From 1d8f7f155aadf209eaa4e0ca0805b428b9887b6a Mon Sep 17 00:00:00 2001 From: nveid Date: Fri, 16 Dec 2011 07:56:46 +0000 Subject: [PATCH] Fixes to allow the serverside to work correctly with mysqli, updating the datalog, and make changes to mysql users in the mysql plugin module. Refs: 1722 --- server/lib/app.inc.php | 4 +- server/lib/classes/db_mysql.inc.php | 30 +++++---- .../mysql_clientdb_plugin.inc.php | 65 ++++++++++--------- server/server.php | 6 +- 4 files changed, 57 insertions(+), 48 deletions(-) diff --git a/server/lib/app.inc.php b/server/lib/app.inc.php index 270ed4b93..e6ee0741c 100755 --- a/server/lib/app.inc.php +++ b/server/lib/app.inc.php @@ -33,7 +33,7 @@ class app { var $loaded_modules = array(); var $loaded_plugins = array(); - function app() { + function __construct() { global $conf; @@ -47,7 +47,7 @@ class app { */ if($conf['dbmaster_host'] != '' && $conf['dbmaster_host'] != $conf['db_host']) { - $this->dbmaster = new db; + $this->dbmaster = new db($conf['dbmaster_host'], $conf['dbmaster_user'], $conf['dbmaster_password'], $conf['dbmaster_database']); } else { $this->dbmaster = $this->db; } diff --git a/server/lib/classes/db_mysql.inc.php b/server/lib/classes/db_mysql.inc.php index 27a62bd27..b9c3108f7 100644 --- a/server/lib/classes/db_mysql.inc.php +++ b/server/lib/classes/db_mysql.inc.php @@ -30,7 +30,7 @@ class db extends mysqli { - private $dbHost = ''; // hostname of the MySQL server + protected $dbHost = ''; // hostname of the MySQL server private $dbName = ''; // logical database name on that server private $dbUser = ''; // database authorized user private $dbPass = ''; // user's password @@ -48,29 +48,34 @@ class db extends mysqli public $show_error_messages = false; // false in server, true in interface // constructor - public function __construct() { - global $conf; - $this->dbHost = $conf['db_host']; - $this->dbName = $conf['db_database']; - $this->dbUser = $conf['db_user']; - $this->dbPass = $conf['db_password']; + public function __construct($host = NULL , $user = NULL, $pass = NULL, $database = NULL) { + global $app, $conf; + + $this->dbHost = $host ? $host : $conf['db_host']; + $this->dbName = $database ? $database : $conf['db_database']; + $this->dbUser = $user ? $user : $conf['db_user']; + $this->dbPass = $pass ? $pass : $conf['db_password']; $this->dbCharset = $conf['db_charset']; $this->dbNewLink = $conf['db_new_link']; $this->dbClientFlags = $conf['db_client_flags']; - parent::__construct($conf['db_host'], $conf['db_user'],$conf['db_password'],$conf['db_database']); + + parent::__construct($this->dbHost, $this->dbUser, $this->dbPass,$this->dbName); if ($this->connect_error) { $this->updateError('DB::__construct'); - return false; } parent::query( 'SET NAMES '.$this->dbCharset); parent::query( "SET character_set_results = '".$this->dbCharset."', character_set_client = '".$this->dbCharset."', character_set_connection = '".$this->dbCharset."', character_set_database = '".$this->dbCharset."', character_set_server = '".$this->dbCharset."'"); - } public function __destruct() { $this->close(); // helps avoid memory leaks, and persitent connections that don't go away. } + /* This allows our private variables to be "read" out side of the class */ + public function __get($var) { + return isset($this->$var) ? $this->$var : NULL; + } + // error handler public function updateError($location) { global $app; @@ -89,8 +94,11 @@ class db extends mysqli // This right here will allow us to use the samefile for server & interface if($this->show_error_messages) { echo $error_msg; - } else if(method_exists($app, 'log')) { + } else if(is_object($app) && method_exists($app, 'log')) { $app->log($error_msg, LOGLEVEL_WARN); + } else { + /* This could be called before $app is ever declared.. In that case we should just spit out to error_log() */ + error_log($error_msg); } } } diff --git a/server/plugins-available/mysql_clientdb_plugin.inc.php b/server/plugins-available/mysql_clientdb_plugin.inc.php index 65c87d7fb..16ff81b16 100644 --- a/server/plugins-available/mysql_clientdb_plugin.inc.php +++ b/server/plugins-available/mysql_clientdb_plugin.inc.php @@ -100,15 +100,15 @@ class mysql_clientdb_plugin { if($valid == false) continue; if($action == 'GRANT') { - if(!mysql_query("GRANT ALL ON ".mysql_real_escape_string($database_name,$link).".