build_query_string'), $aArgs); $this->securityScan($sQuery); - $this->_iQueryId = @mysqli_query($this->_iConnId, $sQuery); + $this->_iQueryId = mysqli_query($this->_iConnId, $sQuery); if (!$this->_iQueryId) { $this->_sqlerror('Falsche Anfrage / Wrong Query', 'SQL-Query = ' . $sQuery); return false; @@ -390,7 +421,7 @@ class db { } public function query_all_array($sQuery = '') { - return $this->queryAllArray($sQuery); + return call_user_func_array(array(&$this, 'queryAllArray'), func_get_args()); } @@ -431,6 +462,7 @@ class db { } + /** * check if a utf8 string is valid * @@ -470,7 +502,7 @@ class db { public function escape($sString) { global $app; if(!is_string($sString) && !is_numeric($sString)) { - $app->log('NON-String given in escape function! (' . gettype($sString) . ')', LOGLEVEL_DEBUG); + $app->log('NON-String given in escape function! (' . gettype($sString) . ')', LOGLEVEL_INFO); //$sAddMsg = getDebugBacktrace(); $app->log($sAddMsg, LOGLEVEL_DEBUG); $sString = ''; @@ -479,7 +511,7 @@ class db { $cur_encoding = mb_detect_encoding($sString); if($cur_encoding != "UTF-8") { if($cur_encoding != 'ASCII') { - if(is_object($app) && method_exists($app, 'log')) $app->log('String ' . substr($sString, 0, 25) . '... is ' . $cur_encoding . '.', LOGLEVEL_DEBUG); + if(is_object($app) && method_exists($app, 'log')) $app->log('String ' . substr($sString, 0, 25) . '... is ' . $cur_encoding . '.', LOGLEVEL_INFO); if($cur_encoding) $sString = mb_convert_encoding($sString, 'UTF-8', $cur_encoding); else $sString = mb_convert_encoding($sString, 'UTF-8'); } @@ -496,7 +528,7 @@ class db { * * @access private */ - private function _sqlerror($sErrormsg = 'Unbekannter Fehler', $sAddMsg = '') { + private function _sqlerror($sErrormsg = 'Unbekannter Fehler', $sAddMsg = '', $bNoLog = false) { global $app, $conf; $mysql_error = (is_object($this->_iConnId) ? mysqli_error($this->_iConnId) : mysqli_connect_error()); @@ -505,11 +537,13 @@ class db { //$sAddMsg .= getDebugBacktrace(); - if($this->show_error_messages && $conf['demo_mode'] === false) { + if($this->show_error_messages && $conf[$this->_Prefix.'demo_mode'] === false) { echo $sErrormsg . $sAddMsg; - } else if(is_object($app) && method_exists($app, 'log')) { - $app->log($sErrormsg . $sAddMsg . ' -> ' . $mysql_errno . ' (' . $mysql_error . ')', LOGLEVEL_WARN); - } + } elseif(is_object($app) && method_exists($app, 'log') && $bNoLog == false) { + $app->log($sErrormsg . $sAddMsg . ' -> ' . $mysql_errno . ' (' . $mysql_error . ')', LOGLEVEL_WARN, false); + } elseif(php_sapi_name() == 'cli') { + echo $sErrormsg . $sAddMsg; + } } public function affectedRows() { @@ -541,27 +575,27 @@ class db { } return $out; } - + public function insertFromArray($tablename, $data) { if(!is_array($data)) return false; - + $k_query = ''; $v_query = ''; - + $params = array($tablename); $v_params = array(); - + foreach($data as $key => $value) { $k_query .= ($k_query != '' ? ', ' : '') . '??'; $v_query .= ($v_query != '' ? ', ' : '') . '?'; $params[] = $key; $v_params[] = $value; } - + $query = 'INSERT INTO ?? (' . $k_query . ') VALUES (' . $v_query . ')'; return $this->query($query, true, array_merge($params, $v_params)); } - + public function diffrec($record_old, $record_new) { $diffrec_full = array(); $diff_num = 0; @@ -597,15 +631,36 @@ class db { } + /** + * Function to get the database-size + * @param string $database_name + * @return int - database-size in bytes + */ + public function getDatabaseSize($database_name) { + global $app; + + require_once 'lib/mysql_clientdb.conf'; + + $result = $this->_query("SELECT SUM(data_length+index_length) FROM information_schema.TABLES WHERE table_schema='".$this->escape($database_name)."'"); + if(!$result) { + $this->_sqlerror('Unable to determine the size of database ' . $database_name); + return; + } + $database_size = $result->getAsRow(); + $result->free(); + return $database_size[0] ? $database_size[0] : 0; + } + //** Function to fill the datalog with a full differential record. public function datalogSave($db_table, $action, $primary_field, $primary_id, $record_old, $record_new, $force_update = false) { - global $app, $conf; + global $app; - // Check fields - if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$db_table)) $app->error('Invalid table name '.$db_table); - if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$primary_field)) $app->error('Invalid primary field '.$primary_field.' in table '.$db_table); - - $primary_id = intval($primary_id); + // Insert backticks only for incomplete table names. + if(stristr($db_table, '.')) { + $escape = ''; + } else { + $escape = '`'; + } if($force_update == true) { //* We force a update even if no record has changed @@ -625,12 +680,13 @@ class db { if($diff_num > 0) { - //print_r($diff_num); - //print_r($diffrec_full); $diffstr = serialize($diffrec_full); - $username = $_SESSION['s']['user']['username']; + if(isset($_SESSION)) { + $username = $_SESSION['s']['user']['username']; + } else { + $username = 'admin'; + } $dbidx = $primary_field.':'.$primary_id; - if(trim($username) == '') $username = 'none'; if($action == 'INSERT') $action = 'i'; if($action == 'UPDATE') $action = 'u'; @@ -645,11 +701,11 @@ class db { //** Inserts a record and saves the changes into the datalog public function datalogInsert($tablename, $insert_data, $index_field) { global $app; - + // Check fields if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$tablename)) $app->error('Invalid table name '.