From 3a11d23a2f32a1b9b2ec43429917c000017c5eff Mon Sep 17 00:00:00 2001 From: Marius Cramer Date: Wed, 15 Apr 2015 11:18:57 +0200 Subject: [PATCH] - changed code to use new method of passing values to datalogUpdate and datalogInsert --- interface/lib/classes/aps_crawler.inc.php | 18 +++-- .../lib/classes/aps_guicontroller.inc.php | 27 +++++-- interface/lib/classes/db_mysql.inc.php | 17 +++-- interface/lib/classes/remote.d/dns.inc.php | 72 +++++++++++++------ interface/lib/classes/remote.d/sites.inc.php | 4 +- interface/lib/classes/remoting_lib.inc.php | 11 +-- interface/lib/classes/tform_base.inc.php | 1 + .../plugins/mail_mail_domain_plugin.inc.php | 17 +++-- .../sites_web_vhost_domain_plugin.inc.php | 33 ++++----- .../lib/plugins/vm_openvz_plugin.inc.php | 23 ++++-- .../web/admin/software_package_install.php | 11 ++- interface/web/admin/software_package_list.php | 12 ++-- interface/web/admin/software_update_list.php | 10 ++- interface/web/admin/users_edit.php | 2 +- interface/web/client/client_edit.php | 4 +- interface/web/client/reseller_edit.php | 2 +- interface/web/dashboard/ajax_get_json.php | 2 +- interface/web/dns/dns_a_edit.php | 6 +- interface/web/dns/dns_aaaa_edit.php | 6 +- interface/web/dns/dns_alias_edit.php | 6 +- interface/web/dns/dns_cname_edit.php | 6 +- interface/web/dns/dns_dkim_edit.php | 6 +- interface/web/dns/dns_dmarc_edit.php | 6 +- interface/web/dns/dns_hinfo_edit.php | 6 +- interface/web/dns/dns_import.php | 58 +++++++++++---- interface/web/dns/dns_mx_edit.php | 6 +- interface/web/dns/dns_ns_edit.php | 6 +- interface/web/dns/dns_ptr_edit.php | 6 +- interface/web/dns/dns_rp_edit.php | 6 +- interface/web/dns/dns_rr_del.php | 2 +- interface/web/dns/dns_spf_edit.php | 6 +- interface/web/dns/dns_srv_edit.php | 6 +- interface/web/dns/dns_txt_edit.php | 6 +- interface/web/dns/dns_wizard.php | 72 +++++++++++++------ interface/web/mail/mail_aliasdomain_edit.php | 4 +- interface/web/mail/mail_domain_edit.php | 53 +++++++++----- interface/web/mail/mail_user_edit.php | 42 ++++++++--- interface/web/mail/xmpp_domain_edit.php | 2 +- .../mailuser/mail_user_spamfilter_edit.php | 17 ++++- interface/web/sites/database_user_del.php | 4 +- interface/web/tools/dns_import_tupa.php | 62 +++++++++++----- interface/web/tools/import_vpopmail.php | 64 +++++++++++++++-- interface/web/tools/resync.php | 4 +- .../classes/cron.d/300-quota_notify.inc.php | 18 ++--- server/lib/classes/cron.d/400-openvz.inc.php | 2 +- server/lib/classes/cron.d/600-cleanup.inc.php | 2 +- server/lib/classes/db_mysql.inc.php | 16 +++-- 47 files changed, 527 insertions(+), 245 deletions(-) diff --git a/interface/lib/classes/aps_crawler.inc.php b/interface/lib/classes/aps_crawler.inc.php index 5349be0b1..9331e4298 100644 --- a/interface/lib/classes/aps_crawler.inc.php +++ b/interface/lib/classes/aps_crawler.inc.php @@ -357,7 +357,7 @@ class ApsCrawler extends ApsBase if(file_exists($old_folder)) $this->removeDirectory($old_folder); $tmp = $app->db->queryOneRecord("SELECT id FROM aps_packages WHERE name = ? AND CONCAT(version, '-', CAST(`release` AS CHAR)) = ?", $app_name, $ex_ver); - $app->db->datalogUpdate('aps_packages', "package_status = ".PACKAGE_OUTDATED, 'id', $tmp['id']); + $app->db->datalogUpdate('aps_packages', array("package_status" => PACKAGE_OUTDATED), 'id', $tmp['id']); unset($tmp); } @@ -537,7 +537,7 @@ class ApsCrawler extends ApsBase $diff = array_diff($existing_packages, $pkg_list); foreach($diff as $todelete) { $tmp = $app->db->queryOneRecord("SELECT id FROM aps_packages WHERE path = ?", $todelete); - $app->db->datalogUpdate('aps_packages', "package_status = ".PACKAGE_ERROR_NOMETA, 'id', $tmp['id']); + $app->db->datalogUpdate('aps_packages', array("package_status" => PACKAGE_ERROR_NOMETA), 'id', $tmp['id']); unset($tmp); } @@ -569,11 +569,15 @@ class ApsCrawler extends ApsBase // Insert only if data is complete if($pkg != '' && $pkg_name != '' && $pkg_category != '' && $pkg_version != '' && $pkg_release != '' && $pkg_url){ - $insert_data = "(`path`, `name`, `category`, `version`, `release`, `package_url`, `package_status`) VALUES - ('".$app->db->quote($pkg)."', '".$app->db->quote($pkg_name)."', - '".$app->db->quote($pkg_category)."', '".$app->db->quote($pkg_version)."', - ".$app->db->quote($pkg_release).", '".$app->db->quote($pkg_url)."', ".PACKAGE_ENABLED.");"; - + $insert_data = array( + "path" => $pkg, + "name" => $pkg_name, + "category" => $pkg_category, + "version" => $pkg_version, + "release" => $pkg_release, + "package_url" => $pkg_url, + "package_status" => PACKAGE_ENABLED + ); $app->db->datalogInsert('aps_packages', $insert_data, 'id'); } else { if(file_exists($this->interface_pkg_dir.'/'.$pkg)) $this->removeDirectory($this->interface_pkg_dir.'/'.$pkg); diff --git a/interface/lib/classes/aps_guicontroller.inc.php b/interface/lib/classes/aps_guicontroller.inc.php index 84da2e0a3..db1c1487f 100644 --- a/interface/lib/classes/aps_guicontroller.inc.php +++ b/interface/lib/classes/aps_guicontroller.inc.php @@ -356,12 +356,12 @@ class ApsGUIController extends ApsBase //* Set PHP mode to php-fcgi and enable suexec in website on apache servers / set PHP mode to PHP-FPM on nginx servers if($web_config['server_type'] == 'apache') { if(($websrv['php'] != 'fast-cgi' || $websrv['suexec'] != 'y') && $websrv['php'] != 'php-fpm') { - $app->db->datalogUpdate('web_domain', "php = 'fast-cgi', suexec = 'y'", 'domain_id', $websrv['domain_id']); + $app->db->datalogUpdate('web_domain', array("php" => 'fast-cgi', "suexec" => 'y'), 'domain_id', $websrv['domain_id']); } } else { // nginx if($websrv['php'] != 'php-fpm' && $websrv['php'] != 'fast-cgi') { - $app->db->datalogUpdate('web_domain', "php = 'php-fpm'", 'domain_id', $websrv['domain_id']); + $app->db->datalogUpdate('web_domain', array("php" => 'php-fpm'), 'domain_id', $websrv['domain_id']); } } @@ -378,19 +378,34 @@ class ApsGUIController extends ApsBase } //* Insert new package instance - $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `customer_id`, `package_id`, `instance_status`) VALUES (".$app->functions->intval($websrv['sys_userid']).", ".$app->functions->intval($websrv['sys_groupid']).", 'riud', '".$app->db->quote($websrv['sys_perm_group'])."', '', ".$app->db->quote($webserver_id).",".$app->db->quote($customerid).", ".$app->db->quote($packageid).", ".INSTANCE_PENDING.")"; + $insert_data = array( + "sys_userid" => $websrv['sys_userid'], + "sys_groupid" => $websrv['sys_groupid'], + "sys_perm_user" => 'riud', + "sys_perm_group" => $websrv['sys_perm_group'], + "sys_perm_other" => '', + "server_id" => $webserver_id, + "customer_id" => $customerid, + "package_id" => $packageid, + "instance_status" => INSTANCE_PENDING + ); $InstanceID = $app->db->datalogInsert('aps_instances', $insert_data, 'id'); //* Insert all package settings if(is_array($settings)) { foreach($settings as $key => $value) { - $insert_data = "(server_id, instance_id, name, value) VALUES (".$app->db->quote($webserver_id).",".$app->db->quote($InstanceID).", '".$app->db->quote($key)."', '".$app->db->quote($value)."')"; + $insert_data = array( + "server_id" => $webserver_id, + "instance_id" => $InstanceID, + "name" => $key, + "value" => $value + ); $app->db->datalogInsert('aps_instances_settings', $insert_data, 'id'); } } //* Set package status to install afetr we inserted the settings - $app->db->datalogUpdate('aps_instances', "instance_status = ".INSTANCE_INSTALL, 'id', $InstanceID); + $app->db->datalogUpdate('aps_instances', array("instance_status" => INSTANCE_INSTALL), 'id', $InstanceID); } /** @@ -413,7 +428,7 @@ class ApsGUIController extends ApsBase if($tmp['cnt'] < 1) $app->db->datalogDelete('web_database_user', 'database_user_id', $database_user); } - $app->db->datalogUpdate('aps_instances', "instance_status = ".INSTANCE_REMOVE, 'id', $instanceid); + $app->db->datalogUpdate('aps_instances', array("instance_status" => INSTANCE_REMOVE), 'id', $instanceid); } diff --git a/interface/lib/classes/db_mysql.inc.php b/interface/lib/classes/db_mysql.inc.php index d3ca38314..4d8068cca 100644 --- a/interface/lib/classes/db_mysql.inc.php +++ b/interface/lib/classes/db_mysql.inc.php @@ -137,13 +137,17 @@ class db extends mysqli } else { if(is_int($sValue) || is_float($sValue)) { $sTxt = $sValue; - } elseif(is_string($sValue) && (strcmp($sValue, '#NULL#') == 0)) { + } elseif(is_null($sValue) || (is_string($sValue) && (strcmp($sValue, '#NULL#') == 0))) { $sTxt = 'NULL'; } elseif(is_array($sValue)) { - $sTxt = ''; - foreach($sValue as $sVal) $sTxt .= ',\'' . $this->escape($sVal) . '\''; - $sTxt = '(' . substr($sTxt, 1) . ')'; - if($sTxt == '()') $sTxt = '(0)'; + if(isset($sValue['SQL'])) { + $sTxt = $sValue['SQL']; + } else { + $sTxt = ''; + foreach($sValue as $sVal) $sTxt .= ',\'' . $this->escape($sVal) . '\''; + $sTxt = '(' . substr($sTxt, 1) . ')'; + if($sTxt == '()') $sTxt = '(0)'; + } } else { $sTxt = '\'' . $this->escape($sValue) . '\''; } @@ -578,7 +582,6 @@ class db extends mysqli if(!preg_match('/^[a-zA-Z0-9\-\_\.]{1,64}$/',$db_table)) $app->error('Invalid table name '.$db_table); if(!preg_match('/^[a-zA-Z0-9\-\_]{1,64}$/',$primary_field)) $app->error('Invalid primary field '.$primary_field.' in table '.$db_table); - $primary_field = $this->quote($primary_field); $primary_id = intval($primary_id); if($force_update == true) { @@ -643,6 +646,7 @@ class db extends mysqli /* TODO: deprecate this method! */ $insert_data_str = $insert_data; $this->query("INSERT INTO ?? $insert_data_str", $tablename); + $app->log("deprecated use of passing values to datalogInsert() - table " . $tablename, 1); } $old_rec = array(); @@ -679,6 +683,7 @@ class db extends mysqli /* TODO: deprecate this method! */ $update_data_str = $update_data; $this->query("UPDATE ?? SET $update_data_str WHERE ?? = ?", $tablename, $index_field, $index_value); + $app->log("deprecated use of passing values to datalogUpdate() - table " . $tablename, 1); } $new_rec = $this->queryOneRecord("SELECT * FROM ?? WHERE ?? = ?", $tablename, $index_field, $index_value); diff --git a/interface/lib/classes/remote.d/dns.inc.php b/interface/lib/classes/remote.d/dns.inc.php index f107c1676..57f7040e2 100644 --- a/interface/lib/classes/remote.d/dns.inc.php +++ b/interface/lib/classes/remote.d/dns.inc.php @@ -95,11 +95,11 @@ class remoting_dns extends remoting { if($section == 'dns_records') { $parts = explode('|', $row); $dns_rr[] = array( - 'name' => $app->db->quote($parts[1]), - 'type' => $app->db->quote($parts[0]), - 'data' => $app->db->quote($parts[2]), - 'aux' => $app->db->quote($parts[3]), - 'ttl' => $app->db->quote($parts[4]) + 'name' => $parts[1], + 'type' => $parts[0], + 'data' => $parts[2], + 'aux' => $parts[3], + 'ttl' => $parts[4] ); } } @@ -121,26 +121,58 @@ class remoting_dns extends remoting { $sys_userid = $tmp['userid']; $sys_groupid = $tmp['default_group']; unset($tmp); - $origin = $app->db->quote($vars['origin']); - $ns = $app->db->quote($vars['ns']); - $mbox = $app->db->quote(str_replace('@', '.', $vars['mbox'])); - $refresh = $app->db->quote($vars['refresh']); - $retry = $app->db->quote($vars['retry']); - $expire = $app->db->quote($vars['expire']); - $minimum = $app->db->quote($vars['minimum']); - $ttl = $app->db->quote($vars['ttl']); - $xfer = $app->db->quote($vars['xfer']); - $also_notify = $app->db->quote($vars['also_notify']); - $update_acl = $app->db->quote($vars['update_acl']); + $origin = $vars['origin']; + $ns = $vars['ns']; + $mbox = str_replace('@', '.', $vars['mbox']); + $refresh = $vars['refresh']; + $retry = $vars['retry']; + $expire = $vars['expire']; + $minimum = $vars['minimum']; + $ttl = $vars['ttl']; + $xfer = $vars['xfer']; + $also_notify = $vars['also_notify']; + $update_acl = $vars['update_acl']; $serial = $app->validate_dns->increase_serial(0); - $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `origin`, `ns`, `mbox`, `serial`, `refresh`, `retry`, `expire`, `minimum`, `ttl`, `active`, `xfer`, `also_notify`, `update_acl`) VALUES - ('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$origin', '$ns', '$mbox', '$serial', '$refresh', '$retry', '$expire', '$minimum', '$ttl', 'Y', '$xfer', '$also_notify', '$update_acl')"; + $insert_data = array( + "sys_userid" => $sys_userid, + "sys_groupid" => $sys_groupid, + "sys_perm_user" => 'riud', + "sys_perm_group" => 'riud', + "sys_perm_other" => '', + "server_id" => $server_id, + "origin" => $origin, + "ns" => $ns, + "mbox" => $mbox, + "serial" => $serial, + "refresh" => $refresh, + "retry" => $retry, + "expire" => $expire, + "minimum" => $minimum, + "ttl" => $ttl, + "active" => 'Y', + "xfer" => $xfer, + "also_notify" => $also_notify, + "update_acl" => $update_acl + ); $dns_soa_id = $app->db->datalogInsert('dns_soa', $insert_data, 'id'); // Insert the dns_rr records if(is_array($dns_rr) && $dns_soa_id > 0) { foreach($dns_rr as $rr) { - $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `zone`, `name`, `type`, `data`, `aux`, `ttl`, `active`) VALUES - ('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$dns_soa_id', '$rr[name]', '$rr[type]', '$rr[data]', '$rr[aux]', '$rr[ttl]', 'Y')"; + $insert_data = array( + "sys_userid" => $sys_userid, + "sys_groupid" => $sys_groupid, + "sys_perm_user" => 'riud', + "sys_perm_group" => 'riud', + "sys_perm_other" => '', + "server_id" => $server_id, + "zone" => $dns_soa_id, + "name" => $rr['name'], + "type" => $rr['type'], + "data" => $rr['data'], + "aux" => $rr['aux'], + "ttl" => $rr['ttl'], + "active" => 'Y' + ); $dns_rr_id = $app->db->datalogInsert('dns_rr', $insert_data, 'id'); } } diff --git a/interface/lib/classes/remote.d/sites.inc.php b/interface/lib/classes/remote.d/sites.inc.php index f4e6a79a5..1c112e5e5 100644 --- a/interface/lib/classes/remote.d/sites.inc.php +++ b/interface/lib/classes/remote.d/sites.inc.php @@ -266,12 +266,12 @@ class remoting_sites extends remoting { $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE database_user_id = ?", $primary_id); foreach($records as $rec) { - $app->db->datalogUpdate('web_database', 'database_user_id=NULL', 'database_id', $rec['database_id']); + $app->db->datalogUpdate('web_database', array('database_user_id' => null), 'database_id', $rec['database_id']); } $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE database_ro_user_id = ?", $primary_id); foreach($records as $rec) { - $app->db->datalogUpdate('web_database', 'database_ro_user_id=NULL', 'database_id', $rec['database_id']); + $app->db->datalogUpdate('web_database', array('database_ro_user_id' => null), 'database_id', $rec['database_id']); } return $affected_rows; diff --git a/interface/lib/classes/remoting_lib.inc.php b/interface/lib/classes/remoting_lib.inc.php index a2e398895..9ee3ca547 100644 --- a/interface/lib/classes/remoting_lib.inc.php +++ b/interface/lib/classes/remoting_lib.inc.php @@ -238,22 +238,23 @@ class remoting_lib extends tform_base { $sql_offset = 0; $sql_limit = 0; $sql_where = ''; + $params = array($this->formDef['db_table']); foreach($primary_id as $key => $val) { - $key = $app->db->quote($key); - $val = $app->db->quote($val); if($key == '#OFFSET#') $sql_offset = $app->functions->intval($val); elseif($key == '#LIMIT#') $sql_limit = $app->functions->intval($val); elseif(stristr($val, '%')) { - $sql_where .= "$key like '$val' AND "; + $sql_where .= "? like ? AND "; } else { - $sql_where .= "$key = '$val' AND "; + $sql_where .= "? = ? AND "; } + $params[] = $key; + $params[] = $val; } $sql_where = substr($sql_where, 0, -5); if($sql_where == '') $sql_where = '1'; $sql = "SELECT * FROM ?? WHERE ".$sql_where. " AND " . $this->getAuthSQL('r', $this->formDef['db_table']); if($sql_offset >= 0 && $sql_limit > 0) $sql .= ' LIMIT ' . $sql_offset . ',' . $sql_limit; - return $app->db->queryAllRecords($sql, $this->formDef['db_table']); + return $app->db->queryAllRecords($sql, true, $params); } else { $this->errorMessage = 'The ID must be either an integer or an array.'; return array(); diff --git a/interface/lib/classes/tform_base.inc.php b/interface/lib/classes/tform_base.inc.php index fb374346a..f5ae05b8e 100644 --- a/interface/lib/classes/tform_base.inc.php +++ b/interface/lib/classes/tform_base.inc.php @@ -1108,6 +1108,7 @@ class tform_base { * @param primary_id * @return record */ + /* TODO: check for double quoting */ protected function _getSQL($record, $tab, $action = 'INSERT', $primary_id = 0, $sql_ext_where = '', $api = false) { global $app; diff --git a/interface/lib/plugins/mail_mail_domain_plugin.inc.php b/interface/lib/plugins/mail_mail_domain_plugin.inc.php index b307f2567..90b1ac15b 100644 --- a/interface/lib/plugins/mail_mail_domain_plugin.inc.php +++ b/interface/lib/plugins/mail_mail_domain_plugin.inc.php @@ -73,9 +73,8 @@ class mail_mail_domain_plugin { $mail_parts = explode("@", $rec['email']); $maildir = str_replace("[domain]", $page_form->dataRecord['domain'], $mail_config["maildir_path"]); $maildir = str_replace("[localpart]", $mail_parts[0], $maildir); - $maildir = $app->db->quote($maildir); - $email = $app->db->quote($mail_parts[0].'@'.$page_form->dataRecord['domain']); - $app->db->datalogUpdate('mail_user', "maildir = '$maildir', email = '$email', sys_userid = $client_user_id, sys_groupid = '$sys_groupid'", 'mailuser_id', $rec['mailuser_id']); + $email = $mail_parts[0].'@'.$page_form->dataRecord['domain']; + $app->db->datalogUpdate('mail_user', array("maildir" => $maildir, "email" => $email, "sys_userid" => $client_user_id, "sys_groupid" => $sys_groupid), 'mailuser_id', $rec['mailuser_id']); } } @@ -83,9 +82,9 @@ class mail_mail_domain_plugin { $forwardings = $app->db->queryAllRecords("SELECT * FROM mail_forwarding WHERE source LIKE ? OR destination LIKE ?", "%@" . $page_form->oldDataRecord['domain'], "%@" . $page_form->oldDataRecord['domain']); if(is_array($forwardings)) { foreach($forwardings as $rec) { - $destination = $app->db->quote(str_replace($page_form->oldDataRecord['domain'], $page_form->dataRecord['domain'], $rec['destination'])); - $source = $app->db->quote(str_replace($page_form->oldDataRecord['domain'], $page_form->dataRecord['domain'], $rec['source'])); - $app->db->datalogUpdate('mail_forwarding', "source = '$source', destination = '$destination', sys_userid = $client_user_id, sys_groupid = '$sys_groupid'", 'forwarding_id', $rec['forwarding_id']); + $destination = str_replace($page_form->oldDataRecord['domain'], $page_form->dataRecord['domain'], $rec['destination']); + $source = str_replace($page_form->oldDataRecord['domain'], $page_form->dataRecord['domain'], $rec['source']); + $app->db->datalogUpdate('mail_forwarding', array("source" => $source, "destination" => $destination, "sys_userid" => $client_user_id, "sys_groupid" => $sys_groupid), 'forwarding_id', $rec['forwarding_id']); } } @@ -93,7 +92,7 @@ class mail_mail_domain_plugin { $mailing_lists = $app->db->queryAllRecords("SELECT mailinglist_id FROM mail_mailinglist WHERE domain = ?", $page_form->oldDataRecord['domain']); if(is_array($mailing_lists)) { foreach($mailing_lists as $rec) { - $app->db->datalogUpdate('mail_mailinglist', "sys_userid = $client_user_id, sys_groupid = '$sys_groupid'", 'mailinglist_id', $rec['mailinglist_id']); + $app->db->datalogUpdate('mail_mailinglist', array("sys_userid" => $client_user_id, "sys_groupid" => $sys_groupid), 'mailinglist_id', $rec['mailinglist_id']); } } @@ -101,8 +100,8 @@ class mail_mail_domain_plugin { $mail_gets = $app->db->queryAllRecords("SELECT mailget_id, destination FROM mail_get WHERE destination LIKE ?", "%@" . $page_form->oldDataRecord['domain']); if(is_array($mail_gets)) { foreach($mail_gets as $rec) { - $destination = $app->db->quote(str_replace($page_form->oldDataRecord['domain'], $page_form->dataRecord['domain'], $rec['destination'])); - $app->db->datalogUpdate('mail_get', "destination = '$destination', sys_userid = $client_user_id, sys_groupid = '$sys_groupid'", 'mailget_id', $rec['mailget_id']); + $destination = str_replace($page_form->oldDataRecord['domain'], $page_form->dataRecord['domain'], $rec['destination']); + $app->db->datalogUpdate('mail_get', array("destination" => $destination, "sys_userid" => $client_user_id, "sys_groupid" => $sys_groupid), 'mailget_id', $rec['mailget_id']); } } diff --git a/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php b/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php index dedc6d721..aeb562399 100644 --- a/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php +++ b/interface/lib/plugins/sites_web_vhost_domain_plugin.inc.php @@ -107,7 +107,7 @@ class sites_web_vhost_domain_plugin { // Update the FTP user(s) too $records = $app->db->queryAllRecords("SELECT ftp_user_id FROM ftp_user WHERE parent_domain_id = ?", $page_form->id); foreach($records as $rec) { - $app->db->datalogUpdate('ftp_user', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."', uid = '$system_user', gid = '$system_group', dir = '$document_root'", 'ftp_user_id', $app->functions->intval($rec['ftp_user_id'])); + $app->db->datalogUpdate('ftp_user', array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid'], "uid" => $system_user, "gid" => $system_group, "dir" => $document_root), 'ftp_user_id', $app->functions->intval($rec['ftp_user_id'])); } unset($records); unset($rec); @@ -115,7 +115,7 @@ class sites_web_vhost_domain_plugin { // Update the webdav user(s) too $records = $app->db->queryAllRecords("SELECT webdav_user_id FROM webdav_user WHERE parent_domain_id = ?", $page_form->id); foreach($records as $rec) { - $app->db->datalogUpdate('webdav_user', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."'", 'webdav_user_id', $app->functions->intval($rec['webdav_user_id'])); + $app->db->datalogUpdate('webdav_user', array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid']), 'webdav_user_id', $app->functions->intval($rec['webdav_user_id'])); } unset($records); unset($rec); @@ -123,7 +123,7 @@ class sites_web_vhost_domain_plugin { // Update the web folder(s) too $records = $app->db->queryAllRecords("SELECT web_folder_id FROM web_folder WHERE parent_domain_id = ?", $page_form->id); foreach($records as $rec) { - $app->db->datalogUpdate('web_folder', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."'", 'web_folder_id', $app->functions->intval($rec['web_folder_id'])); + $app->db->datalogUpdate('web_folder', array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid']), 'web_folder_id', $app->functions->intval($rec['web_folder_id'])); } unset($records); unset($rec); @@ -131,7 +131,7 @@ class sites_web_vhost_domain_plugin { //* Update all web folder users $records = $app->db->queryAllRecords("SELECT web_folder_user.web_folder_user_id FROM web_folder_user, web_folder WHERE web_folder_user.web_folder_id = web_folder.web_folder_id AND web_folder.parent_domain_id = ?", $page_form->id); foreach($records as $rec) { - $app->db->datalogUpdate('web_folder_user', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."'", 'web_folder_user_id', $app->functions->intval($rec['web_folder_user_id'])); + $app->db->datalogUpdate('web_folder_user', array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid']), 'web_folder_user_id', $app->functions->intval($rec['web_folder_user_id'])); } unset($records); unset($rec); @@ -139,7 +139,7 @@ class sites_web_vhost_domain_plugin { // Update the Shell user(s) too $records = $app->db->queryAllRecords("SELECT shell_user_id FROM shell_user WHERE parent_domain_id = ?", $page_form->id); foreach($records as $rec) { - $app->db->datalogUpdate('shell_user', "sys_userid = '".