* TO '".mysql_real_escape_string($database_user,$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($database_password,$link)."';",$link)) $success = false; + if(!$link->query("GRANT ALL ON ".$link->escape_string($database_name).".* TO '".$link->escape_string($database_user)."'@'$db_host' IDENTIFIED BY '".$link->escape_string($database_password)."';")) $success = false; } elseif($action == 'REVOKE') { //mysql_query("REVOKE ALL PRIVILEGES ON ".mysql_real_escape_string($database_name,$link).".* FROM '".mysql_real_escape_string($database_user,$link)."';",$link); } elseif($action == 'DROP') { - if(!mysql_query("DROP USER '".mysql_real_escape_string($database_user,$link)."'@'$db_host';",$link)) $success = false; + if(!$link->query("DROP USER '".$link->escape_string($database_user)."'@'$db_host';")) $success = false; } elseif($action == 'RENAME') { - if(!mysql_query("RENAME USER '".mysql_real_escape_string($database_user,$link)."'@'$db_host' TO '".mysql_real_escape_string($database_rename_user,$link)."'@'$db_host'",$link)) $success = false; + if(!$link->query("RENAME USER '".$link->escape_string($database_user)."'@'$db_host' TO '".$link->escape_string($database_rename_user)."'@'$db_host'")) $success = false; } elseif($action == 'PASSWORD') { - if(!mysql_query("SET PASSWORD FOR '".mysql_real_escape_string($database_user,$link)."'@'$db_host' = PASSWORD('".mysql_real_escape_string($database_password,$link)."');",$link)) $success = false; + if(!$link->query("SET PASSWORD FOR '".$link->escape_string($database_user)."'@'$db_host' = PASSWORD('".$link->escape_string($database_password)."');")) $success = false; } } @@ -130,9 +130,9 @@ class mysql_clientdb_plugin { } //* Connect to the database - $link = mysql_connect($clientdb_host, $clientdb_user, $clientdb_password); - if (!$link) { - $app->log('Unable to connect to the database'.mysql_error($link),LOGLEVEL_ERROR); + $link = new mysqli($clientdb_host, $clientdb_user, $clientdb_password); + if (!$link->connect_error) { + $app->log('Unable to connect to mysql'.$link->connect_error,LOGLEVEL_ERROR); return; } @@ -144,10 +144,10 @@ class mysql_clientdb_plugin { } //* Create the new database - if (mysql_query('CREATE DATABASE '.mysql_real_escape_string($data['new']['database_name']).$query_charset_table,$link)) { + if ($link->query('CREATE DATABASE '.$link->escape_string($data['new']['database_name']).$query_charset_table)) { $app->log('Created MySQL database: '.$data['new']['database_name'],LOGLEVEL_DEBUG); } else { - $app->log('Unable to create the database: '.mysql_error($link),LOGLEVEL_WARNING); + $app->log('Unable to create the database: '.$link->error,LOGLEVEL_WARNING); } // Create the database user if database is active @@ -158,13 +158,13 @@ class mysql_clientdb_plugin { } $db_host = 'localhost'; - mysql_query("GRANT ALL ON `".str_replace(array('_','%'),array('\\_','\\%'),mysql_real_escape_string($data['new']['database_name'],$link))."`.* TO '".mysql_real_escape_string($data['new']['database_user'],$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data['new']['database_password'],$link)."';",$link); + $link->query("GRANT ALL ON `".str_replace(array('_','%'),array('\\_','\\%'),$link->escape_string($data['new']['database_name']))."`.* TO '".$link->escape_string($data['new']['database_user'])."'@'$db_host' IDENTIFIED BY '".$link->escape_string($data['new']['database_password'])."';"); } - mysql_query('FLUSH PRIVILEGES;',$link); - mysql_close($link); + $link->query('FLUSH PRIVILEGES;'); + $link->close(); } } @@ -183,9 +183,9 @@ class mysql_clientdb_plugin { } //* Connect to the database - $link = mysql_connect($clientdb_host, $clientdb_user, $clientdb_password); + $link = new mysqli($clientdb_host, $clientdb_user, $clientdb_password); if (!$link) { - $app->log('Unable to connect to the database: '.mysql_error($link),LOGLEVEL_ERROR); + $app->log('Unable to connect to the database: '.$link->connect_error,LOGLEVEL_ERROR); return; } @@ -193,11 +193,11 @@ class mysql_clientdb_plugin { if($data['new']['active'] == 'y' && $data['old']['active'] == 'n') { if($data['new']['remote_access'] == 'y') { - $this->process_host_list('GRANT', $data['new']['database_name'], $data['new']['database_user'], $data['new']['database_password'], $data['new']['remote_ips'], $link); + $this->process_host_list('GRANT', $data['new']['database_name'], $data['new']['database_user'], $data['new']['database_password'], $data['new']['remote_ips'], $link); } $db_host = 'localhost'; - mysql_query("GRANT ALL ON `".str_replace(array('_','%'),array('\\_','\\%'),mysql_real_escape_string($data['new']['database_name'],$link))."`.* TO '".mysql_real_escape_string($data['new']['database_user'],$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data['new']['database_password'],$link)."';",$link); + $link->query("GRANT ALL ON `".str_replace(array('_','%'),array('\\_','\\%'),$link->escape_string($data['new']['database_name']))."`.* TO '".$link->escape_string($data['new']['database_user'])."'@'$db_host' IDENTIFIED BY '".$link->escape_string($data['new']['database_password'])."';"); // mysql_query("GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* TO '".mysql_real_escape_string($data["new"]["database_user"],$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"],$link)."';",$link); //echo "GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"]).".* TO '".mysql_real_escape_string($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"])."';"; @@ -211,16 +211,14 @@ class mysql_clientdb_plugin { } $db_host = 'localhost'; - mysql_query("DROP USER '".mysql_real_escape_string($data['old']['database_user'],$link)."'@'$db_host';",$link); - - + $link->query("DROP USER '".$link->escape_string($data['old']['database_user'])."'@'$db_host';"); //mysql_query("REVOKE ALL PRIVILEGES ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* FROM '".mysql_real_escape_string($data["new"]["database_user"],$link)."';",$link); } //* Rename User if($data['new']['database_user'] != $data['old']['database_user']) { $db_host = 'localhost'; - mysql_query("RENAME USER '".mysql_real_escape_string($data['old']['database_user'],$link)."'@'$db_host' TO '".mysql_real_escape_string($data['new']['database_user'],$link)."'@'$db_host'",$link); + $link->query("RENAME USER '".$link->escape_string($data['old']['database_user'])."'@'$db_host' TO '".$link->escape_string($data['new']['database_user'])."'@'$db_host'"); if($data['old']['remote_access'] == 'y') { $this->process_host_list('RENAME', '', $data['old']['database_user'], '', $data['new']['remote_ips'], $link, $data['new']['database_user']); } @@ -249,16 +247,19 @@ class mysql_clientdb_plugin { //* Change password if($data['new']['database_password'] != $data['old']['database_password']) { $db_host = 'localhost'; - mysql_query("SET PASSWORD FOR '".mysql_real_escape_string($data['new']['database_user'],$link)."'@'$db_host' = PASSWORD('".mysql_real_escape_string($data['new']['database_password'],$link)."');",$link); + $link->query("SET PASSWORD FOR '".$link->escape_string($data['new']['database_user'])."'@'$db_host' = PASSWORD('".