Skip to content
Snippets Groups Projects
Commit 9d983375 authored by Marius Cramer's avatar Marius Cramer
Browse files

- fixed some typos in sql queries

parent 07573272
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 15 additions and 15 deletions
interface/lib/classes/auth.inc.php
+ 1
1
View file @ 9d983375
...@@ -114,7 +114,7 @@ class auth { ...@@ -114,7 +114,7 @@ class auth {
$groupid = $app->functions->intval($groupid); $groupid = $app->functions->intval($groupid);
if($userid > 0 && $groupid > 0) { if($userid > 0 && $groupid > 0) {
$user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE userid = ", $userid); $user = $app->db->queryOneRecord("SELECT * FROM sys_user WHERE userid = ?", $userid);
$groups = explode(',', $user['groups']); $groups = explode(',', $user['groups']);
$key = array_search($groupid, $groups); $key = array_search($groupid, $groups);
unset($groups[$key]); unset($groups[$key]);
......
interface/lib/classes/custom_datasource.inc.php
+ 2
2
View file @ 9d983375
...@@ -47,7 +47,7 @@ class custom_datasource { ...@@ -47,7 +47,7 @@ class custom_datasource {
if($_SESSION["s"]["user"]["typ"] == 'user') { if($_SESSION["s"]["user"]["typ"] == 'user') {
// Get the limits of the client // Get the limits of the client
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]); $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT default_dnsserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ", $client_group_id); $client = $app->db->queryOneRecord("SELECT default_dnsserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
$sql = "SELECT server_id,server_name FROM server WHERE server_id = ?"; $sql = "SELECT server_id,server_name FROM server WHERE server_id = ?";
} else { } else {
$sql = "SELECT server_id,server_name FROM server WHERE dns_server = 1 ORDER BY server_name"; $sql = "SELECT server_id,server_name FROM server WHERE dns_server = 1 ORDER BY server_name";
...@@ -69,7 +69,7 @@ class custom_datasource { ...@@ -69,7 +69,7 @@ class custom_datasource {
if($_SESSION["s"]["user"]["typ"] == 'user') { if($_SESSION["s"]["user"]["typ"] == 'user') {
// Get the limits of the client // Get the limits of the client
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]); $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT default_slave_dnsserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ", $client_group_id); $client = $app->db->queryOneRecord("SELECT default_slave_dnsserver FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
$sql = "SELECT server_id,server_name FROM server WHERE server_id = ?"; $sql = "SELECT server_id,server_name FROM server WHERE server_id = ?";
} else { } else {
$sql = "SELECT server_id,server_name FROM server WHERE dns_server = 1 ORDER BY server_name"; $sql = "SELECT server_id,server_name FROM server WHERE dns_server = 1 ORDER BY server_name";
......
interface/lib/classes/remote.d/client.inc.php
+ 3
3
View file @ 9d983375
...@@ -400,10 +400,10 @@ class remoting_client extends remoting { ...@@ -400,10 +400,10 @@ class remoting_client extends remoting {
$app->auth->remove_group_from_user($parent_user['userid'], $client_group['groupid']); $app->auth->remove_group_from_user($parent_user['userid'], $client_group['groupid']);
//* delete the group of the client //* delete the group of the client
$app->db->query("DELETE FROM sys_group WHERE client_id = ", $client_id); $app->db->query("DELETE FROM sys_group WHERE client_id = ?", $client_id);
//* delete the sys user(s) of the client //* delete the sys user(s) of the client
$app->db->query("DELETE FROM sys_user WHERE client_id = ", $client_id); $app->db->query("DELETE FROM sys_user WHERE client_id = ?", $client_id);
//* Delete all records (sub-clients, mail, web, etc....) of this client. //* Delete all records (sub-clients, mail, web, etc....) of this client.
$tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_database_user,web_domain,web_traffic'; $tables = 'client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_database_user,web_domain,web_traffic';
...@@ -413,7 +413,7 @@ class remoting_client extends remoting { ...@@ -413,7 +413,7 @@ class remoting_client extends remoting {
if($client_group_id > 1) { if($client_group_id > 1) {
foreach($tables_array as $table) { foreach($tables_array as $table) {
if($table != '') { if($table != '') {
$records = $app->db->queryAllRecords("SELECT * FROM $table WHERE sys_groupid = ", $client_group_id); $records = $app->db->queryAllRecords("SELECT * FROM $table WHERE sys_groupid = ?", $client_group_id);
//* find the primary ID of the table //* find the primary ID of the table
$table_info = $app->db->tableInfo($table); $table_info = $app->db->tableInfo($table);
$index_field = ''; $index_field = '';
......