$web_rec['sys_userid']."', sys_groupid = '".$web_rec['sys_groupid']."', puser = '$system_user', pgroup = '$system_group', dir = '$document_root'", 'shell_user_id', $app->functions->intval($rec['shell_user_id'])); + $app->db->datalogUpdate('shell_user', array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid'], "puser" => $system_user, "pgroup" => $system_group, "dir" => $document_root), 'shell_user_id', $app->functions->intval($rec['shell_user_id'])); } unset($records); unset($rec); @@ -147,7 +147,7 @@ class sites_web_vhost_domain_plugin { // Update the cron(s) too $records = $app->db->queryAllRecords("SELECT id FROM cron WHERE parent_domain_id = ?", $page_form->id); foreach($records as $rec) { - $app->db->datalogUpdate('cron', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."'", 'id', $app->functions->intval($rec['id'])); + $app->db->datalogUpdate('cron', array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid']), 'id', $app->functions->intval($rec['id'])); } unset($records); unset($rec); @@ -155,14 +155,15 @@ class sites_web_vhost_domain_plugin { //* Update all subdomains and alias domains $records = $app->db->queryAllRecords("SELECT domain_id, `domain`, `type`, `web_folder` FROM web_domain WHERE parent_domain_id = ?", $page_form->id); foreach($records as $rec) { - $update_columns = "sys_userid = '".$web_rec['sys_userid']."', sys_groupid = '".$web_rec['sys_groupid']."'"; + $update_columns = array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid']); if($rec['type'] == 'vhostsubdomain' || $rec['type'] == 'vhostalias') { $php_open_basedir = str_replace("[website_path]/web", $document_root.'/'.$rec['web_folder'], $web_config["php_open_basedir"]); $php_open_basedir = str_replace("[website_domain]/web", $rec['domain'].'/'.$rec['web_folder'], $php_open_basedir); $php_open_basedir = str_replace("[website_path]", $document_root, $php_open_basedir); - $php_open_basedir = $app->db->quote(str_replace("[website_domain]", $rec['domain'], $php_open_basedir)); + $php_open_basedir = str_replace("[website_domain]", $rec['domain'], $php_open_basedir); - $update_columns .= ", document_root = '".$document_root."', `php_open_basedir` = '".$php_open_basedir."'"; + $update_columns["document_root"] = $document_root; + $update_columns["php_open_basedir"] = $php_open_basedir; } $app->db->datalogUpdate('web_domain', $update_columns, 'domain_id', $rec['domain_id']); } @@ -172,13 +173,13 @@ class sites_web_vhost_domain_plugin { //* Update all databases $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE parent_domain_id = ?", $page_form->id); foreach($records as $rec) { - $app->db->datalogUpdate('web_database', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."'", 'database_id', $app->functions->intval($rec['database_id'])); + $app->db->datalogUpdate('web_database', array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid']), 'database_id', $app->functions->intval($rec['database_id'])); } //* Update all database users $records = $app->db->queryAllRecords("SELECT web_database_user.database_user_id FROM web_database_user, web_database WHERE web_database_user.database_user_id IN (web_database.database_user_id, web_database.database_ro_user_id) AND web_database.parent_domain_id = ?", $page_form->id); foreach($records as $rec) { - $app->db->datalogUpdate('web_database_user', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."'", 'database_user_id', $app->functions->intval($rec['database_user_id'])); + $app->db->datalogUpdate('web_database_user', array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid']), 'database_user_id', $app->functions->intval($rec['database_user_id'])); } unset($records); unset($rec); @@ -187,7 +188,7 @@ class sites_web_vhost_domain_plugin { $records = $app->db->queryAllRecords("SELECT instance_id FROM aps_instances_settings WHERE name = 'main_domain' AND value = ?", $page_form->oldDataRecord["domain"]); if(is_array($records) && !empty($records)){ foreach($records as $rec){ - $app->db->datalogUpdate('aps_instances', "sys_userid = '".$app->functions->intval($web_rec['sys_userid'])."', sys_groupid = '".$app->functions->intval($web_rec['sys_groupid'])."', customer_id = '".$app->functions->intval($client_id)."'", 'id', $rec['instance_id']); + $app->db->datalogUpdate('aps_instances', array("sys_userid" => $web_rec['sys_userid'], "sys_groupid" => $web_rec['sys_groupid'], "customer_id" => $client_id), 'id', $rec['instance_id']); } } unset($records); @@ -199,8 +200,8 @@ class sites_web_vhost_domain_plugin { if(!empty($page_form->dataRecord["domain"]) && !empty($page_form->oldDataRecord["domain"]) && $page_form->dataRecord["domain"] != $page_form->oldDataRecord["domain"]) { $records = $app->db->queryAllRecords("SELECT domain_id,domain FROM web_domain WHERE (type = 'subdomain' OR type = 'vhostsubdomain' OR type = 'vhostalias') AND domain LIKE ?", "%." . $page_form->oldDataRecord["domain"]); foreach($records as $rec) { - $subdomain = $app->db->quote(str_replace($page_form->oldDataRecord["domain"], $page_form->dataRecord["domain"], $rec['domain'])); - $app->db->datalogUpdate('web_domain', "domain = '".$subdomain."'", 'domain_id', $rec['domain_id']); + $subdomain = str_replace($page_form->oldDataRecord["domain"], $page_form->dataRecord["domain"], $rec['domain']); + $app->db->datalogUpdate('web_domain', array("domain" => $subdomain), 'domain_id', $rec['domain_id']); } unset($records); unset($rec); @@ -210,7 +211,7 @@ class sites_web_vhost_domain_plugin { $records = $app->db->queryAllRecords("SELECT id, instance_id FROM aps_instances_settings WHERE name = 'main_domain' AND value = ?", $page_form->oldDataRecord["domain"]); if(is_array($records) && !empty($records)){ foreach($records as $rec){ - $app->db->datalogUpdate('aps_instances_settings', "value = '".$app->db->quote($page_form->dataRecord["domain"])."'", 'id', $rec['id']); + $app->db->datalogUpdate('aps_instances_settings', array("value" => $page_form->dataRecord["domain"]), 'id', $rec['id']); } } unset($records); @@ -259,7 +260,7 @@ class sites_web_vhost_domain_plugin { if(isset($page_form->dataRecord['ip_address']) && ($page_form->dataRecord['ip_address'] != $page_form->oldDataRecord['ip_address'] || $page_form->dataRecord['ipv6_address'] != $page_form->oldDataRecord['ipv6_address'])) { $records = $app->db->queryAllRecords("SELECT domain_id FROM web_domain WHERE (type = 'vhostsubdomain' OR type = 'vhostalias') AND parent_domain_id = ?", $page_form->id); foreach($records as $rec) { - $app->db->datalogUpdate('web_domain', "ip_address = '".$app->db->quote($web_rec['ip_address'])."', ipv6_address = '".$app->db->quote($web_rec['ipv6_address'])."'", 'domain_id', $rec['domain_id']); + $app->db->datalogUpdate('web_domain', array("ip_address" => $web_rec['ip_address'], "ipv6_address" => $web_rec['ipv6_address']), 'domain_id', $rec['domain_id']); } unset($records); unset($rec); diff --git a/interface/lib/plugins/vm_openvz_plugin.inc.php b/interface/lib/plugins/vm_openvz_plugin.inc.php index ac1b0801c..dcd2df735 100644 --- a/interface/lib/plugins/vm_openvz_plugin.inc.php +++ b/interface/lib/plugins/vm_openvz_plugin.inc.php @@ -112,7 +112,7 @@ class vm_openvz_plugin { //* Free the IP address $tmp = $app->db->queryOneRecord("SELECT ip_address_id FROM openvz_ip WHERE vm_id = ?", $page_form->id); - $app->db->datalogUpdate('openvz_ip', 'vm_id = 0', 'ip_address_id', $tmp['ip_address_id']); + $app->db->datalogUpdate('openvz_ip', array('vm_id' => 0), 'ip_address_id', $tmp['ip_address_id']); unset($tmp); } @@ -232,12 +232,25 @@ class vm_openvz_plugin { if($rr_rec['id'] > 0) { $app->uses('validate_dns'); - $app->db->datalogUpdate('dns_rr', "data = '$ip_address'", 'id', $app->functions->intval($rr_rec['id'])); + $app->db->datalogUpdate('dns_rr', array("data" => $ip_address), 'id', $app->functions->intval($rr_rec['id'])); $serial = $app->validate_dns->increase_serial($zone_rec['serial']); - $app->db->datalogUpdate('dns_soa', "serial = '$serial'", 'id', $app->functions->intval($zone_rec['id'])); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $app->functions->intval($zone_rec['id'])); } else { - $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `zone`, `name`, `type`, `data`, `aux`, `ttl`, `active`) VALUES - ('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$dns_soa_id', '$hostname', 'A', '$ip_address', '0', '3600', 'Y')"; + $insert_data = array( + "sys_userid" => $sys_userid, + "sys_groupid" => $sys_groupid, + "sys_perm_user" => 'riud', + "sys_perm_group" => 'riud', + "sys_perm_other" => '', + "server_id" => $server_id, + "zone" => $dns_soa_id, + "name" => $hostname, + "type" => 'A', + "data" => $ip_address, + "aux" => '0', + "ttl" => '3600', + "active" => 'Y' + ); $dns_rr_id = $app->db->datalogInsert('dns_rr', $insert_data, 'id'); } diff --git a/interface/web/admin/software_package_install.php b/interface/web/admin/software_package_install.php index 864e8d724..ccbfd73eb 100644 --- a/interface/web/admin/software_package_install.php +++ b/interface/web/admin/software_package_install.php @@ -63,7 +63,7 @@ if($package['package_installable'] == 'key' && $install_key != '') { $message_err = 'Verification of the key failed.'; } else { // Store the verified key into the database - $app->db->datalogUpdate('software_package', "package_key = '".$app->db->quote($install_key)."'", 'package_id', $package['package_id']); + $app->db->datalogUpdate('software_package', array("package_key" => $install_key), 'package_id', $package['package_id']); } } else { $message_ok = 'Please enter the software key for the package.'; @@ -91,7 +91,7 @@ if($install_server_id > 0 && $package_name != '' && ($package['package_installab 'database_host' => 'localhost'); $package_config_str = $app->ini_parser->get_ini_string($package_config_array); $package['package_config'] = $package_config_str; - $app->db->datalogUpdate('software_package', "package_config = '".$app->db->quote($package_config_str)."'", 'package_id', $package['package_id']); + $app->db->datalogUpdate('software_package', array("package_config" => $package_config_str), 'package_id', $package['package_id']); } } @@ -127,7 +127,12 @@ if($install_server_id > 0 && $package_name != '' && ($package['package_installab } //* Add the record to start the install process - $insert_data = "(package_name, server_id, software_update_id, status) VALUES ('".$app->db->quote($package_name)."', '".$app->db->quote($install_server_id)."', '".$app->db->quote($software_update_id)."','installing')"; + $insert_data = array( + "package_name" => $package_name, + "server_id" => $install_server_id, + "software_update_id" => $software_update_id, + "status" => 'installing' + ); $app->db->datalogInsert('software_update_inst', $insert_data, 'software_update_inst_id'); $message_ok = 'Starting package installation '."".$app->lng('next').""; diff --git a/interface/web/admin/software_package_list.php b/interface/web/admin/software_package_list.php index 19e637a6e..5e552dbee 100644 --- a/interface/web/admin/software_package_list.php +++ b/interface/web/admin/software_package_list.php @@ -104,13 +104,13 @@ if(is_array($repos) && isset($_GET['action']) && $_GET['action'] == 'repoupdate' $v3 = $app->functions->intval($version_array[2]); $v4 = $app->functions->intval($version_array[3]); - $package_name = $app->db->quote($u['package_name']); + $package_name = $u['package_name']; $software_repo_id = $app->functions->intval($repo['software_repo_id']); - $update_url = $app->db->quote($u['url']); - $update_md5 = $app->db->quote($u['md5']); - $update_dependencies = (isset($u['dependencies']))?