$tablename); if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$index_field)) $app->error('Invalid index field '.$index_field.' in table '.$tablename); - + if(is_array($insert_data)) { $key_str = ''; $val_str = ''; @@ -688,7 +744,7 @@ class db { // Check fields if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$tablename)) $app->error('Invalid table name '.$tablename); if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$index_field)) $app->error('Invalid index field '.$index_field.' in table '.$tablename); - + $old_rec = $this->queryOneRecord("SELECT * FROM ?? WHERE ?? = ?", $tablename, $index_field, $index_value); if(is_array($update_data)) { @@ -723,7 +779,7 @@ class db { // Check fields if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$tablename)) $app->error('Invalid table name '.$tablename); if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$index_field)) $app->error('Invalid index field '.$index_field.' in table '.$tablename); - + $old_rec = $this->queryOneRecord("SELECT * FROM ?? WHERE ?? = ?", $tablename, $index_field, $index_value); $this->query("DELETE FROM ?? WHERE ?? = ?", $tablename, $index_field, $index_value); $new_rec = array(); @@ -732,13 +788,20 @@ class db { return true; } + //** Deletes a record and saves the changes into the datalog + public function datalogError($errormsg) { + global $app; + + if(isset($app->modules->current_datalog_id) && $app->modules->current_datalog_id > 0) $this->query("UPDATE sys_datalog set error = ? WHERE datalog_id = ?", $errormsg, $app->modules->current_datalog_id); + + return true; + } + //* get the current datalog status for the specified login (or currently logged in user) public function datalogStatus($login = '') { global $app; $return = array('count' => 0, 'entries' => array()); - //if($_SESSION['s']['user']['typ'] == 'admin') return $return; // these information should not be displayed to admin users - // removed in favor of new non intrusive datalogstatus notification header if($login == '' && isset($_SESSION['s']['user'])) { $login = $_SESSION['s']['user']['username']; @@ -747,14 +810,24 @@ class db { $result = $this->queryAllRecords("SELECT COUNT( * ) AS cnt, sys_datalog.action, sys_datalog.dbtable FROM sys_datalog, server WHERE server.server_id = sys_datalog.server_id AND sys_datalog.user = ? AND sys_datalog.datalog_id > server.updated GROUP BY sys_datalog.dbtable, sys_datalog.action", $login); foreach($result as $row) { if(!$row['dbtable'] || in_array($row['dbtable'], array('aps_instances', 'aps_instances_settings', 'mail_access', 'mail_content_filter'))) continue; // ignore some entries, maybe more to come - $return['entries'][] = array('table' => $row['dbtable'], 'action' => $row['action'], 'count' => $row['cnt'], 'text' => $app->lng('datalog_status_' . $row['action'] . '_' . $row['dbtable'])); - $return['count'] += $row['cnt']; + $return['entries'][] = array('table' => $row['dbtable'], 'action' => $row['action'], 'count' => $row['cnt'], 'text' => $app->lng('datalog_status_' . $row['action'] . '_' . $row['dbtable'])); $return['count'] += $row['cnt']; } unset($result); return $return; } + + public function freeResult($query) + { + if(is_object($query) && (get_class($query) == "mysqli_result")) { + $query->free(); + return true; + } else { + return false; + } + } + /* $columns = array(action => add | alter | drop name => Spaltenname @@ -879,15 +952,6 @@ class db { if($rows = $app->db->queryAllRecords('SHOW FIELDS FROM ??', $table_name)){ foreach($rows as $row) { - /* - $name = $row[0]; - $default = $row[4]; - $key = $row[3]; - $extra = $row[5]; - $isnull = $row[2]; - $type = $row[1]; - */ - $name = $row['Field']; $default = $row['Default']; $key = $row['Key']; @@ -988,7 +1052,7 @@ class db { return 'char'; break; case 'varchar': - if($typeValue < 1) die('Database failure: Lenght required for these data types.'); + if($typeValue < 1) die('Database failure: Length required for these data types.'); return 'varchar('.$typeValue.')'; break; case 'text': -- GitLab From 94babc398a34d58b2f47ec99361456be47a54ae1 Mon Sep 17 00:00:00 2001 From: Jesse Norell Date: Tue, 14 Aug 2018 15:12:20 -0600 Subject: [PATCH 10/13] update db class use to support client flags (ssl) --- interface/lib/app.inc.php | 6 ++- interface/lib/classes/db_mysql.inc.php | 30 ++++++++----- interface/lib/classes/session.inc.php | 6 ++- .../default/assets/stylesheets/ispconfig.css | 3 ++ .../default/assets/stylesheets/ispconfig.sass | 5 ++- interface/web/tools/dns_import_tupa.php | 42 ++++++------------- interface/web/tools/import_vpopmail.php | 26 ++++++------ .../web/tools/templates/dns_import_tupa.htm | 17 +++++--- .../web/tools/templates/import_vpopmail.htm | 17 +++++--- server/lib/app.inc.php | 12 +++++- server/lib/classes/db_mysql.inc.php | 30 ++++++++----- 11 files changed, 113 insertions(+), 81 deletions(-) diff --git a/interface/lib/app.inc.php b/interface/lib/app.inc.php index 12b7e9e922..ab7d903348 100755 --- a/interface/lib/app.inc.php +++ b/interface/lib/app.inc.php @@ -62,7 +62,11 @@ class app { $this->_conf = $conf; if($this->_conf['start_db'] == true) { $this->load('db_'.$this->_conf['db_type']); - $this->db = new db; + try { + $this->db = new db; + } catch (Exception $e) { + $this->db = false; + } } //* Start the session diff --git a/interface/lib/classes/db_mysql.inc.php b/interface/lib/classes/db_mysql.inc.php index 6e9d7b8355..9e8169fbf5 100644 --- a/interface/lib/classes/db_mysql.inc.php +++ b/interface/lib/classes/db_mysql.inc.php @@ -64,8 +64,8 @@ class db private $record = array(); // last record fetched private $autoCommit = 1; // Autocommit Transactions private $currentRow; // current row number - public $errorNumber = 0; // last error number */ + public $errorNumber = 0; // last error number public $errorMessage = ''; // last error message /* private $errorLocation = '';// last error location @@ -94,18 +94,20 @@ class db if(!is_object($this->_iConnId)) { $this->_iConnId = mysqli_init(); } - mysqli_real_connect($this->_iConnId, $this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort, NULL, $this->dbClientFlags); + if(!mysqli_real_connect($this->_iConnId, $this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort, NULL, $this->dbClientFlags)) { + $this->_sqlerror('Database connection failed'); + } } if(!is_object($this->_iConnId) || mysqli_connect_errno()) { $this->_iConnId = null; - $this->_sqlerror('Zugriff auf Datenbankserver fehlgeschlagen! / Database server not accessible!', '', true); - return false; + $this->_sqlerror('Zugriff auf Datenbankserver fehlgeschlagen! / Database server not accessible!', '', true); // sets errorMessage + throw new Exception($this->errorMessage); } if(!((bool)mysqli_query( $this->_iConnId, 'USE `' . $this->dbName . '`'))) { $this->close(); - $this->_sqlerror('Datenbank nicht gefunden / Database not found', '', true); - return false; + $this->_sqlerror('Datenbank nicht gefunden / Database not found', '', true); // sets errorMessage + throw new Exception($this->errorMessage); } $this->_setCharset(); @@ -261,8 +263,11 @@ class db $try++; $ok = (is_object($this->_iConnId)) ? mysqli_ping($this->_iConnId) : false; if(!$ok) { - if(!mysqli_real_connect(mysqli_init(), $this->dbHost, $this->dbUser, $this->dbPass, $this->dbName, (int)$this->dbPort, NULL, $this->dbClientFlags)) { - if($this->errorNumber == '111') { + if(!is_object($this->_iConnId)) { + $this->_iConnId = mysqli_init(); + } + if(!mysqli_real_connect($this->_isConnId, $this->dbHost, $this->dbUser, $this->dbPass, $this->dbName, (int)$this->dbPort, NULL, $this->dbClientFlags)) { + if(mysqli_connect_errno() == '111') { // server is not available if($try > 9) { if(isset($app) && isset($app->forceErrorExit)) { @@ -531,8 +536,13 @@ class db private function _sqlerror($sErrormsg = 'Unbekannter Fehler', $sAddMsg = '', $bNoLog = false) { global $app, $conf; - $mysql_error = (is_object($this->_iConnId) ? mysqli_error($this->_iConnId) : mysqli_connect_error()); - $mysql_errno = (is_object($this->_iConnId) ? mysqli_errno($this->_iConnId) : mysqli_connect_errno()); + $mysql_errno = mysqli_connect_errno(); + $mysql_error = mysqli_connect_error(); + if ($mysql_errno === 0 && is_object($this->_iConnId)) { + $mysql_errno = mysqli_errno($this->_iConnId); + $mysql_error = mysqli_error($this->_iConnId); + } + $this->errorNumber = $mysql_error; $this->errorMessage = $mysql_error; //$sAddMsg .= getDebugBacktrace(); diff --git a/interface/lib/classes/session.inc.php b/interface/lib/classes/session.inc.php index f4a90beda9..3e93cd4314 100644 --- a/interface/lib/classes/session.inc.php +++ b/interface/lib/classes/session.inc.php @@ -36,7 +36,11 @@ class session { private $permanent = false; function __construct($session_timeout = 0) { - $this->db = new db; + try { + $this->db = new db; + } catch (Exception $e) { + $this->db = false; + } $this->timeout = $session_timeout; } diff --git a/interface/web/themes/default/assets/stylesheets/ispconfig.css b/interface/web/themes/default/assets/stylesheets/ispconfig.css index d432c7c59d..5cd1bd1411 100644 --- a/interface/web/themes/default/assets/stylesheets/ispconfig.css +++ b/interface/web/themes/default/assets/stylesheets/ispconfig.css @@ -25,6 +25,9 @@ body { .form-group input[type='checkbox'] { margin-top: 10px; } +.form-group .checkbox-inline input[type='checkbox'] { + margin-top: 4px; } + .control-label { font-weight: normal; } .control-label:after { diff --git a/interface/web/themes/default/assets/stylesheets/ispconfig.sass b/interface/web/themes/default/assets/stylesheets/ispconfig.sass index 9855d07dc1..3ea0810534 100644 --- a/interface/web/themes/default/assets/stylesheets/ispconfig.sass +++ b/interface/web/themes/default/assets/stylesheets/ispconfig.sass @@ -25,6 +25,9 @@ body .form-group input[type='checkbox'] margin-top: 10px +.form-group .checkbox-inline input[type='checkbox'] + margin-top: 4px + .control-label font-weight: normal @@ -311,4 +314,4 @@ thead.dark .input-group-field:last-child border-top-left-radius: 0 - border-bottom-left-radius: 0 \ No newline at end of file + border-bottom-left-radius: 0 diff --git a/interface/web/tools/dns_import_tupa.php b/interface/web/tools/dns_import_tupa.php index 12bd035296..d1b4e1af3b 100644 --- a/interface/web/tools/dns_import_tupa.php +++ b/interface/web/tools/dns_import_tupa.php @@ -49,32 +49,27 @@ if(isset($_POST['start']) && $_POST['start'] == 1) { //* CSRF Check $app->auth->csrf_token_check(); - //* Set variable sin template + //* Set variables in template $app->tpl->setVar('dbhost', $_POST['dbhost'], true); $app->tpl->setVar('dbname', $_POST['dbname'], true); $app->tpl->setVar('dbuser', $_POST['dbuser'], true); $app->tpl->setVar('dbpassword', $_POST['dbpassword'], true); + $app->tpl->setVar('dbssl', 'true', true); //* Establish connection to external database $msg .= 'Connecting to external database...
'; - //* Backup DB login details - /*$conf_bak['db_host'] = $conf['db_host']; - $conf_bak['db_database'] = $conf['db_database']; - $conf_bak['db_user'] = $conf['db_user']; - $conf_bak['db_password'] = $conf['db_password'];*/ + //* Set external db client flags + $db_client_flags = 0; + if(isset($_POST['dbssl']) && $_POST['dbssl'] == 1) $db_client_flags |= MYSQLI_CLIENT_SSL; - //* Set external Login details - $conf['imp_db_host'] = $_POST['dbhost']; - $conf['imp_db_database'] = $_POST['dbname']; - $conf['imp_db_user'] = $_POST['dbuser']; - $conf['imp_db_password'] = $_POST['dbpassword']; - $conf['imp_db_charset'] = $conf['db_charset']; - $conf['imp_db_new_link'] = $conf['db_new_link']; - $conf['imp_db_client_flags'] = $conf['db_client_flags']; - - //* create new db object - $exdb = new db('imp'); + //* create new db object with external login details + try { + $exdb = new db($_POST['dbhost'], $_POST['dbuser'], $_POST['dbpassword'], $_POST['dbname'], 3306, $db_client_flags); + } catch (Exception $e) { + $error .= "Error connecting to Tupa database" . ($e->getMessage() ? ": " . $e->getMessage() : '.') . "
\n"; + $exdb = false; + } $server_id = 1; $sys_userid = 1; @@ -159,26 +154,13 @@ if(isset($_POST['start']) && $_POST['start'] == 1) { ); $dns_rr_id = $app->db->datalogInsert('dns_rr', $insert_data, 'id'); //$msg .= $insert_data.'
'; - } } } - } } - - - - } else { - $error .= $exdb->errorMessage; } - //* restore db login details - /*$conf['db_host'] = $conf_bak['db_host']; - $conf['db_database'] = $conf_bak['db_database']; - $conf['db_user'] = $conf_bak['db_user']; - $conf['db_password'] = $conf_bak['db_password'];*/ - } $app->tpl->setVar('msg', $msg); diff --git a/interface/web/tools/import_vpopmail.php b/interface/web/tools/import_vpopmail.php index 3ef87710e5..a7ec457fb8 100644 --- a/interface/web/tools/import_vpopmail.php +++ b/interface/web/tools/import_vpopmail.php @@ -52,17 +52,17 @@ $app->tpl->setVar($wb); if(isset($_POST['db_hostname']) && $_POST['db_hostname'] != '') { - //* Set external Login details - $conf['imp_db_host'] = $_POST['db_hostname']; - $conf['imp_db_database'] = $_POST['db_name']; - $conf['imp_db_user'] = $_POST['db_user']; - $conf['imp_db_password'] = $_POST['db_password']; - $conf['imp_db_charset'] = 'utf8'; - $conf['imp_db_new_link'] = false; - $conf['imp_db_client_flags'] = 0; - - //* create new db object - $exdb = new db('imp'); + //* Set external db client flags + $db_client_flags = 0; + if(isset($_POST['db_ssl']) && $_POST['db_ssl'] == 1) $db_client_flags |= MYSQLI_CLIENT_SSL; + + //* create new db object with external login details + try { + $exdb = new db($_POST['db_hostname'], $_POST['db_user'], $_POST['db_password'], $_POST['db_name'], 3306, $db_client_flags); + } catch (Exception $e) { + $error .= "Error connecting to database" . ($e->getMessage() ? ": " . $e->getMessage() : '.') . "
\n"; + $exdb = false; + } if($exdb !== false) { $msg .= 'Databse connection succeeded
'; @@ -75,9 +75,6 @@ if(isset($_POST['db_hostname']) && $_POST['db_hostname'] != '') { } else { $msg .= 'The server with the ID $local_server_id is not a mail server.