interface/web/client/client_del.php
+ 1
1
View file @ 9d983375
...@@ -74,7 +74,7 @@ class page_action extends tform_actions { ...@@ -74,7 +74,7 @@ class page_action extends tform_actions {
$this->dataRecord = $app->tform->getDataRecord($this->id); $this->dataRecord = $app->tform->getDataRecord($this->id);
$client_id = $app->functions->intval($this->dataRecord['client_id']); $client_id = $app->functions->intval($this->dataRecord['client_id']);
$client_group = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ", $client_id); $client_group = $app->db->queryOneRecord("SELECT groupid FROM sys_group WHERE client_id = ?", $client_id);
// Get all records (sub-clients, mail, web, etc....) of this client. // Get all records (sub-clients, mail, web, etc....) of this client.
$tables = 'cron,client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_database_user,web_domain'; $tables = 'cron,client,dns_rr,dns_soa,dns_slave,ftp_user,mail_access,mail_content_filter,mail_domain,mail_forwarding,mail_get,mail_user,mail_user_filter,shell_user,spamfilter_users,support_message,web_database,web_database_user,web_domain';
......
interface/web/client/domain_edit.php
+ 1
1
View file @ 9d983375
...@@ -97,7 +97,7 @@ class page_action extends tform_actions { ...@@ -97,7 +97,7 @@ class page_action extends tform_actions {
} else { } else {
// Get the limits of the client // Get the limits of the client
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]); $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT client.client_id, client.contact_name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname, sys_group.name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ", $client_group_id); $client = $app->db->queryOneRecord("SELECT client.client_id, client.contact_name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname, sys_group.name FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
// Fill the client select field // Fill the client select field
$sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ? ORDER BY client.company_name, client.contact_name, sys_group.name"; $sql = "SELECT sys_group.groupid, sys_group.name, CONCAT(IF(client.company_name != '', CONCAT(client.company_name, ' :: '), ''), client.contact_name, ' (', client.username, IF(client.customer_no != '', CONCAT(', ', client.customer_no), ''), ')') as contactname FROM sys_group, client WHERE sys_group.client_id = client.client_id AND client.parent_client_id = ? ORDER BY client.company_name, client.contact_name, sys_group.name";
......
interface/web/login/index.php
+ 2
2
View file @ 9d983375
...@@ -109,7 +109,7 @@ class login_index { ...@@ -109,7 +109,7 @@ class login_index {
$sql = "SELECT * FROM sys_user WHERE USERNAME = ? and PASSWORT = ?"; $sql = "SELECT * FROM sys_user WHERE USERNAME = ? and PASSWORT = ?";
$tmp = $app->db->queryOneRecord($sql, $username, $passwort); $tmp = $app->db->queryOneRecord($sql, $username, $passwort);
$client_group_id = $app->functions->intval($tmp['default_group']); $client_group_id = $app->functions->intval($tmp['default_group']);
$tmp_client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ", $client_group_id); $tmp_client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
if(!$tmp_client || $old_client["parent_client_id"] != $tmp_client["client_id"] || $tmp["default_group"] != $_SESSION["s_old"]["user"]["default_group"] ) { if(!$tmp_client || $old_client["parent_client_id"] != $tmp_client["client_id"] || $tmp["default_group"] != $_SESSION["s_old"]["user"]["default_group"] ) {
die("You don't have the right to 'login as' this user!"); die("You don't have the right to 'login as' this user!");
...@@ -125,7 +125,7 @@ class login_index { ...@@ -125,7 +125,7 @@ class login_index {
} elseif($_SESSION['s']['user']['typ'] != 'admin' && (!isset($_SESSION['s_old']['user']) || $_SESSION['s_old']['user']['typ'] != 'admin')) { } elseif($_SESSION['s']['user']['typ'] != 'admin' && (!isset($_SESSION['s_old']['user']) || $_SESSION['s_old']['user']['typ'] != 'admin')) {
/* a reseller wants to 'login as', we need to check if he is allowed to */ /* a reseller wants to 'login as', we need to check if he is allowed to */
$res_client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]); $res_client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$res_client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ", $res_client_group_id); $res_client = $app->db->queryOneRecord("SELECT client.client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $res_client_group_id);
/* this is the user the reseller wants to 'login as' */ /* this is the user the reseller wants to 'login as' */
$sql = "SELECT * FROM sys_user WHERE USERNAME = ? and PASSWORT = ?"; $sql = "SELECT * FROM sys_user WHERE USERNAME = ? and PASSWORT = ?";
......