$app->db->quote($u['dependencies']):''; - $update_title = $app->db->quote($u['title']); - $type = $app->db->quote($u['type']); + $update_url = $u['url']; + $update_md5 = $u['md5']; + $update_dependencies = (isset($u['dependencies']))?$u['dependencies']:''; + $update_title = $u['title']; + $type = $u['type']; // Check that we do not have this update in the database yet $sql = "SELECT * FROM software_update WHERE package_name = ? and v1 = ? and v2 = ? and v3 = ? and v4 = ?"; diff --git a/interface/web/admin/software_update_list.php b/interface/web/admin/software_update_list.php index cc22b8053..c987e9e04 100644 --- a/interface/web/admin/software_update_list.php +++ b/interface/web/admin/software_update_list.php @@ -101,12 +101,16 @@ if(is_array($repos)) { //* Install packages, if GET Request if(isset($_GET['action']) && $_GET['action'] == 'install' && $_GET['package'] != '' && $_GET['server_id'] > 0) { - $package_name = $app->db->quote($_GET['package']); + $package_name = $_GET['package']; $server_id = $app->functions->intval($_GET['server_id']); $software_update_id = $app->functions->intval($_GET['id']); - $insert_data = "(package_name, server_id, software_update_id, status) VALUES ('$package_name', '$server_id', '$software_update_id','installing')"; - // $insert_data = "(package_name, server_id, software_update_id, status) VALUES ('$package_name', '$server_id', '$software_update_id','installed')"; + $insert_data = array( + "package_name" => $package_name, + "server_id" => $server_id, + "software_update_id" => $software_update_id, + "status" => 'installing' + ); $app->db->datalogInsert('software_update_inst', $insert_data, 'software_update_inst_id'); } diff --git a/interface/web/admin/users_edit.php b/interface/web/admin/users_edit.php index 11f783c2a..e3919649b 100644 --- a/interface/web/admin/users_edit.php +++ b/interface/web/admin/users_edit.php @@ -106,7 +106,7 @@ class page_action extends tform_actions { $sql = "UPDATE client SET username = ? WHERE client_id = ? AND username = ?"; $app->db->query($sql, $username, $client_id, $old_username); $tmp = $app->db->queryOneRecord("SELECT * FROM sys_group WHERE client_id = ?", $client_id); - $app->db->datalogUpdate("sys_group", "name = '$username'", 'groupid', $tmp['groupid']); + $app->db->datalogUpdate("sys_group", array("name" => $username), 'groupid', $tmp['groupid']); unset($tmp); } diff --git a/interface/web/client/client_edit.php b/interface/web/client/client_edit.php index f9bd9a00c..bbeb82223 100644 --- a/interface/web/client/client_edit.php +++ b/interface/web/client/client_edit.php @@ -241,7 +241,7 @@ class page_action extends tform_actions { function onAfterInsert() { global $app, $conf; // Create the group for the client - $groupid = $app->db->datalogInsert('sys_group', "(name,description,client_id) VALUES ('".$app->db->quote($this->dataRecord["username"])."','',".$this->id.")", 'groupid'); + $groupid = $app->db->datalogInsert('sys_group', array("name" => $this->dataRecord["username"], "description" => '', "client_id" => $this->id), 'groupid'); $groups = $groupid; $username = $this->dataRecord["username"]; @@ -325,7 +325,7 @@ class page_action extends tform_actions { //* save new counter value $system_config['misc']['customer_no_counter']++; $system_config_str = $app->ini_parser->get_ini_string($system_config); - $app->db->datalogUpdate('sys_ini', "config = '".$app->db->quote($system_config_str)."'", 'sysini_id', 1); + $app->db->datalogUpdate('sys_ini', array("config" => $system_config_str), 'sysini_id', 1); } } else { //* Logged in user must be a reseller diff --git a/interface/web/client/reseller_edit.php b/interface/web/client/reseller_edit.php index 686c99e5c..fff420206 100644 --- a/interface/web/client/reseller_edit.php +++ b/interface/web/client/reseller_edit.php @@ -200,7 +200,7 @@ class page_action extends tform_actions { function onAfterInsert() { global $app, $conf; // Create the group for the reseller - $groupid = $app->db->datalogInsert('sys_group', "(name,description,client_id) VALUES ('".$app->db->quote($this->dataRecord["username"])."','',".$this->id.")", 'groupid'); + $groupid = $app->db->datalogInsert('sys_group', array("name" => $this->dataRecord["username"], "description" => '', "client_id" => $this->id), 'groupid'); $groups = $groupid; $username = $this->dataRecord["username"]; diff --git a/interface/web/dashboard/ajax_get_json.php b/interface/web/dashboard/ajax_get_json.php index 383cc090d..9ebb27e6c 100644 --- a/interface/web/dashboard/ajax_get_json.php +++ b/interface/web/dashboard/ajax_get_json.php @@ -40,7 +40,7 @@ $type = $_GET["type"]; //if($_SESSION["s"]["user"]["typ"] == 'admin') { - +/* TODO: change sql queries */ if($type == 'globalsearch'){ $q = $app->db->quote(trim($_GET["q"])); $authsql = " AND ".$app->tform->getAuthSQL('r'); diff --git a/interface/web/dns/dns_a_edit.php b/interface/web/dns/dns_a_edit.php index 792a90aaa..c70cc7989 100644 --- a/interface/web/dns/dns_a_edit.php +++ b/interface/web/dns/dns_a_edit.php @@ -118,12 +118,12 @@ class page_action extends tform_actions { //* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); - $app->db->datalogUpdate('dns_rr', "sys_groupid = ".$soa['sys_groupid'], 'id', $this->id); + $app->db->datalogUpdate('dns_rr', array("sys_groupid" => $soa['sys_groupid']), 'id', $this->id); //* Update the serial number of the SOA record $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } function onAfterUpdate() { @@ -133,7 +133,7 @@ class page_action extends tform_actions { $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } } diff --git a/interface/web/dns/dns_aaaa_edit.php b/interface/web/dns/dns_aaaa_edit.php index 867dabb94..ca4151ae3 100644 --- a/interface/web/dns/dns_aaaa_edit.php +++ b/interface/web/dns/dns_aaaa_edit.php @@ -113,12 +113,12 @@ class page_action extends tform_actions { //* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); - $app->db->datalogUpdate('dns_rr', "sys_groupid = ".intval($soa['sys_groupid']), 'id', $this->id); + $app->db->datalogUpdate('dns_rr', array("sys_groupid" => $soa['sys_groupid']), 'id', $this->id); //* Update the serial number of the SOA record $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } function onAfterUpdate() { @@ -128,7 +128,7 @@ class page_action extends tform_actions { $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } } diff --git a/interface/web/dns/dns_alias_edit.php b/interface/web/dns/dns_alias_edit.php index 1c58bd8f5..697756bf0 100644 --- a/interface/web/dns/dns_alias_edit.php +++ b/interface/web/dns/dns_alias_edit.php @@ -113,12 +113,12 @@ class page_action extends tform_actions { //* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); - $app->db->datalogUpdate('dns_rr', "sys_groupid = ".$soa['sys_groupid'], 'id', $this->id); + $app->db->datalogUpdate('dns_rr', array("sys_groupid" => $soa['sys_groupid']), 'id', $this->id); //* Update the serial number of the SOA record $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } function onAfterUpdate() { @@ -128,7 +128,7 @@ class page_action extends tform_actions { $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } } diff --git a/interface/web/dns/dns_cname_edit.php b/interface/web/dns/dns_cname_edit.php index 0979b6fff..f9793881b 100644 --- a/interface/web/dns/dns_cname_edit.php +++ b/interface/web/dns/dns_cname_edit.php @@ -118,12 +118,12 @@ class page_action extends tform_actions { //* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); - $app->db->datalogUpdate('dns_rr', "sys_groupid = ".$soa['sys_groupid'], 'id', $this->id); + $app->db->datalogUpdate('dns_rr', array("sys_groupid" => $soa['sys_groupid']), 'id', $this->id); //* Update the serial number of the SOA record $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } function onAfterUpdate() { @@ -133,7 +133,7 @@ class page_action extends tform_actions { $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } } diff --git a/interface/web/dns/dns_dkim_edit.php b/interface/web/dns/dns_dkim_edit.php index 5756484de..a1c4c6f82 100644 --- a/interface/web/dns/dns_dkim_edit.php +++ b/interface/web/dns/dns_dkim_edit.php @@ -127,12 +127,12 @@ class page_action extends tform_actions { //* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record $soa = $app->db->queryOneRecord("SELECT sys_groupid,serial FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); - $app->db->datalogUpdate('dns_rr', "sys_groupid = ".$soa['sys_groupid'], 'id', $this->id); + $app->db->datalogUpdate('dns_rr', array("sys_groupid" => $soa['sys_groupid']), 'id', $this->id); //* Update the serial number of the SOA record $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } function onAfterUpdate() { @@ -142,7 +142,7 @@ class page_action extends tform_actions { $soa = $app->db->queryOneRecord("SELECT serial FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } } diff --git a/interface/web/dns/dns_dmarc_edit.php b/interface/web/dns/dns_dmarc_edit.php index d7f684dbd..49bf69909 100644 --- a/interface/web/dns/dns_dmarc_edit.php +++ b/interface/web/dns/dns_dmarc_edit.php @@ -350,12 +350,12 @@ class page_action extends tform_actions { //* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record $soa = $app->db->queryOneRecord("SELECT sys_groupid,serial FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $app->functions->intval($this->dataRecord["zone"])); - $app->db->datalogUpdate('dns_rr', "sys_groupid = ".$soa['sys_groupid'], 'id', $this->id); + $app->db->datalogUpdate('dns_rr', array("sys_groupid" => $soa['sys_groupid']), 'id', $this->id); //* Update the serial number of the SOA record $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } @@ -366,7 +366,7 @@ class page_action extends tform_actions { $soa = $app->db->queryOneRecord("SELECT serial FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $app->functions->intval($this->dataRecord["zone"])); $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } } diff --git a/interface/web/dns/dns_hinfo_edit.php b/interface/web/dns/dns_hinfo_edit.php index 9a674bf2b..83cf60e14 100644 --- a/interface/web/dns/dns_hinfo_edit.php +++ b/interface/web/dns/dns_hinfo_edit.php @@ -113,12 +113,12 @@ class page_action extends tform_actions { //* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); - $app->db->datalogUpdate('dns_rr', "sys_groupid = ".$soa['sys_groupid'], 'id', $this->id); + $app->db->datalogUpdate('dns_rr', array("sys_groupid" => $soa['sys_groupid']), 'id', $this->id); //* Update the serial number of the SOA record $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } function onAfterUpdate() { @@ -128,7 +128,7 @@ class page_action extends tform_actions { $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } } diff --git a/interface/web/dns/dns_import.php b/interface/web/dns/dns_import.php index 8dee39b13..7e96a42d8 100644 --- a/interface/web/dns/dns_import.php +++ b/interface/web/dns/dns_import.php @@ -695,21 +695,38 @@ if(isset($_FILES['file']['name']) && is_uploaded_file($_FILES['file']['tmp_name' // Insert the soa record $sys_userid = $_SESSION['s']['user']['userid']; - $origin = $app->db->quote($soa['name']); - $ns = $app->db->quote($soa['ns']); - $mbox = $app->db->quote($soa['mbox']); - $refresh = $app->db->quote($soa['refresh']); - $retry = $app->db->quote($soa['retry']); - $expire = $app->db->quote($soa['expire']); - $minimum = $app->db->quote($soa['minimum']); - $ttl = $app->db->quote($soa['ttl']); - $xfer = $app->db->quote(''); - $serial = $app->db->quote($app->functions->intval($soa['serial'])+1); + $origin = $soa['name']; + $ns = $soa['ns']; + $mbox = $soa['mbox']; + $refresh = $soa['refresh']; + $retry = $soa['retry']; + $expire = $soa['expire']; + $minimum = $soa['minimum']; + $ttl = $soa['ttl']; + $xfer = ''; + $serial = $app->functions->intval($soa['serial']+1); //print_r($soa); //die(); if($valid_zone_file){ - $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `origin`, `ns`, `mbox`, `serial`, `refresh`, `retry`, `expire`, `minimum`, `ttl`, `active`, `xfer`) VALUES - ('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$origin', '$ns', '$mbox', '$serial', '$refresh', '$retry', '$expire', '$minimum', '$ttl', 'Y', '$xfer')"; + $insert_data = array( + "sys_userid" => $sys_userid, + "sys_groupid" => $sys_groupid, + "sys_perm_user" => 'riud', + "sys_perm_group" => 'riud', + "sys_perm_other" => '', + "server_id" => $server_id, + "origin" => $origin, + "ns" => $ns, + "mbox" => $mbox, + "serial" => $serial, + "refresh" => $refresh, + "retry" => $retry, + "expire" => $expire, + "minimum" => $minimum, + "ttl" => $ttl, + "active" => 'Y', + "xfer" => $xfer + ); $dns_soa_id = $app->db->datalogInsert('dns_soa', $insert_data, 'id'); // Insert the dns_rr records @@ -717,8 +734,21 @@ if(isset($_FILES['file']['name']) && is_uploaded_file($_FILES['file']['tmp_name' { foreach($dns_rr as $rr) { - $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `zone`, `name`, `type`, `data`, `aux`, `ttl`, `active`) VALUES - ('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$dns_soa_id', '".$app->db->quote($rr['name'])."', '".$app->db->quote($rr['type'])."', '".$app->db->quote($rr['data'])."', '".$app->db->quote($rr['aux'])."', '".$app->db->quote($rr['ttl'])."', 'Y')"; + $insert_data = array( + "sys_userid" => $sys_userid, + "sys_groupid" => $sys_groupid, + "sys_perm_user" => 'riud', + "sys_perm_group" => 'riud', + "sys_perm_other" => '', + "server_id" => $server_id, + "zone" => $dns_soa_id, + "name" => $rr['name'], + "type" => $rr['type'], + "data" => $rr['data'], + "aux" => $rr['aux'], + "ttl" => $rr['ttl'], + "active" => 'Y' + ); $dns_rr_id = $app->db->datalogInsert('dns_rr', $insert_data, 'id'); } } diff --git a/interface/web/dns/dns_mx_edit.php b/interface/web/dns/dns_mx_edit.php index 0fcf53f7f..c74eab30b 100644 --- a/interface/web/dns/dns_mx_edit.php +++ b/interface/web/dns/dns_mx_edit.php @@ -136,12 +136,12 @@ class page_action extends tform_actions { //* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); - $app->db->datalogUpdate('dns_rr', "sys_groupid = ".$soa['sys_groupid'], 'id', $this->id); + $app->db->datalogUpdate('dns_rr', array("sys_groupid" => $soa['sys_groupid']), 'id', $this->id); //* Update the serial number of the SOA record $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } function onAfterUpdate() { @@ -151,7 +151,7 @@ class page_action extends tform_actions { $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } } diff --git a/interface/web/dns/dns_ns_edit.php b/interface/web/dns/dns_ns_edit.php index 7ed47f0f6..145823683 100644 --- a/interface/web/dns/dns_ns_edit.php +++ b/interface/web/dns/dns_ns_edit.php @@ -113,12 +113,12 @@ class page_action extends tform_actions { //* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); - $app->db->datalogUpdate('dns_rr', "sys_groupid = ".$soa['sys_groupid'], 'id', $this->id); + $app->db->datalogUpdate('dns_rr', array("sys_groupid" => $soa['sys_groupid']), 'id', $this->id); //* Update the serial number of the SOA record $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } function onAfterUpdate() { @@ -128,7 +128,7 @@ class page_action extends tform_actions { $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } } diff --git a/interface/web/dns/dns_ptr_edit.php b/interface/web/dns/dns_ptr_edit.php index 016cee8d5..ed1c11897 100644 --- a/interface/web/dns/dns_ptr_edit.php +++ b/interface/web/dns/dns_ptr_edit.php @@ -113,12 +113,12 @@ class page_action extends tform_actions { //* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); - $app->db->datalogUpdate('dns_rr', "sys_groupid = ".$soa['sys_groupid'], 'id', $this->id); + $app->db->datalogUpdate('dns_rr', array("sys_groupid" => $soa['sys_groupid']), 'id', $this->id); //* Update the serial number of the SOA record $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } function onAfterUpdate() { @@ -128,7 +128,7 @@ class page_action extends tform_actions { $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } } diff --git a/interface/web/dns/dns_rp_edit.php b/interface/web/dns/dns_rp_edit.php index 53cd879a8..d7c2edcc7 100644 --- a/interface/web/dns/dns_rp_edit.php +++ b/interface/web/dns/dns_rp_edit.php @@ -113,12 +113,12 @@ class page_action extends tform_actions { //* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); - $app->db->datalogUpdate('dns_rr', "sys_groupid = ".$soa['sys_groupid'], 'id', $this->id); + $app->db->datalogUpdate('dns_rr', array("sys_groupid" => $soa['sys_groupid']), 'id', $this->id); //* Update the serial number of the SOA record $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } function onAfterUpdate() { @@ -128,7 +128,7 @@ class page_action extends tform_actions { $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } } diff --git a/interface/web/dns/dns_rr_del.php b/interface/web/dns/dns_rr_del.php index 1098b653f..6504123da 100644 --- a/interface/web/dns/dns_rr_del.php +++ b/interface/web/dns/dns_rr_del.php @@ -57,7 +57,7 @@ class page_action extends tform_actions { $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); $soa_id = $app->functions->intval($this->dataRecord["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } } diff --git a/interface/web/dns/dns_spf_edit.php b/interface/web/dns/dns_spf_edit.php index d3ddb6a25..ba770a9cf 100644 --- a/interface/web/dns/dns_spf_edit.php +++ b/interface/web/dns/dns_spf_edit.php @@ -242,12 +242,12 @@ class page_action extends tform_actions { //* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record $soa = $app->db->queryOneRecord("SELECT sys_groupid,serial FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $app->functions->intval($this->dataRecord["zone"])); - $app->db->datalogUpdate('dns_rr', "sys_groupid = ".$soa['sys_groupid'], 'id', $this->id); + $app->db->datalogUpdate('dns_rr', array("sys_groupid" => $soa['sys_groupid']), 'id', $this->id); //* Update the serial number of the SOA record $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } @@ -258,7 +258,7 @@ class page_action extends tform_actions { $soa = $app->db->queryOneRecord("SELECT serial FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $app->functions->intval($this->dataRecord["zone"])); $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } } diff --git a/interface/web/dns/dns_srv_edit.php b/interface/web/dns/dns_srv_edit.php index 4589834b6..d9e36251c 100644 --- a/interface/web/dns/dns_srv_edit.php +++ b/interface/web/dns/dns_srv_edit.php @@ -134,12 +134,12 @@ class page_action extends tform_actions { //* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); - $app->db->datalogUpdate('dns_rr', "sys_groupid = ".$soa['sys_groupid'], 'id', $this->id); + $app->db->datalogUpdate('dns_rr', array("sys_groupid" => $soa['sys_groupid']), 'id', $this->id); //* Update the serial number of the SOA record $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } function onAfterUpdate() { @@ -149,7 +149,7 @@ class page_action extends tform_actions { $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } } diff --git a/interface/web/dns/dns_txt_edit.php b/interface/web/dns/dns_txt_edit.php index 20e0c5e76..748e302c6 100644 --- a/interface/web/dns/dns_txt_edit.php +++ b/interface/web/dns/dns_txt_edit.php @@ -113,12 +113,12 @@ class page_action extends tform_actions { //* Set the sys_groupid of the rr record to be the same then the sys_groupid of the soa record $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); - $app->db->datalogUpdate('dns_rr', "sys_groupid = ".$soa['sys_groupid'], 'id', $this->id); + $app->db->datalogUpdate('dns_rr', array("sys_groupid" => $soa['sys_groupid']), 'id', $this->id); //* Update the serial number of the SOA record $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } function onAfterUpdate() { @@ -128,7 +128,7 @@ class page_action extends tform_actions { $soa = $app->db->queryOneRecord("SELECT * FROM dns_soa WHERE id = ? AND " . $app->tform->getAuthSQL('r'), $this->dataRecord["zone"]); $soa_id = $app->functions->intval($_POST["zone"]); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } } diff --git a/interface/web/dns/dns_wizard.php b/interface/web/dns/dns_wizard.php index 666ff6a6b..17dba998e 100644 --- a/interface/web/dns/dns_wizard.php +++ b/interface/web/dns/dns_wizard.php @@ -335,11 +335,11 @@ if($_POST['create'] == 1) { if($section == 'dns_records') { $parts = explode('|', $row); $dns_rr[] = array( - 'name' => $app->db->quote($parts[1]), - 'type' => $app->db->quote($parts[0]), - 'data' => $app->db->quote($parts[2]), - 'aux' => $app->db->quote($parts[3]), - 'ttl' => $app->db->quote($parts[4]) + 'name' => $parts[1], + 'type' => $parts[0], + 'data' => $parts[2], + 'aux' => $parts[3], + 'ttl' => $parts[4] ); } } @@ -359,28 +359,60 @@ if($_POST['create'] == 1) { if($error == '') { // Insert the soa record $sys_userid = $_SESSION['s']['user']['userid']; - $origin = $app->db->quote($vars['origin']); - $ns = $app->db->quote($vars['ns']); - $mbox = $app->db->quote(str_replace('@', '.', $vars['mbox'])); - $refresh = $app->db->quote($vars['refresh']); - $retry = $app->db->quote($vars['retry']); - $expire = $app->db->quote($vars['expire']); - $minimum = $app->db->quote($vars['minimum']); - $ttl = $app->db->quote($vars['ttl']); - $xfer = $app->db->quote($vars['xfer']); - $also_notify = $app->db->quote($vars['also_notify']); - $update_acl = $app->db->quote($vars['update_acl']); + $origin = $vars['origin']; + $ns = $vars['ns']; + $mbox = str_replace('@', '.', $vars['mbox']); + $refresh = $vars['refresh']; + $retry = $vars['retry']; + $expire = $vars['expire']; + $minimum = $vars['minimum']; + $ttl = $vars['ttl']; + $xfer = $vars['xfer']; + $also_notify = $vars['also_notify']; + $update_acl = $vars['update_acl']; $serial = $app->validate_dns->increase_serial(0); - $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `origin`, `ns`, `mbox`, `serial`, `refresh`, `retry`, `expire`, `minimum`, `ttl`, `active`, `xfer`, `also_notify`, `update_acl`) VALUES - ('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$origin', '$ns', '$mbox', '$serial', '$refresh', '$retry', '$expire', '$minimum', '$ttl', 'Y', '$xfer', '$also_notify', '$update_acl')"; + $insert_data = array( + "sys_userid" => $sys_userid, + "sys_groupid" => $sys_groupid, + "sys_perm_user" => 'riud', + "sys_perm_group" => 'riud', + "sys_perm_other" => '', + "server_id" => $server_id, + "origin" => $origin, + "ns" => $ns, + "mbox" => $mbox, + "serial" => $serial, + "refresh" => $refresh, + "retry" => $retry, + "expire" => $expire, + "minimum" => $minimum, + "ttl" => $ttl, + "active" => 'Y', + "xfer" => $xfer, + "also_notify" => $also_notify, + "update_acl" => $update_acl + ); $dns_soa_id = $app->db->datalogInsert('dns_soa', $insert_data, 'id'); // Insert the dns_rr records if(is_array($dns_rr) && $dns_soa_id > 0) { foreach($dns_rr as $rr) { - $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `zone`, `name`, `type`, `data`, `aux`, `ttl`, `active`) VALUES - ('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$dns_soa_id', '$rr[name]', '$rr[type]', '$rr[data]', '$rr[aux]', '$rr[ttl]', 'Y')"; + $insert_data = array( + "sys_userid" => $sys_userid, + "sys_groupid" => $sys_groupid, + "sys_perm_user" => 'riud', + "sys_perm_group" => 'riud', + "sys_perm_other" => '', + "server_id" => $server_id, + "zone" => $dns_soa_id, + "name" => $rr['name'], + "type" => $rr['type'], + "data" => $rr['data'], + "aux" => $rr['aux'], + "ttl" => $rr['ttl'], + "active" => 'Y' + ); $dns_rr_id = $app->db->datalogInsert('dns_rr', $insert_data, 'id'); } } diff --git a/interface/web/mail/mail_aliasdomain_edit.php b/interface/web/mail/mail_aliasdomain_edit.php index 7e76ff04c..918a5f3a0 100644 --- a/interface/web/mail/mail_aliasdomain_edit.php +++ b/interface/web/mail/mail_aliasdomain_edit.php @@ -118,8 +118,8 @@ class page_action extends tform_actions { /* TODO: check if this quoting is correkt! */ // compose the source and destination field - $this->dataRecord["source"] = "@".