'; } - - } else { - $msg .= 'Database connection failed
'; } } else { @@ -88,6 +85,7 @@ $app->tpl->setVar('db_hostname', $_POST['db_hostname'], true); $app->tpl->setVar('db_user', $_POST['db_user'], true); $app->tpl->setVar('db_password', $_POST['db_password'], true); $app->tpl->setVar('db_name', $_POST['db_name'], true); +$app->tpl->setVar('db_ssl', 'true', true); $app->tpl->setVar('local_server_id', $_POST['local_server_id'], true); $app->tpl->setVar('msg', $msg); $app->tpl->setVar('error', $error); diff --git a/interface/web/tools/templates/dns_import_tupa.htm b/interface/web/tools/templates/dns_import_tupa.htm index 2d37a6a041..cd47f431e0 100644 --- a/interface/web/tools/templates/dns_import_tupa.htm +++ b/interface/web/tools/templates/dns_import_tupa.htm @@ -4,22 +4,27 @@ PowerDNS Tupa import
- +
- +
- +
- +
- +
+ +
+ +
+

@@ -34,4 +39,4 @@
-
\ No newline at end of file + diff --git a/interface/web/tools/templates/import_vpopmail.htm b/interface/web/tools/templates/import_vpopmail.htm index 749ce74a41..7876875b98 100644 --- a/interface/web/tools/templates/import_vpopmail.htm +++ b/interface/web/tools/templates/import_vpopmail.htm @@ -8,26 +8,31 @@
{tmpl_var name="legend_txt"}
- +
- +
- +
- +
+
+
+ +
+ +
- +
-
diff --git a/server/lib/app.inc.php b/server/lib/app.inc.php index ce2a5484fc..86df2a86f6 100644 --- a/server/lib/app.inc.php +++ b/server/lib/app.inc.php @@ -43,7 +43,11 @@ class app { if($conf['start_db'] == true) { $this->load('db_'.$conf['db_type']); - $this->db = new db; + try { + $this->db = new db; + } catch (Exception $e) { + $this->db = false; + } /* Initialize the connection to the master DB, @@ -51,7 +55,11 @@ class app { */ if($conf['dbmaster_host'] != '' && ($conf['dbmaster_host'] != $conf['db_host'] || ($conf['dbmaster_host'] == $conf['db_host'] && $conf['dbmaster_database'] != $conf['db_database']))) { - $this->dbmaster = new db($conf['dbmaster_host'], $conf['dbmaster_user'], $conf['dbmaster_password'], $conf['dbmaster_database'], $conf['dbmaster_port'], $conf['dbmaster_client_flags']); + try { + $this->dbmaster = new db($conf['dbmaster_host'], $conf['dbmaster_user'], $conf['dbmaster_password'], $conf['dbmaster_database'], $conf['dbmaster_port'], $conf['dbmaster_client_flags']); + } catch (Exception $e) { + $this->dbmaster = false; + } } else { $this->dbmaster = $this->db; } diff --git a/server/lib/classes/db_mysql.inc.php b/server/lib/classes/db_mysql.inc.php index 6e9d7b8355..9e8169fbf5 100644 --- a/server/lib/classes/db_mysql.inc.php +++ b/server/lib/classes/db_mysql.inc.php @@ -64,8 +64,8 @@ class db private $record = array(); // last record fetched private $autoCommit = 1; // Autocommit Transactions private $currentRow; // current row number - public $errorNumber = 0; // last error number */ + public $errorNumber = 0; // last error number public $errorMessage = ''; // last error message /* private $errorLocation = '';// last error location @@ -94,18 +94,20 @@ class db if(!is_object($this->_iConnId)) { $this->_iConnId = mysqli_init(); } - mysqli_real_connect($this->_iConnId, $this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort, NULL, $this->dbClientFlags); + if(!mysqli_real_connect($this->_iConnId, $this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort, NULL, $this->dbClientFlags)) { + $this->_sqlerror('Database connection failed'); + } } if(!is_object($this->_iConnId) || mysqli_connect_errno()) { $this->_iConnId = null; - $this->_sqlerror('Zugriff auf Datenbankserver fehlgeschlagen! / Database server not accessible!', '', true); - return false; + $this->_sqlerror('Zugriff auf Datenbankserver fehlgeschlagen! / Database server not accessible!', '', true); // sets errorMessage + throw new Exception($this->errorMessage); } if(!((bool)mysqli_query( $this->_iConnId, 'USE `' . $this->dbName . '`'))) { $this->close(); - $this->_sqlerror('Datenbank nicht gefunden / Database not found', '', true); - return false; + $this->_sqlerror('Datenbank nicht gefunden / Database not found', '', true); // sets errorMessage + throw new Exception($this->errorMessage); } $this->_setCharset(); @@ -261,8 +263,11 @@ class db $try++; $ok = (is_object($this->_iConnId)) ? mysqli_ping($this->_iConnId) : false; if(!$ok) { - if(!mysqli_real_connect(mysqli_init(), $this->dbHost, $this->dbUser, $this->dbPass, $this->dbName, (int)$this->dbPort, NULL, $this->dbClientFlags)) { - if($this->errorNumber == '111') { + if(!is_object($this->_iConnId)) { + $this->_iConnId = mysqli_init(); + } + if(!mysqli_real_connect($this->_isConnId, $this->dbHost, $this->dbUser, $this->dbPass, $this->dbName, (int)$this->dbPort, NULL, $this->dbClientFlags)) { + if(mysqli_connect_errno() == '111') { // server is not available if($try > 9) { if(isset($app) && isset($app->forceErrorExit)) { @@ -531,8 +536,13 @@ class db private function _sqlerror($sErrormsg = 'Unbekannter Fehler', $sAddMsg = '', $bNoLog = false) { global $app, $conf; - $mysql_error = (is_object($this->_iConnId) ? mysqli_error($this->_iConnId) : mysqli_connect_error()); - $mysql_errno = (is_object($this->_iConnId) ? mysqli_errno($this->_iConnId) : mysqli_connect_errno()); + $mysql_errno = mysqli_connect_errno(); + $mysql_error = mysqli_connect_error(); + if ($mysql_errno === 0 && is_object($this->_iConnId)) { + $mysql_errno = mysqli_errno($this->_iConnId); + $mysql_error = mysqli_error($this->_iConnId); + } + $this->errorNumber = $mysql_error; $this->errorMessage = $mysql_error; //$sAddMsg .= getDebugBacktrace(); -- GitLab From a2ce9dc787cc016df9ff243dbe17ddbd608ca47e Mon Sep 17 00:00:00 2001 From: Jesse Norell Date: Tue, 14 Aug 2018 15:16:42 -0600 Subject: [PATCH 11/13] remove config variable name prefix --- interface/lib/classes/db_mysql.inc.php | 25 +++++++++++-------------- server/lib/classes/db_mysql.inc.php | 25 +++++++++++-------------- 2 files changed, 22 insertions(+), 28 deletions(-) diff --git a/interface/lib/classes/db_mysql.inc.php b/interface/lib/classes/db_mysql.inc.php index 9e8169fbf5..283695d7be 100644 --- a/interface/lib/classes/db_mysql.inc.php +++ b/interface/lib/classes/db_mysql.inc.php @@ -43,8 +43,6 @@ class db private $_iQueryId; private $_iConnId; - private $_Prefix = ''; // config variable name prefix - private $dbHost = ''; // hostname of the MySQL server private $dbPort = ''; // port of the MySQL server private $dbName = ''; // logical database name on that server @@ -74,18 +72,17 @@ class db */ // constructor - public function __construct($host = NULL , $user = NULL, $pass = NULL, $database = NULL, $port = NULL, $flags = NULL, $confPrefix = '') { + public function __construct($host = NULL , $user = NULL, $pass = NULL, $database = NULL, $port = NULL, $flags = NULL) { global $app, $conf; - if($confPrefix != '') $this->_Prefix = $confPrefix . '_'; - $this->dbHost = $host ? $host : $conf[$this->_Prefix.'db_host']; - $this->dbPort = $port ? $port : $conf[$this->_Prefix.'db_port']; - $this->dbName = $database ? $database : $conf[$this->_Prefix.'db_database']; - $this->dbUser = $user ? $user : $conf[$this->_Prefix.'db_user']; - $this->dbPass = $pass ? $pass : $conf[$this->_Prefix.'db_password']; - $this->dbCharset = $conf[$this->_Prefix.'db_charset']; - $this->dbNewLink = $conf[$this->_Prefix.'db_new_link']; - $this->dbClientFlags = $flags ? $flags : $conf[$this->_Prefix.'db_client_flags']; + $this->dbHost = $host ? $host : $conf['db_host']; + $this->dbPort = $port ? $port : $conf['db_port']; + $this->dbName = $database ? $database : $conf['db_database']; + $this->dbUser = $user ? $user : $conf['db_user']; + $this->dbPass = $pass ? $pass : $conf['db_password']; + $this->dbCharset = $conf['db_charset']; + $this->dbNewLink = $conf['db_new_link']; + $this->dbClientFlags = $flags ? $flags : $conf['db_client_flags']; $this->_iConnId = mysqli_init(); mysqli_real_connect($this->_iConnId, $this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort, NULL, $this->dbClientFlags); @@ -279,7 +276,7 @@ class db } if($try > 9) { - $this->_sqlerror('DB::_query -> reconnect', '', true); + $this->_sqlerror('db::_query -> reconnect', '', true); return false; } else { sleep(($try > 7 ? 5 : 1)); @@ -547,7 +544,7 @@ class db //$sAddMsg .= getDebugBacktrace(); - if($this->show_error_messages && $conf[$this->_Prefix.'demo_mode'] === false) { + if($this->show_error_messages && $conf['demo_mode'] === false) { echo $sErrormsg . $sAddMsg; } elseif(is_object($app) && method_exists($app, 'log') && $bNoLog == false) { $app->log($sErrormsg . $sAddMsg . ' -> ' . $mysql_errno . ' (' . $mysql_error . ')', LOGLEVEL_WARN, false); diff --git a/server/lib/classes/db_mysql.inc.php b/server/lib/classes/db_mysql.inc.php index 9e8169fbf5..283695d7be 100644 --- a/server/lib/classes/db_mysql.inc.php +++ b/server/lib/classes/db_mysql.inc.php @@ -43,8 +43,6 @@ class db private $_iQueryId; private $_iConnId; - private $_Prefix = ''; // config variable name prefix - private $dbHost = ''; // hostname of the MySQL server private $dbPort = ''; // port of the MySQL server private $dbName = ''; // logical database name on that server @@ -74,18 +72,17 @@ class db */ // constructor - public function __construct($host = NULL , $user = NULL, $pass = NULL, $database = NULL, $port = NULL, $flags = NULL, $confPrefix = '') { + public function __construct($host = NULL , $user = NULL, $pass = NULL, $database = NULL, $port = NULL, $flags = NULL) { global $app, $conf; - if($confPrefix != '') $this->_Prefix = $confPrefix . '_'; - $this->dbHost = $host ? $host : $conf[$this->_Prefix.'db_host']; - $this->dbPort = $port ? $port : $conf[$this->_Prefix.'db_port']; - $this->dbName = $database ? $database : $conf[$this->_Prefix.'db_database']; - $this->dbUser = $user ? $user : $conf[$this->_Prefix.'db_user']; - $this->dbPass = $pass ? $pass : $conf[$this->_Prefix.'db_password']; - $this->dbCharset = $conf[$this->_Prefix.'db_charset']; - $this->dbNewLink = $conf[$this->_Prefix.'db_new_link']; - $this->dbClientFlags = $flags ? $flags : $conf[$this->_Prefix.'db_client_flags']; + $this->dbHost = $host ? $host : $conf['db_host']; + $this->dbPort = $port ? $port : $conf['db_port']; + $this->dbName = $database ? $database : $conf['db_database']; + $this->dbUser = $user ? $user : $conf['db_user']; + $this->dbPass = $pass ? $pass : $conf['db_password']; + $this->dbCharset = $conf['db_charset']; + $this->dbNewLink = $conf['db_new_link']; + $this->dbClientFlags = $flags ? $flags : $conf['db_client_flags']; $this->_iConnId = mysqli_init(); mysqli_real_connect($this->_iConnId, $this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort, NULL, $this->dbClientFlags); @@ -279,7 +276,7 @@ class db } if($try > 9) { - $this->_sqlerror('DB::_query -> reconnect', '', true); + $this->_sqlerror('db::_query -> reconnect', '', true); return false; } else { sleep(($try > 7 ? 5 : 1)); @@ -547,7 +544,7 @@ class db //$sAddMsg .= getDebugBacktrace(); - if($this->show_error_messages && $conf[$this->_Prefix.'demo_mode'] === false) { + if($this->show_error_messages && $conf['demo_mode'] === false) { echo $sErrormsg . $sAddMsg; } elseif(is_object($app) && method_exists($app, 'log') && $bNoLog == false) { $app->log($sErrormsg . $sAddMsg . ' -> ' . $mysql_errno . ' (' . $mysql_error . ')', LOGLEVEL_WARN, false); -- GitLab From 8b1b6ecc408bf6e5bdb897f66fe430253df1ae16 Mon Sep 17 00:00:00 2001 From: Jesse Norell Date: Tue, 14 Aug 2018 15:19:00 -0600 Subject: [PATCH 12/13] remove old db_new_link option --- interface/lib/classes/db_mysql.inc.php | 2 -- server/lib/classes/db_mysql.inc.php | 2 -- 2 files changed, 4 deletions(-) diff --git a/interface/lib/classes/db_mysql.inc.php b/interface/lib/classes/db_mysql.inc.php index 283695d7be..6384882ecc 100644 --- a/interface/lib/classes/db_mysql.inc.php +++ b/interface/lib/classes/db_mysql.inc.php @@ -49,7 +49,6 @@ class db private $dbUser = ''; // database authorized user private $dbPass = ''; // user's password private $dbCharset = 'utf8';// Database charset - private $dbNewLink = false; // Return a new linkID when connect is called again private $dbClientFlags = 0; // MySQL Client falgs /**#@-*/ @@ -81,7 +80,6 @@ class db $this->dbUser = $user ? $user : $conf['db_user']; $this->dbPass = $pass ? $pass : $conf['db_password']; $this->dbCharset = $conf['db_charset']; - $this->dbNewLink = $conf['db_new_link']; $this->dbClientFlags = $flags ? $flags : $conf['db_client_flags']; $this->_iConnId = mysqli_init(); diff --git a/server/lib/classes/db_mysql.inc.php b/server/lib/classes/db_mysql.inc.php index 283695d7be..6384882ecc 100644 --- a/server/lib/classes/db_mysql.inc.php +++ b/server/lib/classes/db_mysql.inc.php @@ -49,7 +49,6 @@ class db private $dbUser = ''; // database authorized user private $dbPass = ''; // user's password private $dbCharset = 'utf8';// Database charset - private $dbNewLink = false; // Return a new linkID when connect is called again private $dbClientFlags = 0; // MySQL Client falgs /**#@-*/ @@ -81,7 +80,6 @@ class db $this->dbUser = $user ? $user : $conf['db_user']; $this->dbPass = $pass ? $pass : $conf['db_password']; $this->dbCharset = $conf['db_charset']; - $this->dbNewLink = $conf['db_new_link']; $this->dbClientFlags = $flags ? $flags : $conf['db_client_flags']; $this->_iConnId = mysqli_init(); -- GitLab From 0e8a6d59611b719f85094a92b1f696ec93fda845 Mon Sep 17 00:00:00 2001 From: Jesse Norell Date: Wed, 15 Aug 2018 17:17:53 -0600 Subject: [PATCH 13/13] fix db connection test for server.php --- interface/lib/classes/db_mysql.inc.php | 32 ++++++++++++++++++-------- server/lib/classes/db_mysql.inc.php | 32 ++++++++++++++++++-------- server/server.php | 6 ++--- 3 files changed, 47 insertions(+), 23 deletions(-) diff --git a/interface/lib/classes/db_mysql.inc.php b/interface/lib/classes/db_mysql.inc.php index 6384882ecc..b0ae61ef36 100644 --- a/interface/lib/classes/db_mysql.inc.php +++ b/interface/lib/classes/db_mysql.inc.php @@ -52,8 +52,7 @@ class db private $dbClientFlags = 0; // MySQL Client falgs /**#@-*/ - public $show_error_messages = false; // false in server, true in interface - + public $show_error_messages = false; // false in server, interface sets true when generating templates /* old things - unused now //// private $linkId = 0; // last result of mysqli_connect() @@ -80,7 +79,7 @@ class db $this->dbUser = $user ? $user : $conf['db_user']; $this->dbPass = $pass ? $pass : $conf['db_password']; $this->dbCharset = $conf['db_charset']; - $this->dbClientFlags = $flags ? $flags : $conf['db_client_flags']; + $this->dbClientFlags = ($flags !== NULL) ? $flags : $conf['db_client_flags']; $this->_iConnId = mysqli_init(); mysqli_real_connect($this->_iConnId, $this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort, NULL, $this->dbClientFlags); @@ -117,6 +116,18 @@ class db $this->_iConnId = null; } + /* + * Test mysql connection. + * + * @return boolean returns true if db connection is good. + */ + public function testConnection() { + if(mysqli_connect_errno()) { + return false; + } + return (boolean)(is_object($this->_iConnId) && mysqli_ping($this->_iConnId)); + } + /* This allows our private variables to be "read" out side of the class */ public function __get($var) { return isset($this->$var) ? $this->$var : NULL; @@ -435,13 +446,14 @@ class db * @return int id of last inserted row or 0 if none */ public function insert_id() { - $iRes = mysqli_query($this->_iConnId, 'SELECT LAST_INSERT_ID() as `newid`'); - if(!is_object($iRes)) return false; - - $aReturn = mysqli_fetch_assoc($iRes); - mysqli_free_result($iRes); - - return $aReturn['newid']; + $oResult = $this->query('SELECT LAST_INSERT_ID() as `newid`'); + if(!$oResult) { + $this->_sqlerror('Unable to select last_insert_id()'); + return false; + } + $aReturn = $oResult->get(); + $oResult->free(); + return isset($aReturn['newid']) ? $aReturn['newid'] : 0; } diff --git a/server/lib/classes/db_mysql.inc.php b/server/lib/classes/db_mysql.inc.php index 6384882ecc..b0ae61ef36 100644 --- a/server/lib/classes/db_mysql.inc.php +++ b/server/lib/classes/db_mysql.inc.php @@ -52,8 +52,7 @@ class db private $dbClientFlags = 0; // MySQL Client falgs /**#@-*/ - public $show_error_messages = false; // false in server, true in interface - + public $show_error_messages = false; // false in server, interface sets true when generating templates /* old things - unused now //// private $linkId = 0; // last result of mysqli_connect() @@ -80,7 +79,7 @@ class db $this->dbUser = $user ? $user : $conf['db_user']; $this->dbPass = $pass ? $pass : $conf['db_password']; $this->dbCharset = $conf['db_charset']; - $this->dbClientFlags = $flags ? $flags : $conf['db_client_flags']; + $this->dbClientFlags = ($flags !== NULL) ? $flags : $conf['db_client_flags']; $this->_iConnId = mysqli_init(); mysqli_real_connect($this->_iConnId, $this->dbHost, $this->dbUser, $this->dbPass, '', (int)$this->dbPort, NULL, $this->dbClientFlags); @@ -117,6 +116,18 @@ class db $this->_iConnId = null; } + /* + * Test mysql connection. + * + * @return boolean returns true if db connection is good. + */ + public function testConnection() { + if(mysqli_connect_errno()) { + return false; + } + return (boolean)(is_object($this->_iConnId) && mysqli_ping($this->_iConnId)); + } + /* This allows our private variables to be "read" out side of the class */ public function __get($var) { return isset($this->$var) ? $this->$var : NULL; @@ -435,13 +446,14 @@ class db * @return int id of last inserted row or 0 if none */ public function insert_id() { - $iRes = mysqli_query($this->_iConnId, 'SELECT LAST_INSERT_ID() as `newid`'); - if(!is_object($iRes)) return false; - - $aReturn = mysqli_fetch_assoc($iRes); - mysqli_free_result($iRes); - - return $aReturn['newid']; + $oResult = $this->query('SELECT LAST_INSERT_ID() as `newid`'); + if(!$oResult) { + $this->_sqlerror('Unable to select last_insert_id()'); + return false; + } + $aReturn = $oResult->get(); + $oResult->free(); + return isset($aReturn['newid']) ? $aReturn['newid'] : 0; } diff --git a/server/server.php b/server/server.php index 689cb17490..106d3edc65 100644 --- a/server/server.php +++ b/server/server.php @@ -61,7 +61,7 @@ $conf['server_id'] = intval($conf['server_id']); /* * Try to Load the server configuration from the master-db */ -if ($app->dbmaster->connect_error == NULL) { +if ($app->dbmaster->testConnection()) { $server_db_record = $app->dbmaster->queryOneRecord("SELECT * FROM server WHERE server_id = ?", $conf['server_id']); if(!is_array($server_db_record)) die('Unable to load the server configuration from database.'); @@ -152,7 +152,7 @@ $needStartCore = true; /* * Next we try to process the datalog */ -if ($app->db->connect_error == NULL && $app->dbmaster->connect_error == NULL) { +if ($app->db->testConnection() && $app->dbmaster->testConnection()) { // Check if there is anything to update if ($conf['mirror_server_id'] > 0) { @@ -187,7 +187,7 @@ if ($app->db->connect_error == NULL && $app->dbmaster->connect_error == NULL) { $needStartCore = false; } else { - if ($app->db->connect->connect_error == NULL) { + if (!$app->db->connect->testConnection()) { $app->log('Unable to connect to local server.' . $app->db->errorMessage, LOGLEVEL_WARN); } else { $app->log('Unable to connect to master server.' . $app->dbmaster->errorMessage, LOGLEVEL_WARN); -- GitLab