$link->escape_string($data['new']['database_password'])."');"); + if($link->error) { + error_log($link->error); + } if($data['new']['remote_access'] == 'y') { - $this->process_host_list('PASSWORD', '', $data['new']['database_user'], $data['new']['database_password'], $data['new']['remote_ips'], $link); + $this->process_host_list('PASSWORD', '', $data['new']['database_user'], $data['new']['database_password'], $data['new']['remote_ips']); } $app->log('Changing MySQL user password for: '.$data['new']['database_user'],LOGLEVEL_DEBUG); } - mysql_query('FLUSH PRIVILEGES;',$link); - mysql_close($link); + $link->query('FLUSH PRIVILEGES;'); + $link->close(); } } @@ -273,9 +274,9 @@ class mysql_clientdb_plugin { } //* Connect to the database - $link = mysql_connect($clientdb_host, $clientdb_user, $clientdb_password); - if (!$link) { - $app->log('Unable to connect to the database: '.mysql_error($link),LOGLEVEL_ERROR); + $link = new mysqli($clientdb_host, $clientdb_user, $clientdb_password); + if ($link->connect_error) { + $app->log('Unable to connect to mysql: '.$link->connect_error,LOGLEVEL_ERROR); return; } @@ -284,24 +285,24 @@ class mysql_clientdb_plugin { if($this->process_host_list('DROP', '', $data['old']['database_user'], '', $data['old']['remote_ips'], $link)) { $app->log('Dropping MySQL user: '.$data['old']['database_user'],LOGLEVEL_DEBUG); } else { - $app->log('Error while dropping MySQL user: '.$data['old']['database_user'].' '.mysql_error($link),LOGLEVEL_WARNING); + $app->log('Error while dropping MySQL user: '.$data['old']['database_user'].' '.$link->error,LOGLEVEL_WARNING); } } $db_host = 'localhost'; - if(mysql_query("DROP USER '".mysql_real_escape_string($data['old']['database_user'],$link)."'@'$db_host';",$link)) { + if($link->query("DROP USER '".$link->escape_string($data['old']['database_user'])."'@'$db_host';")) { $app->log('Dropping MySQL user: '.$data['old']['database_user'],LOGLEVEL_DEBUG); } else { $app->log('Error while dropping MySQL user: '.$data['old']['database_user'].' '.mysql_error($link),LOGLEVEL_WARNING); } - if(mysql_query('DROP DATABASE '.mysql_real_escape_string($data['old']['database_name'],$link),$link)) { + if($link->query('DROP DATABASE '.$link->escape_string($data['old']['database_name']))) { $app->log('Dropping MySQL database: '.$data['old']['database_name'],LOGLEVEL_DEBUG); } else { $app->log('Error while dropping MySQL database: '.$data['old']['database_name'].' '.mysql_error($link),LOGLEVEL_WARNING); } - mysql_query('FLUSH PRIVILEGES;',$link); - mysql_close($link); + $link->query('FLUSH PRIVILEGES;'); + $link->close(); } diff --git a/server/server.php b/server/server.php index 5e27cb525..869a621f5 100644 --- a/server/server.php +++ b/server/server.php @@ -40,7 +40,7 @@ $conf['server_id'] = intval($conf['server_id']); /* * Try to Load the server configuration from the master-db */ -if ($app->dbmaster->connect()) { +if ($app->dbmaster->connect_error == NULL) { $server_db_record = $app->dbmaster->queryOneRecord("SELECT * FROM server WHERE server_id = " . $conf['server_id']); $conf['last_datalog_id'] = (int) $server_db_record['updated']; @@ -133,7 +133,7 @@ $needStartCore = true; /* * Next we try to process the datalog */ -if ($app->db->connect() && $app->dbmaster->connect()) { +if ($app->db->connect_error == NULL && $app->dbmaster->connect_error == NULL) { // Check if there is anything to update if ($conf['mirror_server_id'] > 0) { @@ -166,7 +166,7 @@ if ($app->db->connect() && $app->dbmaster->connect()) { $needStartCore = false; } } else { - if (!$app->db->connect()) { + if ($app->db->connect->connect_error == NULL) { $app->log('Unable to connect to local server.' . $app->db->errorMessage, LOGLEVEL_WARN); } else { $app->log('Unable to connect to master server.' . $app->dbmaster->errorMessage, LOGLEVEL_WARN); -- GitLab