$app->db->quote($this->dataRecord["source"]); - $this->dataRecord["destination"] = "@".$app->db->quote($this->dataRecord["destination"]); + $this->dataRecord["source"] = "@".$this->dataRecord["source"]; + $this->dataRecord["destination"] = "@".$this->dataRecord["destination"]; // Set the server id of the mailbox = server ID of mail domain. $this->dataRecord["server_id"] = $app->functions->intval($domain["server_id"]); diff --git a/interface/web/mail/mail_domain_edit.php b/interface/web/mail/mail_domain_edit.php index b09722fdd..9873c81bc 100644 --- a/interface/web/mail/mail_domain_edit.php +++ b/interface/web/mail/mail_domain_edit.php @@ -285,12 +285,23 @@ class page_action extends tform_actions { $tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = ?", '@' . $this->dataRecord["domain"]); if($tmp_user["id"] > 0) { // There is already a record that we will update - $app->db->datalogUpdate('spamfilter_users', "policy_id = $policy_id", 'id', $tmp_user["id"]); + $app->db->datalogUpdate('spamfilter_users', array("policy_id" => $policy_id), 'id', $tmp_user["id"]); } else { $tmp_domain = $app->db->queryOneRecord("SELECT sys_groupid FROM mail_domain WHERE domain_id = ?", $this->id); // We create a new record - $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `priority`, `policy_id`, `email`, `fullname`, `local`) - VALUES (".$_SESSION["s"]["user"]["userid"].", ".$app->functions->intval($tmp_domain["sys_groupid"]).", 'riud', 'riud', '', ".$app->functions->intval($this->dataRecord["server_id"]).", 5, ".$app->functions->intval($policy_id).", '@".$app->db->quote($this->dataRecord["domain"])."', '@".$app->db->quote($this->dataRecord["domain"])."', 'Y')"; + $insert_data = array( + "sys_userid" => $_SESSION["s"]["user"]["userid"], + "sys_groupid" => $tmp_domain["sys_groupid"], + "sys_perm_user" => 'riud', + "sys_perm_group" => 'riud', + "sys_perm_other" => '', + "server_id" => $this->dataRecord["server_id"], + "priority" => 5, + "policy_id" => $policy_id, + "email" => '@' . $this->dataRecord["domain"], + "fullname" => '@' . $this->dataRecord["domain"], + "local" => 'Y' + ); $app->db->datalogInsert('spamfilter_users', $insert_data, 'id'); unset($tmp_domain); } @@ -340,12 +351,23 @@ class page_action extends tform_actions { if($policy_id > 0) { if($tmp_user["id"] > 0) { // There is already a record that we will update - $app->db->datalogUpdate('spamfilter_users', "policy_id = $policy_id", 'id', $tmp_user["id"]); + $app->db->datalogUpdate('spamfilter_users', array("policy_id" => $policy_id), 'id', $tmp_user["id"]); } else { $tmp_domain = $app->db->queryOneRecord("SELECT sys_groupid FROM mail_domain WHERE domain_id = ?", $this->id); // We create a new record - $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `priority`, `policy_id`, `email`, `fullname`, `local`) - VALUES (".$_SESSION["s"]["user"]["userid"].", ".$app->functions->intval($tmp_domain["sys_groupid"]).", 'riud', 'riud', '', ".$app->functions->intval($this->dataRecord["server_id"]).", 5, ".$app->functions->intval($policy_id).", '@".$app->db->quote($this->dataRecord["domain"])."', '@".$app->db->quote($this->dataRecord["domain"])."', 'Y')"; + $insert_data = array( + "sys_userid" => $_SESSION["s"]["user"]["userid"], + "sys_groupid" => $tmp_domain["sys_groupid"], + "sys_perm_user" => 'riud', + "sys_perm_group" => 'riud', + "sys_perm_other" => '', + "server_id" => $this->dataRecord["server_id"], + "priority" => 5, + "policy_id" => $policy_id, + "email" => '@' . $this->dataRecord["domain"], + "fullname" => '@' . $this->dataRecord["domain"], + "local" => 'Y' + ); $app->db->datalogInsert('spamfilter_users', $insert_data, 'id'); unset($tmp_domain); } @@ -371,9 +393,8 @@ class page_action extends tform_actions { $mail_parts = explode("@", $rec['email']); $maildir = str_replace("[domain]", $this->dataRecord['domain'], $mail_config["maildir_path"]); $maildir = str_replace("[localpart]", $mail_parts[0], $maildir); - $maildir = $app->db->quote($maildir); - $email = $app->db->quote($mail_parts[0].'@'.$this->dataRecord['domain']); - $app->db->datalogUpdate('mail_user', "maildir = '$maildir', email = '$email', sys_userid = $client_user_id, sys_groupid = '$sys_groupid'", 'mailuser_id', $rec['mailuser_id']); + $email = $mail_parts[0].'@'.$this->dataRecord['domain']; + $app->db->datalogUpdate('mail_user', array("maildir" => $maildir, "email" => $email, "sys_userid" => $client_user_id, "sys_groupid" => $sys_groupid), 'mailuser_id', $rec['mailuser_id']); } } @@ -381,9 +402,9 @@ class page_action extends tform_actions { $forwardings = $app->db->queryAllRecords("SELECT * FROM mail_forwarding WHERE source like ? OR destination like ?", '%@' . $this->oldDataRecord['domain'], '%@' . $this->oldDataRecord['domain']); if(is_array($forwardings)) { foreach($forwardings as $rec) { - $destination = $app->db->quote(str_replace($this->oldDataRecord['domain'], $this->dataRecord['domain'], $rec['destination'])); - $source = $app->db->quote(str_replace($this->oldDataRecord['domain'], $this->dataRecord['domain'], $rec['source'])); - $app->db->datalogUpdate('mail_forwarding', "source = '$source', destination = '$destination', sys_userid = $client_user_id, sys_groupid = '$sys_groupid'", 'forwarding_id', $rec['forwarding_id']); + $destination = str_replace($this->oldDataRecord['domain'], $this->dataRecord['domain'], $rec['destination']); + $source = str_replace($this->oldDataRecord['domain'], $this->dataRecord['domain'], $rec['source']); + $app->db->datalogUpdate('mail_forwarding', array("source" => $source, "destination" => $destination, "sys_userid" => $client_user_id, "sys_groupid" => $sys_groupid), 'forwarding_id', $rec['forwarding_id']); } } @@ -394,8 +415,8 @@ class page_action extends tform_actions { $fetchmail = $app->db->queryAllRecords("SELECT * FROM mail_get WHERE destination like ?", '%@' . $this->oldDataRecord['domain']); if(is_array($fetchmail)) { foreach($fetchmail as $rec) { - $destination = $app->db->quote(str_replace($this->oldDataRecord['domain'], $this->dataRecord['domain'], $rec['destination'])); - $app->db->datalogUpdate('mail_get', "destination = '$destination', sys_userid = $client_user_id, sys_groupid = '$sys_groupid'", 'mailget_id', $rec['mailget_id']); + $destination = str_replace($this->oldDataRecord['domain'], $this->dataRecord['domain'], $rec['destination']); + $app->db->datalogUpdate('mail_get', array("destination" => $destination, "sys_userid" => $client_user_id, "sys_groupid" => $sys_groupid), 'mailget_id', $rec['mailget_id']); } } @@ -430,7 +451,7 @@ class page_action extends tform_actions { $app->db->datalogUpdate('dns_rr', $rec, 'id', $rec['id']); $soa_id = $app->functions->intval($soa['zone']); $serial = $app->validate_dns->increase_serial($soa["serial"]); - $app->db->datalogUpdate('dns_soa', "serial = $serial", 'id', $soa_id); + $app->db->datalogUpdate('dns_soa', array("serial" => $serial), 'id', $soa_id); } } } @@ -464,7 +485,7 @@ class page_action extends tform_actions { $app->db->datalogInsert('dns_rr', $new_rr, 'id', $new_rr['zone']); $zone = $app->db->queryOneRecord("SELECT id, serial FROM dns_soa WHERE active = 'Y' AND id = ?", $new_rr['zone']); $new_serial = $app->validate_dns->increase_serial($zone['serial']); - $app->db->datalogUpdate('dns_soa', "serial = '".$new_serial."'", 'id', $zone['id']); + $app->db->datalogUpdate('dns_soa', array("serial" => $new_serial), 'id', $zone['id']); } } diff --git a/interface/web/mail/mail_user_edit.php b/interface/web/mail/mail_user_edit.php index 5292c7781..3c3887325 100644 --- a/interface/web/mail/mail_user_edit.php +++ b/interface/web/mail/mail_user_edit.php @@ -266,11 +266,22 @@ class page_action extends tform_actions { $tmp_user = $app->db->queryOneRecord("SELECT id FROM spamfilter_users WHERE email = ?", $this->dataRecord["email"]); if($tmp_user["id"] > 0) { // There is already a record that we will update - $app->db->datalogUpdate('spamfilter_users', "policy_id = $policy_id", 'id', $tmp_user["id"]); + $app->db->datalogUpdate('spamfilter_users', array("policy_id" => $policy_id), 'id', $tmp_user["id"]); } else { // We create a new record - $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `priority`, `policy_id`, `email`, `fullname`, `local`) - VALUES (".$app->functions->intval($_SESSION["s"]["user"]["userid"]).", ".$app->functions->intval($domain["sys_groupid"]).", 'riud', 'riud', '', ".$app->functions->intval($domain["server_id"]).", 10, ".$app->functions->intval($policy_id).", '".$app->db->quote($this->dataRecord["email"])."', '".$app->db->quote($this->dataRecord["email"])."', 'Y')"; + $insert_data = array( + "sys_userid" => $_SESSION["s"]["user"]["userid"], + "sys_groupid" => $domain["sys_groupid"], + "sys_perm_user" => 'riud', + "sys_perm_group" => 'riud', + "sys_perm_other" => '', + "server_id" => $domain["server_id"], + "priority" => 10, + "policy_id" => $policy_id, + "email" => $this->dataRecord["email"], + "fullname" => $this->dataRecord["email"], + "local" => 'Y' + ); $app->db->datalogInsert('spamfilter_users', $insert_data, 'id'); } } // endif spamfilter policy @@ -302,11 +313,22 @@ class page_action extends tform_actions { if($policy_id > 0) { if($tmp_user["id"] > 0) { // There is already a record that we will update - $app->db->datalogUpdate('spamfilter_users', "policy_id = $policy_id", 'id', $tmp_user["id"]); + $app->db->datalogUpdate('spamfilter_users', array("policy_id" => $policy_id), 'id', $tmp_user["id"]); } else { // We create a new record - $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `priority`, `policy_id`, `email`, `fullname`, `local`) - VALUES (".$app->functions->intval($_SESSION["s"]["user"]["userid"]).", ".$app->functions->intval($domain["sys_groupid"]).", 'riud', 'riud', '', ".$app->functions->intval($domain["server_id"]).", 10, ".$app->functions->intval($policy_id).", '".$app->db->quote($this->dataRecord["email"])."', '".$app->db->quote($this->dataRecord["email"])."', 'Y')"; + $insert_data = array( + "sys_userid" => $_SESSION["s"]["user"]["userid"], + "sys_groupid" => $domain["sys_groupid"], + "sys_perm_user" => 'riud', + "sys_perm_group" => 'riud', + "sys_perm_other" => '', + "server_id" => $domain["server_id"], + "priority" => 10, + "policy_id" => $policy_id, + "email" => $this->dataRecord["email"], + "fullname" => $this->dataRecord["email"], + "local" => 'Y' + ); $app->db->datalogInsert('spamfilter_users', $insert_data, 'id'); } }else { @@ -336,8 +358,8 @@ class page_action extends tform_actions { $forwardings = $app->db->queryAllRecords("SELECT * FROM mail_forwarding WHERE destination = ?", $this->oldDataRecord['email']); if(is_array($forwardings)) { foreach($forwardings as $rec) { - $destination = $app->db->quote($this->dataRecord['email']); - $app->db->datalogUpdate('mail_forwarding', "destination = '$destination'", 'forwarding_id', $rec['forwarding_id']); + $destination = $this->dataRecord['email']; + $app->db->datalogUpdate('mail_forwarding', array("destination" => $destination), 'forwarding_id', $rec['forwarding_id']); } } @@ -345,9 +367,9 @@ class page_action extends tform_actions { //* Change backup options when user mail backup options have been changed if(isset($this->dataRecord['backup_interval']) && ($this->dataRecord['backup_interval'] != $this->oldDataRecord['backup_interval'] || $this->dataRecord['backup_copies'] != $this->oldDataRecord['backup_copies'])) { - $backup_interval = $app->db->quote($this->dataRecord['backup_interval']); + $backup_interval = $this->dataRecord['backup_interval']; $backup_copies = $app->functions->intval($this->dataRecord['backup_copies']); - $app->db->datalogUpdate('mail_user', "backup_interval = '$backup_interval', backup_copies = '$backup_copies'", 'mailuser_id', $rec['mailuser_id']); + $app->db->datalogUpdate('mail_user', array("backup_interval" => $backup_interval, "backup_copies" => $backup_copies), 'mailuser_id', $rec['mailuser_id']); unset($backup_copies); unset($backup_interval); } // end if backup options changed diff --git a/interface/web/mail/xmpp_domain_edit.php b/interface/web/mail/xmpp_domain_edit.php index 851986b0e..b5858e01e 100644 --- a/interface/web/mail/xmpp_domain_edit.php +++ b/interface/web/mail/xmpp_domain_edit.php @@ -468,7 +468,7 @@ class page_action extends tform_actions { // Refresh zone $zone = $app->db->queryOneRecord("SELECT id, serial FROM dns_soa WHERE active = 'Y' AND id = ?", $new_rr['zone']); $new_serial = $app->validate_dns->increase_serial($zone['serial']); - $app->db->datalogUpdate('dns_soa', "serial = '".$new_serial."'", 'id', $zone['id']); + $app->db->datalogUpdate('dns_soa', array("serial" => $new_serial), 'id', $zone['id']); } /* diff --git a/interface/web/mailuser/mail_user_spamfilter_edit.php b/interface/web/mailuser/mail_user_spamfilter_edit.php index 335aaece0..9d3735672 100644 --- a/interface/web/mailuser/mail_user_spamfilter_edit.php +++ b/interface/web/mailuser/mail_user_spamfilter_edit.php @@ -82,11 +82,22 @@ class page_action extends tform_actions { if($policy_id > 0) { if($tmp_user["id"] > 0) { // There is already a record that we will update - $app->db->datalogUpdate('spamfilter_users', "policy_id = $policy_id", 'id', $tmp_user["id"]); + $app->db->datalogUpdate('spamfilter_users', array("policy_id" => $policy_id), 'id', $tmp_user["id"]); } else { // We create a new record - $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `priority`, `policy_id`, `email`, `fullname`, `local`) - VALUES (".$app->functions->intval($domain["sys_userid"]).", ".$app->functions->intval($domain["sys_groupid"]).", 'riud', 'riud', '', ".$app->functions->intval($domain["server_id"]).", 10, ".$app->functions->intval($policy_id).", '".$app->db->quote($rec["email"])."', '".$app->db->quote($rec["email"])."', 'Y')"; + $insert_data = array( + "sys_userid" => $domain["sys_userid"], + "sys_groupid" => $domain["sys_groupid"], + "sys_perm_user" => 'riud', + "sys_perm_group" => 'riud', + "sys_perm_other" => '', + "server_id" => $domain["server_id"], + "priority" => 10, + "policy_id" => $policy_id, + "email" => $rec["email"], + "fullname" => $rec["email"], + "local" => 'Y' + ); $app->db->datalogInsert('spamfilter_users', $insert_data, 'id'); } }else { diff --git a/interface/web/sites/database_user_del.php b/interface/web/sites/database_user_del.php index 2ca1ef58b..d80ba4f05 100644 --- a/interface/web/sites/database_user_del.php +++ b/interface/web/sites/database_user_del.php @@ -67,12 +67,12 @@ class page_action extends tform_actions { //* Update all records that belog to this user $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE database_user_id = ?", $this->id); foreach($records as $rec) { - $app->db->datalogUpdate('web_database', 'database_user_id=NULL', 'database_id', $rec['database_id']); + $app->db->datalogUpdate('web_database', array('database_user_id' => null), 'database_id', $rec['database_id']); } $records = $app->db->queryAllRecords("SELECT database_id FROM web_database WHERE database_ro_user_id = ?", $this->id); foreach($records as $rec) { - $app->db->datalogUpdate('web_database', 'database_ro_user_id=NULL', 'database_id', $rec['database_id']); + $app->db->datalogUpdate('web_database', array('database_ro_user_id' => null), 'database_id', $rec['database_id']); } } diff --git a/interface/web/tools/dns_import_tupa.php b/interface/web/tools/dns_import_tupa.php index b33b978da..b45a11b60 100644 --- a/interface/web/tools/dns_import_tupa.php +++ b/interface/web/tools/dns_import_tupa.php @@ -89,18 +89,35 @@ if(isset($_POST['start']) && $_POST['start'] == 1) { $soa = $exdb->queryOneRecord("SELECT * FROM records WHERE type = 'SOA' AND domain_id = ?", $domain['id']); if(is_array($soa)) { $parts = explode(' ', $soa['content']); - $origin = $app->db->quote(addot($soa['name'])); - $ns = $app->db->quote(addot($parts[0])); - $mbox = $app->db->quote(addot($parts[1])); - $serial = $app->db->quote($parts[2]); + $origin = addot($soa['name']); + $ns = addot($parts[0]); + $mbox = addot($parts[1]); + $serial = $parts[2]; $refresh = 7200; $retry = 540; $expire = 604800; $minimum = 86400; - $ttl = $app->db->quote($soa['ttl']); - - $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `origin`, `ns`, `mbox`, `serial`, `refresh`, `retry`, `expire`, `minimum`, `ttl`, `active`, `xfer`) VALUES - ('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$origin', '$ns', '$mbox', '$serial', '$refresh', '$retry', '$expire', '$minimum', '$ttl', 'Y', '')"; + $ttl = $soa['ttl']; + + $insert_data = array( + "sys_userid" => $sys_userid, + "sys_groupid" => $sys_groupid, + "sys_perm_user" => 'riud', + "sys_perm_group" => 'riud', + "sys_perm_other" => '', + "server_id" => $server_id, + "origin" => $origin, + "ns" => $ns, + "mbox" => $mbox, + "serial" => $serial, + "refresh" => $refresh, + "retry" => $retry, + "expire" => $expire, + "minimum" => $minimum, + "ttl" => $ttl, + "active" => 'Y', + "xfer" => '' + ); $dns_soa_id = $app->db->datalogInsert('dns_soa', $insert_data, 'id'); unset($parts); $msg .= 'Import Zone: '.$soa['name'].'
'; @@ -111,19 +128,32 @@ if(isset($_POST['start']) && $_POST['start'] == 1) { foreach($records as $rec) { $rr = array(); - $rr['name'] = $app->db->quote(addot($rec['name'])); - $rr['type'] = $app->db->quote($rec['type']); - $rr['aux'] = $app->db->quote($rec['prio']); - $rr['ttl'] = $app->db->quote($rec['ttl']); + $rr['name'] = addot($rec['name']); + $rr['type'] = $rec['type']; + $rr['aux'] = $rec['prio']; + $rr['ttl'] = $rec['ttl']; if($rec['type'] == 'NS' || $rec['type'] == 'MX' || $rec['type'] == 'CNAME') { - $rr['data'] = $app->db->quote(addot($rec['content'])); + $rr['data'] = addot($rec['content']); } else { - $rr['data'] = $app->db->quote($rec['content']); + $rr['data'] = $rec['content']; } - $insert_data = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `zone`, `name`, `type`, `data`, `aux`, `ttl`, `active`) VALUES - ('$sys_userid', '$sys_groupid', 'riud', 'riud', '', '$server_id', '$dns_soa_id', '$rr[name]', '$rr[type]', '$rr[data]', '$rr[aux]', '$rr[ttl]', 'Y')"; + $insert_data = array( + "sys_userid" => $sys_userid, + "sys_groupid" => $sys_groupid, + "sys_perm_user" => 'riud', + "sys_perm_group" => 'riud', + "sys_perm_other" => '', + "server_id" => $server_id, + "zone" => $dns_soa_id, + "name" => $rr['name'], + "type" => $rr['type'], + "data" => $rr['data'], + "aux" => $rr['aux'], + "ttl" => $rr['ttl'], + "active" => 'Y' + ); $dns_rr_id = $app->db->datalogInsert('dns_rr', $insert_data, 'id'); //$msg .= $insert_data.'
'; diff --git a/interface/web/tools/import_vpopmail.php b/interface/web/tools/import_vpopmail.php index 8f4334d1f..3c8db20ae 100644 --- a/interface/web/tools/import_vpopmail.php +++ b/interface/web/tools/import_vpopmail.php @@ -118,7 +118,7 @@ function start_import() { $client_id = $app->db->insertID(); //* add sys_group - $groupid = $app->db->datalogInsert('sys_group', "(name,description,client_id) VALUES ('".$app->db->quote($pw_domain)."','',".$client_id.")", 'groupid'); + $groupid = $app->db->datalogInsert('sys_group', array("name" => $pw_domain, "description" => '', "client_id" => $client_id), 'groupid'); $groups = $groupid; $username = $pw_domain; @@ -175,8 +175,16 @@ function start_import() { $sys_userid = ($user_rec['userid'] > 0)?$user_rec['userid']:1; $sys_groupid = ($user_rec['default_group'] > 0)?$user_rec['default_group']:1; - $sql = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `domain`, `active`) - VALUES(".$sys_userid.", ".$sys_groupid.", 'riud', 'riud', '', $local_server_id, '$domain', 'y')"; + $sql = array( + "sys_userid" => $sys_userid, + "sys_groupid" => $sys_groupid, + "sys_perm_user" => 'riud', + "sys_perm_group" => 'riud', + "sys_perm_other" => '', + "server_id" => $local_server_id, + "domain" => $domain, + "active" => 'y' + ); $app->db->datalogInsert('mail_domain', $sql, 'domain_id'); $msg .= "Imported domain $domain
"; } else { @@ -205,8 +213,40 @@ function start_import() { $maildir_path = "/var/vmail/".$rec['pw_domain']."/".$rec['pw_name']; //* Insert the mailbox - $sql = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `email`, `login`, `password`, `name`, `uid`, `gid`, `maildir`, `quota`, `cc`, `homedir`, `autoresponder`, `autoresponder_start_date`, `autoresponder_end_date`, `autoresponder_subject`, `autoresponder_text`, `move_junk`, `custom_mailfilter`, `postfix`, `access`, `disableimap`, `disablepop3`, `disabledeliver`, `disablesmtp`, `disablesieve`, `disablelda`, `disabledoveadm`) - VALUES(".$domain_rec['sys_userid'].", ".$domain_rec['sys_groupid'].", 'riud', 'riud', '', $local_server_id, '$email', '$email', '$pw_crypt_password', '$email', 5000, 5000, '$maildir_path', 0, '', '/var/vmail', 'n', '0000-00-00 00:00:00', '0000-00-00 00:00:00', 'Out of office reply', '', 'n', '', 'y', 'n', 'n', 'n', 'n', 'n', 'n', 'n', 'n')"; + $sql = array( + "sys_userid" => $domain_rec['sys_userid'], + "sys_groupid" => $domain_rec['sys_groupid'], + "sys_perm_user" => 'riud', + "sys_perm_group" => 'riud', + "sys_perm_other" => '', + "server_id" => $local_server_id, + "email" => $email, + "login" => $email, + "password" => $pw_crypt_password, + "name" => $email, + "uid" => 5000, + "gid" => 5000, + "maildir" => $maildir_path, + "quota" => 0, + "cc" => '', + "homedir" => '/var/vmail', + "autoresponder" => 'n', + "autoresponder_start_date" => '0000-00-00 00:00:00', + "autoresponder_end_date" => '0000-00-00 00:00:00', + "autoresponder_subject" => 'Out of office reply', + "autoresponder_text" => '', + "move_junk" => 'n', + "custom_mailfilter" => '', + "postfix" => 'y', + "access" => 'n', + "disableimap" => 'n', + "disablepop3" => 'n', + "disabledeliver" => 'n', + "disablesmtp" => 'n', + "disablesieve" => 'n', + "disablelda" => 'n', + "disabledoveadm" => 'n' + ); $app->db->datalogInsert('mail_user', $sql, 'mailuser_id'); $msg .= "Imported mailbox $email
"; } @@ -250,8 +290,18 @@ function start_import() { $domain_rec = $app->db->queryOneRecord("SELECT * FROM mail_domain WHERE domain = ?", $rec['domain']); if(is_array($domain_rec)) { - $sql = "(`sys_userid`, `sys_groupid`, `sys_perm_user`, `sys_perm_group`, `sys_perm_other`, `server_id`, `source`, `destination`, `type`, `active`) - VALUES(".$domain_rec['sys_userid'].", ".$domain_rec['sys_groupid'].", 'riud', 'riud', '', $local_server_id, '".$app->db->quote($email)."', '".$app->db->quote($target)."', 'forward', 'y')"; + $sql = array( + "sys_userid" => $domain_rec['sys_userid'], + "sys_groupid" => $domain_rec['sys_groupid'], + "sys_perm_user" => 'riud', + "sys_perm_group" => 'riud', + "sys_perm_other" => '', + "server_id" => $local_server_id, + "source" => $email, + "destination" => $target, + "type" => 'forward', + "active" => 'y' + ); $app->db->datalogInsert('mail_forwarding', $sql, 'forwarding_id'); } $msg .= "Imported alias $email.
"; diff --git a/interface/web/tools/resync.php b/interface/web/tools/resync.php index 6738843bc..1cd150a73 100644 --- a/interface/web/tools/resync.php +++ b/interface/web/tools/resync.php @@ -511,13 +511,13 @@ class page_action extends tform_actions { if(!empty($rr_records)) { foreach($rr_records as $rec) { $new_serial = $app->validate_dns->increase_serial($rec['serial']); - $app->db->datalogUpdate('dns_rr', "serial = '".$new_serial."'", 'id', $rec['id']); + $app->db->datalogUpdate('dns_rr', array("serial" => $new_serial), 'id', $rec['id']); } } else { $msg .= $app->tform->wordbook['no_results_txt'].'
'; } $new_serial = $app->validate_dns->increase_serial($soa_rec['serial']); - $app->db->datalogUpdate('dns_soa', "serial = '".$new_serial."'", 'id', $soa_rec['id']); + $app->db->datalogUpdate('dns_soa', array("serial" => $new_serial), 'id', $soa_rec['id']); $msg .= '['.$server_name[$soa_rec['server_id']].'] '.$soa_rec['origin'].' ('.count($rr_records).')
'; } else $msg .= $app->tform->wordbook['no_results_txt'].'
'; diff --git a/server/lib/classes/cron.d/300-quota_notify.inc.php b/server/lib/classes/cron.d/300-quota_notify.inc.php index 5345f588b..9b2b79d0d 100644 --- a/server/lib/classes/cron.d/300-quota_notify.inc.php +++ b/server/lib/classes/cron.d/300-quota_notify.inc.php @@ -74,7 +74,7 @@ class cronjob_quota_notify extends cronjob { $web_traffic = round($tmp['total_traffic_bytes']/1024/1024); if($web_traffic_quota > 0 && $web_traffic > $web_traffic_quota) { - $app->dbmaster->datalogUpdate('web_domain', "traffic_quota_lock = 'y',active = 'n'", 'domain_id', $rec['domain_id']); + $app->dbmaster->datalogUpdate('web_domain', array("traffic_quota_lock" => 'y', "active" => 'n'), 'domain_id', $rec['domain_id']); $app->log('Traffic quota for '.$rec['domain'].' exceeded. Disabling website.', LOGLEVEL_DEBUG); //* Send traffic notifications @@ -104,7 +104,7 @@ class cronjob_quota_notify extends cronjob { } else { //* unlock the website, if traffic is lower then quota if($rec['traffic_quota_lock'] == 'y') { - $app->dbmaster->datalogUpdate('web_domain', "traffic_quota_lock = 'n',active = 'y'", 'domain_id', $rec['domain_id']); + $app->dbmaster->datalogUpdate('web_domain', array("traffic_quota_lock" => 'n', "active" => 'y'), 'domain_id', $rec['domain_id']); $app->log('Traffic quota for '.$rec['domain'].' ok again. Re-enabling website.', LOGLEVEL_DEBUG); } } @@ -192,7 +192,7 @@ class cronjob_quota_notify extends cronjob { // send notifications only if 90% or more of the quota are used if($used_ratio < 0.9) { // reset notification date - if($rec['last_quota_notification']) $app->dbmaster->datalogUpdate('web_domain', "last_quota_notification = NULL", 'domain_id', $rec['domain_id']); + if($rec['last_quota_notification']) $app->dbmaster->datalogUpdate('web_domain', array("last_quota_notification" => null), 'domain_id', $rec['domain_id']); // send notification - everything ok again if($rec['last_quota_notification'] && $web_config['overquota_notify_onok'] == 'y' && ($web_config['overquota_notify_admin'] == 'y' || $web_config['overquota_notify_client'] == 'y')) { @@ -229,7 +229,7 @@ class cronjob_quota_notify extends cronjob { //* Send quota notifications if(($web_config['overquota_notify_admin'] == 'y' || $web_config['overquota_notify_client'] == 'y') && $send_notification == true) { - $app->dbmaster->datalogUpdate('web_domain', "last_quota_notification = CURDATE()", 'domain_id', $rec['domain_id']); + $app->dbmaster->datalogUpdate('web_domain', array("last_quota_notification" => array("SQL" => "CURDATE()")), 'domain_id', $rec['domain_id']); $placeholders = array('{domain}' => $rec['domain'], '{admin_mail}' => ($global_config['admin_mail'] != ''? $global_config['admin_mail'] : 'root'), @@ -321,7 +321,7 @@ class cronjob_quota_notify extends cronjob { // send notifications only if 90% or more of the quota are used if($used_ratio < 0.9) { // reset notification date - if($rec['last_quota_notification']) $app->dbmaster->datalogUpdate('mail_user', "last_quota_notification = NULL", 'mailuser_id', $rec['mailuser_id']); + if($rec['last_quota_notification']) $app->dbmaster->datalogUpdate('mail_user', array("last_quota_notification" => null), 'mailuser_id', $rec['mailuser_id']); // send notification - everything ok again if($rec['last_quota_notification'] && $mail_config['overquota_notify_onok'] == 'y' && ($mail_config['overquota_notify_admin'] == 'y' || $mail_config['overquota_notify_client'] == 'y')) { @@ -358,7 +358,7 @@ class cronjob_quota_notify extends cronjob { elseif($mail_config['overquota_notify_freq'] > 0 && $rec['notified_before'] >= $mail_config['overquota_notify_freq']) $send_notification = true; if(($mail_config['overquota_notify_admin'] == 'y' || $mail_config['overquota_notify_client'] == 'y') && $send_notification == true) { - $app->dbmaster->datalogUpdate('mail_user', "last_quota_notification = CURDATE()", 'mailuser_id', $rec['mailuser_id']); + $app->dbmaster->datalogUpdate('mail_user', array("last_quota_notification" => array("SQL" => "CURDATE()")), 'mailuser_id', $rec['mailuser_id']); $placeholders = array('{email}' => $rec['email'], '{admin_mail}' => ($global_config['admin_mail'] != ''? $global_config['admin_mail'] : 'root'), @@ -438,9 +438,9 @@ class cronjob_quota_notify extends cronjob { if($used_ratio > 0.9) { //* reset notification date - if($rec['last_quota_notification']) $app->dbmaster->datalogUpdate('web_database', "last_quota_notification = NULL", 'database_id', $rec['database_id']); + if($rec['last_quota_notification']) $app->dbmaster->datalogUpdate('web_database', array("last_quota_notification" => null), 'database_id', $rec['database_id']); - $app->dbmaster->datalogUpdate('web_database', "last_quota_notification = CURDATE()", 'database_id', $rec['database_id']); + $app->dbmaster->datalogUpdate('web_database', array("last_quota_notification" => array("SQL" => "CURDATE()")), 'database_id', $rec['database_id']); // send notification - everything ok again if($rec['last_quota_notification'] && $web_config['overquota_notify_onok'] == 'y' && ($web_config['overquota_db_notify_admin'] == 'y' || $web_config['overquota_db_notify_client'] == 'y')) { @@ -475,7 +475,7 @@ class cronjob_quota_notify extends cronjob { //* Send quota notifications if(($web_config['overquota_db_notify_admin'] == 'y' || $web_config['overquota_db_notify_client'] == 'y') && $send_notification == true) { - $app->dbmaster->datalogUpdate('web_database', "last_quota_notification = CURDATE()", 'database_id', $rec['database_id']); + $app->dbmaster->datalogUpdate('web_database', array("last_quota_notification" => array("SQL" => "CURDATE()")), 'database_id', $rec['database_id']); $placeholders = array( '{database_name}' => $rec['database_name'], '{admin_mail}' => ($global_config['admin_mail'] != ''? $global_config['admin_mail'] : 'root'), diff --git a/server/lib/classes/cron.d/400-openvz.inc.php b/server/lib/classes/cron.d/400-openvz.inc.php index ec2b4de63..5eba8d208 100644 --- a/server/lib/classes/cron.d/400-openvz.inc.php +++ b/server/lib/classes/cron.d/400-openvz.inc.php @@ -60,7 +60,7 @@ class cronjob_openvz extends cronjob { $records = $app->db->queryAllRecords($sql); if(is_array($records)) { foreach($records as $rec) { - $app->dbmaster->datalogUpdate('openvz_vm', "active = 'n'", 'vm_id', $rec['vm_id']); + $app->dbmaster->datalogUpdate('openvz_vm', array("active" => 'n'), 'vm_id', $rec['vm_id']); $app->log('Virtual machine active date expired. Disabling VM '.$rec['veid'], LOGLEVEL_DEBUG); } } diff --git a/server/lib/classes/cron.d/600-cleanup.inc.php b/server/lib/classes/cron.d/600-cleanup.inc.php index 903a20f59..e55c2599b 100644 --- a/server/lib/classes/cron.d/600-cleanup.inc.php +++ b/server/lib/classes/cron.d/600-cleanup.inc.php @@ -59,7 +59,7 @@ class cronjob_cleanup extends cronjob { if(is_array($records)) { foreach($records as $rec) { $tmp = $app->db->queryOneRecord("SELECT id FROM aps_instances_settings WHERE instance_id = ? AND name = ?", $rec['instance_id'], $rec['name']); - $app->db->datalogUpdate('aps_instances_settings', "value = ''", 'id', $tmp['id']); + $app->db->datalogUpdate('aps_instances_settings', array("value" => ''), 'id', $tmp['id']); } } } diff --git a/server/lib/classes/db_mysql.inc.php b/server/lib/classes/db_mysql.inc.php index 9c693e39a..51d546710 100644 --- a/server/lib/classes/db_mysql.inc.php +++ b/server/lib/classes/db_mysql.inc.php @@ -141,13 +141,17 @@ class db extends mysqli } else { if(is_int($sValue) || is_float($sValue)) { $sTxt = $sValue; - } elseif(is_string($sValue) && (strcmp($sValue, '#NULL#') == 0)) { + } elseif(is_null($sValue) || (is_string($sValue) && (strcmp($sValue, '#NULL#') == 0))) { $sTxt = 'NULL'; } elseif(is_array($sValue)) { - $sTxt = ''; - foreach($sValue as $sVal) $sTxt .= ',\'' . $this->escape($sVal) . '\''; - $sTxt = '(' . substr($sTxt, 1) . ')'; - if($sTxt == '()') $sTxt = '(0)'; + if(isset($sValue['SQL'])) { + $sTxt = $sValue['SQL']; + } else { + $sTxt = ''; + foreach($sValue as $sVal) $sTxt .= ',\'' . $this->escape($sVal) . '\''; + $sTxt = '(' . substr($sTxt, 1) . ')'; + if($sTxt == '()') $sTxt = '(0)'; + } } else { $sTxt = '\'' . $this->escape($sValue) . '\''; } @@ -632,6 +636,7 @@ class db extends mysqli /* TODO: deprecate this method! */ $insert_data_str = $insert_data; $this->query("INSERT INTO ?? $insert_data_str", $tablename); + $app->log("deprecated use of passing values to datalogInsert() - table " . $tablename, 1); } $old_rec = array(); @@ -664,6 +669,7 @@ class db extends mysqli /* TODO: deprecate this method! */ $update_data_str = $update_data; $this->query("UPDATE ?? SET $update_data_str WHERE ?? = ?", $tablename, $index_field, $index_value); + $app->log("deprecated use of passing values to datalogUpdate() - table " . $tablename, 1); } $new_rec = $this->queryOneRecord("SELECT * FROM ?? WHERE ?? = ?", $tablename, $index_field, $index_value); -- GitLab