interface/web/mail/xmpp_user_edit.php
+ 2
2
View file @ 9d983375
...@@ -112,12 +112,12 @@ class page_action extends tform_actions { ...@@ -112,12 +112,12 @@ class page_action extends tform_actions {
if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin if($_SESSION["s"]["user"]["typ"] != 'admin') { // if user is not admin
// Get the limits of the client // Get the limits of the client
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]); $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT limit_xmpp_user, parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ", $client_group_id); $client = $app->db->queryOneRecord("SELECT limit_xmpp_user, parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
// Check if the user may add another xmpp user. // Check if the user may add another xmpp user.
if($this->id == 0 && $client["limit_xmpp_user"] >= 0) { if($this->id == 0 && $client["limit_xmpp_user"] >= 0) {
$tmp = $app->db->queryOneRecord("SELECT count(xmppuser_id) as number FROM xmpp_user WHERE sys_groupid = ", $client_group_id); $tmp = $app->db->queryOneRecord("SELECT count(xmppuser_id) as number FROM xmpp_user WHERE sys_groupid = ?", $client_group_id);
if($tmp["number"] >= $client["limit_xmpp_user"]) { if($tmp["number"] >= $client["limit_xmpp_user"]) {
$app->tform->errorMessage .= $app->tform->lng("limit_xmpp_user_txt")."<br>"; $app->tform->errorMessage .= $app->tform->lng("limit_xmpp_user_txt")."<br>";
} }
......
interface/web/sites/cron_edit.php
+ 2
2
View file @ 9d983375
...@@ -87,7 +87,7 @@ class page_action extends tform_actions { ...@@ -87,7 +87,7 @@ class page_action extends tform_actions {
if($_SESSION["s"]["user"]["typ"] != 'admin') { if($_SESSION["s"]["user"]["typ"] != 'admin') {
// Get the limits of the client // Get the limits of the client
$client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]); $client_group_id = $app->functions->intval($_SESSION["s"]["user"]["default_group"]);
$client = $app->db->queryOneRecord("SELECT limit_cron, limit_cron_type FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ", $client_group_id); $client = $app->db->queryOneRecord("SELECT limit_cron, limit_cron_type FROM sys_group, client WHERE sys_group.client_id = client.client_id and sys_group.groupid = ?", $client_group_id);
// When the record is updated // When the record is updated
if($this->id > 0) { if($this->id > 0) {
...@@ -95,7 +95,7 @@ class page_action extends tform_actions { ...@@ -95,7 +95,7 @@ class page_action extends tform_actions {
} else { } else {
// Check if the user may add another cron job. // Check if the user may add another cron job.
if($client["limit_cron"] >= 0) { if($client["limit_cron"] >= 0) {
$tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM cron WHERE sys_groupid = ", $client_group_id); $tmp = $app->db->queryOneRecord("SELECT count(id) as number FROM cron WHERE sys_groupid = ?", $client_group_id);
if($tmp["number"] >= $client["limit_cron"]) { if($tmp["number"] >= $client["limit_cron"]) {
$app->error($app->tform->wordbook["limit_cron_txt"]); $app->error($app->tform->wordbook["limit_cron_txt"]);
} }
......
interface/web/sites/database_edit.php
+ 1
1
View file @ 9d983375
...@@ -174,7 +174,7 @@ class page_action extends tform_actions { ...@@ -174,7 +174,7 @@ class page_action extends tform_actions {
if($_SESSION["s"]["user"]["typ"] != 'admin') { if($_SESSION["s"]["user"]["typ"] != 'admin') {
// Get the limits of the client // Get the limits of the client
$client_group_id = $_SESSION["s"]["user"]["default_group"]; $client_group_id = $_SESSION["s"]["user"]["default_group"];
$client = $app->db->queryOneRecord("SELECT db_servers, limit_database, limit_database_quota, parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id AND sys_group.groupid = ", $client_group_id); $client = $app->db->queryOneRecord("SELECT db_servers, limit_database, limit_database_quota, parent_client_id FROM sys_group, client WHERE sys_group.client_id = client.client_id AND sys_group.groupid = ?", $client_group_id);
// When the record is updated // When the record is updated
if($this->id > 0) { if($this->id > 0) {
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment