From 969c8053cecf16c912bc496d3796ee63a8933367 Mon Sep 17 00:00:00 2001 From: "Aldo \"xoen\" Giambelluca" Date: Sat, 3 Jul 2010 18:59:56 +0200 Subject: [PATCH 01/11] Added variable $CONFIG_DBTABLEPREFIX in configuration file for table prefix Table prefix is useful where only one DB is possible (cheap hosting). this way is possible define something like a "namespace" default is 'oc_' --- config/config.sample.php | 1 + 1 file changed, 1 insertion(+) diff --git a/config/config.sample.php b/config/config.sample.php index dfaaa4284d6..dc1a62f46e3 100755 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -8,4 +8,5 @@ $CONFIG_DBHOST='localhost'; $CONFIG_DBNAME='owncloud-db-name'; $CONFIG_DBUSER='user-name'; $CONFIG_DBPASSWORD='password'; +$CONFIG_DBTABLEPREFIX = 'oc_'; ?> From a87f4da3f3d176825faf3398a0e716f4577d385c Mon Sep 17 00:00:00 2001 From: "Aldo \"xoen\" Giambelluca" Date: Sat, 3 Jul 2010 19:06:42 +0200 Subject: [PATCH 02/11] Using table prefix preference and some reformatting --- inc/lib_config.php | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/inc/lib_config.php b/inc/lib_config.php index 986d12f4dce..546c393b7eb 100755 --- a/inc/lib_config.php +++ b/inc/lib_config.php @@ -134,6 +134,7 @@ class OC_CONFIG{ global $CONFIG_DBUSER; global $CONFIG_DBPASSWORD; global $CONFIG_DBTYPE; + global $CONFIG_DBTABLEPREFIX; global $CONFIG_ADMINLOGIN; global $CONFIG_ADMINPASSWORD; if(isset($_POST['set_config'])){ @@ -332,8 +333,15 @@ CREATE TABLE 'user_group' ( PRIMARY KEY ('user_group_id') ) "; - }elseif($CONFIG_DBTYPE=='mysql'){ - $query="CREATE TABLE IF NOT EXISTS `locks` ( + } elseif ( 'mysql' === $CONFIG_DBTYPE ) { + $dbTableLocks = $CONFIG_DBTABLEPREFIX . 'locks'; + $dbTableLog = $CONFIG_DBTABLEPREFIX . 'log'; + $dbTableProperties = $CONFIG_DBTABLEPREFIX . 'properties'; + $dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; + $dbTableGroups = $CONFIG_DBTABLEPREFIX . 'groups'; + $dbTableUserGroup = $CONFIG_DBTABLEPREFIX . 'user_group'; + + $query = "CREATE TABLE IF NOT EXISTS `$dbTableLocks` ( `token` varchar(255) NOT NULL DEFAULT '', `path` varchar(200) NOT NULL DEFAULT '', `created` int(11) NOT NULL DEFAULT '0', @@ -351,7 +359,7 @@ PRIMARY KEY ('user_group_id') KEY `expires` (`expires`) ); -CREATE TABLE IF NOT EXISTS `log` ( +CREATE TABLE IF NOT EXISTS `$dbTableLog` ( `id` int(11) NOT NULL AUTO_INCREMENT, `timestamp` int(11) NOT NULL, `user` varchar(250) NOT NULL, @@ -361,7 +369,7 @@ CREATE TABLE IF NOT EXISTS `log` ( ); -CREATE TABLE IF NOT EXISTS `properties` ( +CREATE TABLE IF NOT EXISTS `$dbTableProperties` ( `path` varchar(255) NOT NULL DEFAULT '', `name` varchar(120) NOT NULL DEFAULT '', `ns` varchar(120) NOT NULL DEFAULT 'DAV:', @@ -370,7 +378,7 @@ CREATE TABLE IF NOT EXISTS `properties` ( KEY `path` (`path`) ); -CREATE TABLE IF NOT EXISTS `users` ( +CREATE TABLE IF NOT EXISTS `$dbTableUsers` ( `user_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY , `user_name` VARCHAR( 64 ) NOT NULL , `user_name_clean` VARCHAR( 64 ) NOT NULL , @@ -381,7 +389,7 @@ UNIQUE ( ) ); -CREATE TABLE IF NOT EXISTS `groups` ( +CREATE TABLE IF NOT EXISTS `$dbTableGroups` ( `group_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY , `group_name` VARCHAR( 64 ) NOT NULL , UNIQUE ( @@ -389,7 +397,7 @@ UNIQUE ( ) ); -CREATE TABLE IF NOT EXISTS `user_group` ( +CREATE TABLE IF NOT EXISTS `$dbTableUserGroup` ( `user_group_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY , `user_id` VARCHAR( 64 ) NOT NULL , `group_id` VARCHAR( 64 ) NOT NULL From 31df117f1c24f1c61f306a79fd95c6dc371fd05b Mon Sep 17 00:00:00 2001 From: "Aldo \"xoen\" Giambelluca" Date: Sat, 3 Jul 2010 19:08:31 +0200 Subject: [PATCH 03/11] Using table prefix preference in 'inc/lib_log.php' --- inc/lib_log.php | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/inc/lib_log.php b/inc/lib_log.php index 3e0d3d16092..8ece1a498ab 100755 --- a/inc/lib_log.php +++ b/inc/lib_log.php @@ -47,8 +47,12 @@ class OC_LOG { * @param type $type * @param message $message */ - public static function event($user,$type,$message){ - $result = OC_DB::query('insert into log (timestamp,user,type,message) values ("'.time().'","'.addslashes($user).'","'.addslashes($type).'","'.addslashes($message).'")'); + public static function event($user, $type, $message){ + global $CONFIG_DBTABLEPREFIX; + $dbTableLog = $CONFIG_DBTABLEPREFIX . 'Log'; + $query = 'insert into ' . $dbTableLog . ' (timestamp,user,type,message) values + ("' . time() . '","' . addslashes($user) . '","' . addslashes($type) . '","' . addslashes($message) . '")'; + $result = OC_DB::query($query); OC_DB::free_result($result); } @@ -58,15 +62,18 @@ class OC_LOG { * */ public static function show(){ - global $CONFIG_DATEFORMAT; + global $CONFIG_DATEFORMAT; + global $CONFIG_DBTABLEPREFIX; echo('
'); - + + $dbTableLog = $CONFIG_DBTABLEPREFIX . 'Log'; if(OC_USER::ingroup($_SESSION['username_clean'],'admin')){ - $result = OC_DB::select('select timestamp,user,type,message from log order by timestamp desc limit 20'); + $query = "select timestamp,user,type,message from $dbTableLog order by timestamp desc limit 20"; }else{ - $user=$_SESSION['username_clean']; - $result = OC_DB::select('select timestamp,user,type,message from log where user=\''.$user.'\' order by timestamp desc limit 20'); + $user = $_SESSION['username_clean']; + $query = "select timestamp,user,type,message from $dbTableLog where user='$user' order by timestamp desc limit 20"; } + $result = OC_DB::select($query); foreach($result as $entry){ echo(''); echo(''); From 3f4577189591d84dc92f10c5263d13778f5c3e98 Mon Sep 17 00:00:00 2001 From: "Aldo \"xoen\" Giambelluca" Date: Sat, 3 Jul 2010 19:12:51 +0200 Subject: [PATCH 04/11] Using table prefix preference in 'inc/lib_ocs.php' --- inc/lib_ocs.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/inc/lib_ocs.php b/inc/lib_ocs.php index 52dc95800ab..c2fe6dba33a 100755 --- a/inc/lib_ocs.php +++ b/inc/lib_ocs.php @@ -372,15 +372,17 @@ class OC_OCS { * @return string xml/json */ private static function activityget($format,$page,$pagesize) { + global $CONFIG_DBTABLEPREFIX; + $dbTableLog = $CONFIG_DBTABLEPREFIX . 'Log'; $user=OC_OCS::checkpassword(); - $result = OC_DB::query('select count(*) as co from log'); + $result = OC_DB::query("select count(*) as co from $dbTableLog"); $entry=$result->fetchRow(); $totalcount=$entry['co']; OC_DB::free_result($result); - $result = OC_DB::select('select id,timestamp,user,type,message from log order by timestamp desc limit '.($page*$pagesize).','.$pagesize); + $result = OC_DB::select("select id,timestamp,user,type,message from $dbTableLog order by timestamp desc limit " . ($page*$pagesize) . ",$pagesize"); $itemscount=count($result); $url='http://'.substr($_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'],0,-11).''; From 54c1264e2477a722ba8293a369a4dafe7755b65d Mon Sep 17 00:00:00 2001 From: "Aldo \"xoen\" Giambelluca" Date: Sat, 3 Jul 2010 19:38:31 +0200 Subject: [PATCH 05/11] Using table prefix preference in 'inc/lib_user.php' --- inc/lib_user.php | 55 ++++++++++++++++++++++++++++++++++++++---------- 1 file changed, 44 insertions(+), 11 deletions(-) diff --git a/inc/lib_user.php b/inc/lib_user.php index e5d994dd02f..d3b38bc2ea3 100755 --- a/inc/lib_user.php +++ b/inc/lib_user.php @@ -55,6 +55,8 @@ class OC_USER { * */ public static function createuser($username,$password){ + global $CONFIG_DBTABLEPREFIX; + if(OC_USER::getuserid($username)!=0){ return false; }else{ @@ -62,7 +64,8 @@ class OC_USER { $usernameclean=strtolower($username); $username=OC_DB::escape($username); $usernameclean=OC_DB::escape($usernameclean); - $query="INSERT INTO `users` (`user_id` ,`user_name` ,`user_name_clean` ,`user_password`) VALUES (NULL , '$username', '$usernameclean', '$password')"; + $dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; + $query = "INSERT INTO `$dbTableUsers` (`user_id` ,`user_name` ,`user_name_clean` ,`user_password`) VALUES (NULL , '$username', '$usernameclean', '$password')"; $result=OC_DB::query($query); return ($result)?true:false; } @@ -74,11 +77,14 @@ class OC_USER { * */ public static function login($username,$password){ + global $CONFIG_DBTABLEPREFIX; + $password=sha1($password); $usernameclean=strtolower($username); $username=OC_DB::escape($username); $usernameclean=OC_DB::escape($usernameclean); - $query="SELECT user_id FROM users WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1"; + $dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; + $query = "SELECT user_id FROM $dbTableUsers WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1"; $result=OC_DB::select($query); if(isset($result[0]) && isset($result[0]['user_id'])){ $_SESSION['user_id']=$result[0]['user_id']; @@ -116,9 +122,12 @@ class OC_USER { * */ public static function creategroup($groupname){ + global $CONFIG_DBTABLEPREFIX; + if(OC_USER::getgroupid($groupname)==0){ $groupname=OC_DB::escape($groupname); - $query="INSERT INTO `groups` (`group_id` ,`group_name`) VALUES (NULL , '$groupname')"; + $dbTableGroups = $CONFIG_DBTABLEPREFIX . 'groups'; + $query="INSERT INTO `$dbTableGroups` (`group_id` ,`group_name`) VALUES (NULL , '$groupname')"; $result=OC_DB::query($query); return ($result)?true:false; }else{ @@ -131,10 +140,13 @@ class OC_USER { * */ public static function getuserid($username){ + global $CONFIG_DBTABLEPREFIX; + $usernameclean=strtolower($username); $username=OC_DB::escape($username); $usernameclean=OC_DB::escape($usernameclean); - $query="SELECT user_id FROM users WHERE user_name_clean = '$usernameclean'"; + $dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; + $query="SELECT user_id FROM $dbTableUsers WHERE user_name_clean = '$usernameclean'"; $result=OC_DB::select($query); if(!is_array($result)){ return 0; @@ -151,8 +163,11 @@ class OC_USER { * */ public static function getgroupid($groupname){ + global $CONFIG_DBTABLEPREFIX; + $groupname=OC_DB::escape($groupname); - $query="SELECT group_id FROM groups WHERE group_name = '$groupname'"; + $dbTableGroups = $CONFIG_DBTABLEPREFIX . 'groups'; + $query="SELECT group_id FROM $dbTableGroups WHERE group_name = '$groupname'"; $result=OC_DB::select($query); if(!is_array($result)){ return 0; @@ -169,8 +184,11 @@ class OC_USER { * */ public static function getgroupname($groupid){ + global $CONFIG_DBTABLEPREFIX; + $groupid=(integer)$groupid; - $query="SELECT group_name FROM groups WHERE group_id = '$groupid' LIMIT 1"; + $dbTableGroups = $CONFIG_DBTABLEPREFIX . 'groups'; + $query="SELECT group_name FROM $dbTableGroups WHERE group_id = '$groupid' LIMIT 1"; $result=OC_DB::select($query); if(isset($result[0]) && isset($result[0]['group_name'])){ return $result[0]['group_name']; @@ -184,10 +202,13 @@ class OC_USER { * */ public static function ingroup($username,$groupname){ + global $CONFIG_DBTABLEPREFIX; + $userid=OC_USER::getuserid($username); $groupid=OC_USER::getgroupid($groupname); if($groupid>0 and $userid>0){ - $query="SELECT user_group_id FROM user_group WHERE group_id = $groupid AND user_id = $userid LIMIT 1"; + $dbTableUserGroup = $CONFIG_DBTABLEPREFIX . 'user_group'; + $query="SELECT user_group_id FROM $dbTableUserGroup WHERE group_id = $groupid AND user_id = $userid LIMIT 1"; $result=OC_DB::select($query); if(isset($result[0]) && isset($result[0]['user_group_id'])){ return true; @@ -204,11 +225,14 @@ class OC_USER { * */ public static function addtogroup($username,$groupname){ + global $CONFIG_DBTABLEPREFIX; + if(!OC_USER::ingroup($username,$groupname)){ $userid=OC_USER::getuserid($username); $groupid=OC_USER::getgroupid($groupname); if($groupid!=0 and $userid!=0){ - $query="INSERT INTO `user_group` (`user_group_id` ,`user_id` ,`group_id`) VALUES (NULL , '$userid', '$groupid');"; + $dbTableUserGroup = $CONFIG_DBTABLEPREFIX . 'user_group'; + $query="INSERT INTO `$dbTableUserGroup` (`user_group_id` ,`user_id` ,`group_id`) VALUES (NULL , '$userid', '$groupid');"; $result=OC_DB::query($query); if($result){ return true; @@ -232,8 +256,11 @@ class OC_USER { * */ public static function getusergroups($username){ + global $CONFIG_DBTABLEPREFIX; + $userid=OC_USER::getuserid($username); - $query="SELECT group_id FROM user_group WHERE user_id = '$userid'"; + $dbTableUserGroup = $CONFIG_DBTABLEPREFIX . 'user_group'; + $query = "SELECT group_id FROM $dbTableUserGroup WHERE user_id = '$userid'"; $result=OC_DB::select($query); $groups=array(); if(is_array($result)){ @@ -250,9 +277,12 @@ class OC_USER { * */ public static function setpassword($username,$password){ + global $CONFIG_DBTABLEPREFIX; + $password=sha1($password); $userid=OC_USER::getuserid($username); - $query="UPDATE users SET user_password = '$password' WHERE user_id ='$userid'"; + $dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; + $query = "UPDATE $dbTableUsers SET user_password = '$password' WHERE user_id ='$userid'"; $result=OC_DB::query($query); if($result){ return true; @@ -266,11 +296,14 @@ class OC_USER { * */ public static function checkpassword($username,$password){ + global $CONFIG_DBTABLEPREFIX; + $password=sha1($password); $usernameclean=strtolower($username); $username=OC_DB::escape($username); $usernameclean=OC_DB::escape($usernameclean); - $query="SELECT user_id FROM 'users' WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1"; + $dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; + $query = "SELECT user_id FROM '$dbTableUsers' WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1"; $result=OC_DB::select($query); if(isset($result[0]) && isset($result[0]['user_id']) && $result[0]['user_id']>0){ return true; From f26c7d9bfc116ecf60d5036352c194a641f95c1b Mon Sep 17 00:00:00 2001 From: "Aldo \"xoen\" Giambelluca" Date: Sun, 4 Jul 2010 06:47:08 +0200 Subject: [PATCH 06/11] Added a input for the DB table prefix in 'inc/templates/adminform.php' --- inc/templates/adminform.php | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/inc/templates/adminform.php b/inc/templates/adminform.php index c22c78768b0..231e9c52839 100755 --- a/inc/templates/adminform.php +++ b/inc/templates/adminform.php @@ -10,6 +10,7 @@ if(!$f) die('Error: Config file (config/config.php) is not writable for the webs if(!isset($fillDB)) $fillDB=true; if(!isset($CONFIG_DBHOST)) $CONFIG_DBHOST='localhost'; if(!isset($CONFIG_DBUSER)) $CONFIG_DBUSER='owncloud'; +if(!isset($CONFIG_DBTABLEPREFIX)) $CONFIG_DBTABLEPREFIX='oc_'; $newuserpassword=OC_USER::generatepassword(); ?> -
+
'.date($CONFIG_DATEFORMAT,$entry['timestamp']).'
- + @@ -104,21 +105,22 @@ foreach($dbtypes as $dbtype){ + - + - +
force ssl:>
force ssl:>
enable automatic backup:>
backup directory:
date format:
database host:
database name:
database table prefix:
database user:
database password:(leave empty to keep current password)
retype database password:
create database and user: onchange='showDBAdmin()'>
create database and user: onchange='showDBAdmin()'>
database administrative user:
database administrative password:
automaticly fill initial database:>
automaticly fill initial database:>


-
- + +
From e2c621e9583608c02a761f3ad50223e7aa85bd19 Mon Sep 17 00:00:00 2001 From: "Aldo \"xoen\" Giambelluca" Date: Sun, 4 Jul 2010 06:48:59 +0200 Subject: [PATCH 07/11] Write DB table prefix into the configuration file --- inc/lib_config.php | 33 +++++++++++++++++---------------- 1 file changed, 17 insertions(+), 16 deletions(-) diff --git a/inc/lib_config.php b/inc/lib_config.php index 546c393b7eb..a05aff389a2 100755 --- a/inc/lib_config.php +++ b/inc/lib_config.php @@ -134,7 +134,6 @@ class OC_CONFIG{ global $CONFIG_DBUSER; global $CONFIG_DBPASSWORD; global $CONFIG_DBTYPE; - global $CONFIG_DBTABLEPREFIX; global $CONFIG_ADMINLOGIN; global $CONFIG_ADMINPASSWORD; if(isset($_POST['set_config'])){ @@ -242,6 +241,7 @@ class OC_CONFIG{ $config.='$CONFIG_DATEFORMAT=\''.$_POST['dateformat']."';\n"; $config.='$CONFIG_DBTYPE=\''.$dbtype."';\n"; $config.='$CONFIG_DBNAME=\''.$_POST['dbname']."';\n"; + $config.='$CONFIG_DBTABLEPREFIX=\''.$_POST['dbtableprefix']."';\n"; if($dbtype=='mysql'){ $config.='$CONFIG_DBHOST=\''.$_POST['dbhost']."';\n"; $config.='$CONFIG_DBUSER=\''.$_POST['dbuser']."';\n"; @@ -277,8 +277,16 @@ class OC_CONFIG{ */ private static function filldatabase(){ global $CONFIG_DBTYPE; + global $CONFIG_DBTABLEPREFIX; + + $dbTableLocks = $CONFIG_DBTABLEPREFIX . 'locks'; + $dbTableLog = $CONFIG_DBTABLEPREFIX . 'log'; + $dbTableProperties = $CONFIG_DBTABLEPREFIX . 'properties'; + $dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; + $dbTableGroups = $CONFIG_DBTABLEPREFIX . 'groups'; + $dbTableUserGroup = $CONFIG_DBTABLEPREFIX . 'user_group'; if($CONFIG_DBTYPE=='sqlite'){ - $query="CREATE TABLE 'locks' ( + $query="CREATE TABLE '$dbTableLocks' ( 'token' VARCHAR(255) NOT NULL DEFAULT '', 'path' varchar(200) NOT NULL DEFAULT '', 'created' int(11) NOT NULL DEFAULT '0', @@ -292,7 +300,7 @@ class OC_CONFIG{ UNIQUE ('token') ); -CREATE TABLE 'log' ( +CREATE TABLE '$dbTableLog' ( `id` INTEGER ASC DEFAULT '' NOT NULL, 'timestamp' int(11) NOT NULL, 'user' varchar(250) NOT NULL, @@ -302,7 +310,7 @@ CREATE TABLE 'log' ( ); -CREATE TABLE 'properties' ( +CREATE TABLE '$dbTableProperties' ( 'path' varchar(255) NOT NULL DEFAULT '', 'name' varchar(120) NOT NULL DEFAULT '', 'ns' varchar(120) NOT NULL DEFAULT 'DAV:', @@ -310,7 +318,7 @@ CREATE TABLE 'properties' ( PRIMARY KEY ('path','name','ns') ); -CREATE TABLE 'users' ( +CREATE TABLE '$dbTableUsers' ( 'user_id' INTEGER ASC DEFAULT '', 'user_name' varchar(64) NOT NULL DEFAULT '', 'user_name_clean' varchar(64) NOT NULL DEFAULT '', @@ -319,29 +327,22 @@ CREATE TABLE 'users' ( UNIQUE ('user_name' ,'user_name_clean') ); -CREATE TABLE 'groups' ( +CREATE TABLE '$dbTableGroups' ( 'group_id' INTEGER ASC DEFAULT '', 'group_name' VARCHAR( 64 ) NOT NULL DEFAULT '', PRIMARY KEY ('group_id'), UNIQUE ('group_name') ); -CREATE TABLE 'user_group' ( +CREATE TABLE '$dbTableUserGroup' ( 'user_group_id' INTEGER ASC DEFAULT '', 'user_id' VARCHAR( 64 ) NOT NULL DEFAULT '', 'group_id' VARCHAR( 64 ) NOT NULL DEFAULT '', PRIMARY KEY ('user_group_id') ) "; - } elseif ( 'mysql' === $CONFIG_DBTYPE ) { - $dbTableLocks = $CONFIG_DBTABLEPREFIX . 'locks'; - $dbTableLog = $CONFIG_DBTABLEPREFIX . 'log'; - $dbTableProperties = $CONFIG_DBTABLEPREFIX . 'properties'; - $dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; - $dbTableGroups = $CONFIG_DBTABLEPREFIX . 'groups'; - $dbTableUserGroup = $CONFIG_DBTABLEPREFIX . 'user_group'; - - $query = "CREATE TABLE IF NOT EXISTS `$dbTableLocks` ( + }elseif($CONFIG_DBTYPE=='mysql'){ + $query="CREATE TABLE IF NOT EXISTS `$dbTableLocks` ( `token` varchar(255) NOT NULL DEFAULT '', `path` varchar(200) NOT NULL DEFAULT '', `created` int(11) NOT NULL DEFAULT '0', From 2fe595d10915afe27ba3a55eeb78bfe0be094f9b Mon Sep 17 00:00:00 2001 From: "Aldo \"xoen\" Giambelluca" Date: Sun, 4 Jul 2010 07:35:05 +0200 Subject: [PATCH 08/11] Now DB tables are created with the right name (using the prefix) --- inc/lib_config.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/inc/lib_config.php b/inc/lib_config.php index a05aff389a2..9566b504b23 100755 --- a/inc/lib_config.php +++ b/inc/lib_config.php @@ -25,6 +25,7 @@ class OC_CONFIG{ global $CONFIG_HTTPFORCESSL; global $CONFIG_DATEFORMAT; global $CONFIG_DBNAME; + global $CONFIG_DBTABLEPREFIX; global $CONFIG_INSTALLED; $allow=false; if(!$CONFIG_INSTALLED){ @@ -130,6 +131,7 @@ class OC_CONFIG{ global $WEBROOT; global $CONFIG_DBHOST; global $CONFIG_DBNAME; + global $CONFIG_DBTABLEPREFIX; global $CONFIG_INSTALLED; global $CONFIG_DBUSER; global $CONFIG_DBPASSWORD; @@ -184,6 +186,7 @@ class OC_CONFIG{ //create/fill database $CONFIG_DBTYPE=$dbtype; $CONFIG_DBNAME=$_POST['dbname']; + $CONFIG_DBTABLEPREFIX=$_POST['dbtableprefix']; if($dbtype=='mysql'){ $CONFIG_DBHOST=$_POST['dbhost']; $CONFIG_DBUSER=$_POST['dbuser']; From 78cc98e4ea73daa9717297dab800c55edfc61ee5 Mon Sep 17 00:00:00 2001 From: "Aldo \"xoen\" Giambelluca" Date: Sun, 4 Jul 2010 07:39:26 +0200 Subject: [PATCH 09/11] Changed table name from Log to log in 'inc/lib_log.php' --- inc/lib_log.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/inc/lib_log.php b/inc/lib_log.php index 8ece1a498ab..675f1c0b75c 100755 --- a/inc/lib_log.php +++ b/inc/lib_log.php @@ -49,7 +49,7 @@ class OC_LOG { */ public static function event($user, $type, $message){ global $CONFIG_DBTABLEPREFIX; - $dbTableLog = $CONFIG_DBTABLEPREFIX . 'Log'; + $dbTableLog = $CONFIG_DBTABLEPREFIX . 'log'; $query = 'insert into ' . $dbTableLog . ' (timestamp,user,type,message) values ("' . time() . '","' . addslashes($user) . '","' . addslashes($type) . '","' . addslashes($message) . '")'; $result = OC_DB::query($query); @@ -66,7 +66,7 @@ class OC_LOG { global $CONFIG_DBTABLEPREFIX; echo('
Create new user:
user name
password
'); - $dbTableLog = $CONFIG_DBTABLEPREFIX . 'Log'; + $dbTableLog = $CONFIG_DBTABLEPREFIX . 'log'; if(OC_USER::ingroup($_SESSION['username_clean'],'admin')){ $query = "select timestamp,user,type,message from $dbTableLog order by timestamp desc limit 20"; }else{ From f3627a756ea132cd61dc35ba94edd7d2d06315a3 Mon Sep 17 00:00:00 2001 From: "Aldo \"xoen\" Giambelluca" Date: Sun, 4 Jul 2010 10:36:50 +0200 Subject: [PATCH 10/11] Using DB table prefix in 'inc/HTTP/WebDAV/Server/Filesyste.php' --- inc/HTTP/WebDAV/Server/Filesystem.php | 42 ++++++++++++++++++--------- 1 file changed, 29 insertions(+), 13 deletions(-) diff --git a/inc/HTTP/WebDAV/Server/Filesystem.php b/inc/HTTP/WebDAV/Server/Filesystem.php index 000831f6fef..218b286c383 100755 --- a/inc/HTTP/WebDAV/Server/Filesystem.php +++ b/inc/HTTP/WebDAV/Server/Filesystem.php @@ -150,6 +150,9 @@ */ function fileinfo($path) { + global $CONFIG_DBTABLEPREFIX; + $dbTableProperties = $CONFIG_DBTABLEPREFIX . 'properties'; + // map URI path to filesystem path $fspath =$path; @@ -183,7 +186,7 @@ $info["props"][] = $this->mkprop("getcontentlength", OC_FILESYSTEM::filesize($fspath)); } // get additional properties from database - $query = "SELECT ns, name, value FROM properties WHERE path = '$path'"; + $query = "SELECT ns, name, value FROM $dbTableProperties WHERE path = '$path'"; $res = OC_DB::select($query); while ($row = $res[0]) { $info["props"][] = $this->mkprop($row["ns"], $row["name"], $row["value"]); @@ -392,6 +395,8 @@ */ function DELETE($options) { + global $CONFIG_DBTABLEPREFIX; + $dbTableProperties = $CONFIG_DBTABLEPREFIX . 'properties'; $path =$options["path"]; if (!OC_FILESYSTEM::file_exists($path)) { @@ -399,13 +404,13 @@ } if (OC_FILESYSTEM::is_dir($path)) { - $query = "DELETE FROM properties WHERE path LIKE '".$this->_slashify($options["path"])."%'"; + $query = "DELETE FROM $dbTableProperties WHERE path LIKE '".$this->_slashify($options["path"])."%'"; OC_DB::query($query); OC_FILESYSTEM::delTree($path); } else { OC_FILESYSTEM::unlink($path); } - $query = "DELETE FROM properties WHERE path = '$options[path]'"; + $query = "DELETE FROM $dbTableProperties WHERE path = '$options[path]'"; OC_DB::query($query); return "204 No Content"; @@ -432,6 +437,8 @@ function COPY($options, $del=false) { // TODO Property updates still broken (Litmus should detect this?) + global $CONFIG_DBTABLEPREFIX; + $dbTableProperties = $CONFIG_DBTABLEPREFIX . 'properties'; if (!empty($this->_SERVER["CONTENT_LENGTH"])) { // no body parsing yet return "415 Unsupported media type"; @@ -507,13 +514,13 @@ } $destpath = $this->_unslashify($options["dest"]); if (is_dir($source)) { - $query = "UPDATE properties + $query = "UPDATE $dbTableProperties SET path = REPLACE(path, '".$options["path"]."', '".$destpath."') WHERE path LIKE '".$this->_slashify($options["path"])."%'"; OC_DB::query($query); } - $query = "UPDATE properties + $query = "UPDATE $dbTableProperties SET path = '".$destpath."' WHERE path = '".$options["path"]."'"; OC_DB::query($query); @@ -554,7 +561,7 @@ } } - $query = "INSERT INTO properties SELECT * FROM properties WHERE path = '".$options['path']."'"; + $query = "INSERT INTO $dbTableProperties SELECT * FROM properties WHERE path = '".$options['path']."'"; } return ($new && !$existing_col) ? "201 Created" : "204 No Content"; @@ -569,6 +576,9 @@ function PROPPATCH(&$options) { global $prefs, $tab; + global $CONFIG_DBTABLEPREFIX; + + $dbTableProperties = $CONFIG_DBTABLEPREFIX . 'properties'; $msg = ""; $path = $options["path"]; @@ -580,10 +590,10 @@ $options["props"][$key]['status'] = "403 Forbidden"; } else { if (isset($prop["val"])) { - $query = "REPLACE INTO properties SET path = '$options[path]', name = '$prop[name]', ns= '$prop[ns]', value = '$prop[val]'"; + $query = "REPLACE INTO $dbTableProperties SET path = '$options[path]', name = '$prop[name]', ns= '$prop[ns]', value = '$prop[val]'"; error_log($query); } else { - $query = "DELETE FROM properties WHERE path = '$options[path]' AND name = '$prop[name]' AND ns = '$prop[ns]'"; + $query = "DELETE FROM $dbTableProperties WHERE path = '$options[path]' AND name = '$prop[name]' AND ns = '$prop[ns]'"; } OC_DB::query($query); } @@ -601,6 +611,8 @@ */ function LOCK(&$options) { + global $CONFIG_DBTABLEPREFIX; + $dbTableLocks = $CONFIG_DBTABLEPREFIX . 'locks'; // get absolute fs path to requested resource $fspath = $options["path"]; @@ -615,13 +627,13 @@ if (isset($options["update"])) { // Lock Update $where = "WHERE path = '$options[path]' AND token = '$options[update]'"; - $query = "SELECT owner, exclusivelock FROM locks $where"; + $query = "SELECT owner, exclusivelock FROM $dbTableLocks $where"; $res = OC_DB::query($query); $row = OC_DB::fetch_assoc($res); OC_DB::free_result($res); if (is_array($row)) { - $query = "UPDATE `locks` SET `expires` = '$options[timeout]', `modified` = ".time()." $where"; + $query = "UPDATE `$dbTableLocks` SET `expires` = '$options[timeout]', `modified` = ".time()." $where"; OC_DB::query($query); $options['owner'] = $row['owner']; @@ -634,7 +646,7 @@ } } - $query = "INSERT INTO `locks` + $query = "INSERT INTO `$dbTableLocks` SET `token` = '$options[locktoken]' , `path` = '$options[path]' , `created` = ".time()." @@ -656,7 +668,9 @@ */ function UNLOCK(&$options) { - $query = "DELETE FROM locks + global $CONFIG_DBTABLEPREFIX; + $dbTableLocks = $CONFIG_DBTABLEPREFIX . 'locks'; + $query = "DELETE FROM $dbTableLocks WHERE path = '$options[path]' AND token = '$options[token]'"; OC_DB::query($query); @@ -672,9 +686,11 @@ */ function checkLock($path) { + global $CONFIG_DBTABLEPREFIX; + $dbTableLocks = $CONFIG_DBTABLEPREFIX . 'locks'; $result = false; $query = "SELECT * - FROM locks + FROM $dbTableLocks WHERE path = '$path' "; $res = OC_DB::select($query); From 76672fe0379acfd26ac5b85c4c99040c9cb2554e Mon Sep 17 00:00:00 2001 From: "Aldo \"xoen\" Giambelluca" Date: Sun, 4 Jul 2010 11:32:39 +0200 Subject: [PATCH 11/11] Avoid creation of variables just to put the table names with prefix --- inc/HTTP/WebDAV/Server/Filesystem.php | 38 +++++++++++---------------- inc/lib_config.php | 30 +++++++++------------ inc/lib_log.php | 9 +++---- inc/lib_ocs.php | 5 ++-- inc/lib_user.php | 33 ++++++++--------------- 5 files changed, 45 insertions(+), 70 deletions(-) diff --git a/inc/HTTP/WebDAV/Server/Filesystem.php b/inc/HTTP/WebDAV/Server/Filesystem.php index 218b286c383..db29b145b8a 100755 --- a/inc/HTTP/WebDAV/Server/Filesystem.php +++ b/inc/HTTP/WebDAV/Server/Filesystem.php @@ -151,7 +151,6 @@ function fileinfo($path) { global $CONFIG_DBTABLEPREFIX; - $dbTableProperties = $CONFIG_DBTABLEPREFIX . 'properties'; // map URI path to filesystem path $fspath =$path; @@ -186,7 +185,7 @@ $info["props"][] = $this->mkprop("getcontentlength", OC_FILESYSTEM::filesize($fspath)); } // get additional properties from database - $query = "SELECT ns, name, value FROM $dbTableProperties WHERE path = '$path'"; + $query = "SELECT ns, name, value FROM {$CONFIG_DBTABLEPREFIX}properties WHERE path = '$path'"; $res = OC_DB::select($query); while ($row = $res[0]) { $info["props"][] = $this->mkprop($row["ns"], $row["name"], $row["value"]); @@ -396,7 +395,6 @@ function DELETE($options) { global $CONFIG_DBTABLEPREFIX; - $dbTableProperties = $CONFIG_DBTABLEPREFIX . 'properties'; $path =$options["path"]; if (!OC_FILESYSTEM::file_exists($path)) { @@ -404,13 +402,13 @@ } if (OC_FILESYSTEM::is_dir($path)) { - $query = "DELETE FROM $dbTableProperties WHERE path LIKE '".$this->_slashify($options["path"])."%'"; + $query = "DELETE FROM {$CONFIG_DBTABLEPREFIX}properties WHERE path LIKE '".$this->_slashify($options["path"])."%'"; OC_DB::query($query); OC_FILESYSTEM::delTree($path); } else { OC_FILESYSTEM::unlink($path); } - $query = "DELETE FROM $dbTableProperties WHERE path = '$options[path]'"; + $query = "DELETE FROM {$CONFIG_DBTABLEPREFIX}properties WHERE path = '$options[path]'"; OC_DB::query($query); return "204 No Content"; @@ -438,7 +436,6 @@ { // TODO Property updates still broken (Litmus should detect this?) global $CONFIG_DBTABLEPREFIX; - $dbTableProperties = $CONFIG_DBTABLEPREFIX . 'properties'; if (!empty($this->_SERVER["CONTENT_LENGTH"])) { // no body parsing yet return "415 Unsupported media type"; @@ -514,13 +511,13 @@ } $destpath = $this->_unslashify($options["dest"]); if (is_dir($source)) { - $query = "UPDATE $dbTableProperties + $query = "UPDATE {$CONFIG_DBTABLEPREFIX}properties SET path = REPLACE(path, '".$options["path"]."', '".$destpath."') WHERE path LIKE '".$this->_slashify($options["path"])."%'"; OC_DB::query($query); } - $query = "UPDATE $dbTableProperties + $query = "UPDATE {$CONFIG_DBTABLEPREFIX}properties SET path = '".$destpath."' WHERE path = '".$options["path"]."'"; OC_DB::query($query); @@ -561,7 +558,7 @@ } } - $query = "INSERT INTO $dbTableProperties SELECT * FROM properties WHERE path = '".$options['path']."'"; + $query = "INSERT INTO {$CONFIG_DBTABLEPREFIX}properties SELECT * FROM {$CONFIG_DBTABLEPREFIX}properties WHERE path = '".$options['path']."'"; } return ($new && !$existing_col) ? "201 Created" : "204 No Content"; @@ -578,8 +575,6 @@ global $prefs, $tab; global $CONFIG_DBTABLEPREFIX; - $dbTableProperties = $CONFIG_DBTABLEPREFIX . 'properties'; - $msg = ""; $path = $options["path"]; $dir = dirname($path)."/"; @@ -590,10 +585,10 @@ $options["props"][$key]['status'] = "403 Forbidden"; } else { if (isset($prop["val"])) { - $query = "REPLACE INTO $dbTableProperties SET path = '$options[path]', name = '$prop[name]', ns= '$prop[ns]', value = '$prop[val]'"; + $query = "REPLACE INTO {$CONFIG_DBTABLEPREFIX}properties SET path = '$options[path]', name = '$prop[name]', ns= '$prop[ns]', value = '$prop[val]'"; error_log($query); } else { - $query = "DELETE FROM $dbTableProperties WHERE path = '$options[path]' AND name = '$prop[name]' AND ns = '$prop[ns]'"; + $query = "DELETE FROM {$CONFIG_DBTABLEPREFIX}properties WHERE path = '$options[path]' AND name = '$prop[name]' AND ns = '$prop[ns]'"; } OC_DB::query($query); } @@ -612,7 +607,7 @@ function LOCK(&$options) { global $CONFIG_DBTABLEPREFIX; - $dbTableLocks = $CONFIG_DBTABLEPREFIX . 'locks'; + // get absolute fs path to requested resource $fspath = $options["path"]; @@ -627,13 +622,13 @@ if (isset($options["update"])) { // Lock Update $where = "WHERE path = '$options[path]' AND token = '$options[update]'"; - $query = "SELECT owner, exclusivelock FROM $dbTableLocks $where"; + $query = "SELECT owner, exclusivelock FROM {$CONFIG_DBTABLEPREFIX}locks $where"; $res = OC_DB::query($query); $row = OC_DB::fetch_assoc($res); OC_DB::free_result($res); if (is_array($row)) { - $query = "UPDATE `$dbTableLocks` SET `expires` = '$options[timeout]', `modified` = ".time()." $where"; + $query = "UPDATE `{$CONFIG_DBTABLEPREFIX}locks` SET `expires` = '$options[timeout]', `modified` = ".time()." $where"; OC_DB::query($query); $options['owner'] = $row['owner']; @@ -646,7 +641,7 @@ } } - $query = "INSERT INTO `$dbTableLocks` + $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}locks` SET `token` = '$options[locktoken]' , `path` = '$options[path]' , `created` = ".time()." @@ -669,8 +664,7 @@ function UNLOCK(&$options) { global $CONFIG_DBTABLEPREFIX; - $dbTableLocks = $CONFIG_DBTABLEPREFIX . 'locks'; - $query = "DELETE FROM $dbTableLocks + $query = "DELETE FROM {$CONFIG_DBTABLEPREFIX}locks WHERE path = '$options[path]' AND token = '$options[token]'"; OC_DB::query($query); @@ -687,10 +681,10 @@ function checkLock($path) { global $CONFIG_DBTABLEPREFIX; - $dbTableLocks = $CONFIG_DBTABLEPREFIX . 'locks'; + $result = false; $query = "SELECT * - FROM $dbTableLocks + FROM {$CONFIG_DBTABLEPREFIX}locks WHERE path = '$path' "; $res = OC_DB::select($query); @@ -715,4 +709,4 @@ } } -?> +?> \ No newline at end of file diff --git a/inc/lib_config.php b/inc/lib_config.php index 9566b504b23..4d3cc340b8f 100755 --- a/inc/lib_config.php +++ b/inc/lib_config.php @@ -282,14 +282,8 @@ class OC_CONFIG{ global $CONFIG_DBTYPE; global $CONFIG_DBTABLEPREFIX; - $dbTableLocks = $CONFIG_DBTABLEPREFIX . 'locks'; - $dbTableLog = $CONFIG_DBTABLEPREFIX . 'log'; - $dbTableProperties = $CONFIG_DBTABLEPREFIX . 'properties'; - $dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; - $dbTableGroups = $CONFIG_DBTABLEPREFIX . 'groups'; - $dbTableUserGroup = $CONFIG_DBTABLEPREFIX . 'user_group'; if($CONFIG_DBTYPE=='sqlite'){ - $query="CREATE TABLE '$dbTableLocks' ( + $query="CREATE TABLE '{$CONFIG_DBTABLEPREFIX}locks' ( 'token' VARCHAR(255) NOT NULL DEFAULT '', 'path' varchar(200) NOT NULL DEFAULT '', 'created' int(11) NOT NULL DEFAULT '0', @@ -303,7 +297,7 @@ class OC_CONFIG{ UNIQUE ('token') ); -CREATE TABLE '$dbTableLog' ( +CREATE TABLE '{$CONFIG_DBTABLEPREFIX}log' ( `id` INTEGER ASC DEFAULT '' NOT NULL, 'timestamp' int(11) NOT NULL, 'user' varchar(250) NOT NULL, @@ -313,7 +307,7 @@ CREATE TABLE '$dbTableLog' ( ); -CREATE TABLE '$dbTableProperties' ( +CREATE TABLE '{$CONFIG_DBTABLEPREFIX}properties' ( 'path' varchar(255) NOT NULL DEFAULT '', 'name' varchar(120) NOT NULL DEFAULT '', 'ns' varchar(120) NOT NULL DEFAULT 'DAV:', @@ -321,7 +315,7 @@ CREATE TABLE '$dbTableProperties' ( PRIMARY KEY ('path','name','ns') ); -CREATE TABLE '$dbTableUsers' ( +CREATE TABLE '{$CONFIG_DBTABLEPREFIX}users' ( 'user_id' INTEGER ASC DEFAULT '', 'user_name' varchar(64) NOT NULL DEFAULT '', 'user_name_clean' varchar(64) NOT NULL DEFAULT '', @@ -330,14 +324,14 @@ CREATE TABLE '$dbTableUsers' ( UNIQUE ('user_name' ,'user_name_clean') ); -CREATE TABLE '$dbTableGroups' ( +CREATE TABLE '{$CONFIG_DBTABLEPREFIX}groups' ( 'group_id' INTEGER ASC DEFAULT '', 'group_name' VARCHAR( 64 ) NOT NULL DEFAULT '', PRIMARY KEY ('group_id'), UNIQUE ('group_name') ); -CREATE TABLE '$dbTableUserGroup' ( +CREATE TABLE '{$CONFIG_DBTABLEPREFIX}user_group' ( 'user_group_id' INTEGER ASC DEFAULT '', 'user_id' VARCHAR( 64 ) NOT NULL DEFAULT '', 'group_id' VARCHAR( 64 ) NOT NULL DEFAULT '', @@ -345,7 +339,7 @@ PRIMARY KEY ('user_group_id') ) "; }elseif($CONFIG_DBTYPE=='mysql'){ - $query="CREATE TABLE IF NOT EXISTS `$dbTableLocks` ( + $query="CREATE TABLE IF NOT EXISTS `{$CONFIG_DBTABLEPREFIX}locks` ( `token` varchar(255) NOT NULL DEFAULT '', `path` varchar(200) NOT NULL DEFAULT '', `created` int(11) NOT NULL DEFAULT '0', @@ -363,7 +357,7 @@ PRIMARY KEY ('user_group_id') KEY `expires` (`expires`) ); -CREATE TABLE IF NOT EXISTS `$dbTableLog` ( +CREATE TABLE IF NOT EXISTS `{$CONFIG_DBTABLEPREFIX}log` ( `id` int(11) NOT NULL AUTO_INCREMENT, `timestamp` int(11) NOT NULL, `user` varchar(250) NOT NULL, @@ -373,7 +367,7 @@ CREATE TABLE IF NOT EXISTS `$dbTableLog` ( ); -CREATE TABLE IF NOT EXISTS `$dbTableProperties` ( +CREATE TABLE IF NOT EXISTS `{$CONFIG_DBTABLEPREFIX}properties` ( `path` varchar(255) NOT NULL DEFAULT '', `name` varchar(120) NOT NULL DEFAULT '', `ns` varchar(120) NOT NULL DEFAULT 'DAV:', @@ -382,7 +376,7 @@ CREATE TABLE IF NOT EXISTS `$dbTableProperties` ( KEY `path` (`path`) ); -CREATE TABLE IF NOT EXISTS `$dbTableUsers` ( +CREATE TABLE IF NOT EXISTS `{$CONFIG_DBTABLEPREFIX}users` ( `user_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY , `user_name` VARCHAR( 64 ) NOT NULL , `user_name_clean` VARCHAR( 64 ) NOT NULL , @@ -393,7 +387,7 @@ UNIQUE ( ) ); -CREATE TABLE IF NOT EXISTS `$dbTableGroups` ( +CREATE TABLE IF NOT EXISTS `{$CONFIG_DBTABLEPREFIX}groups` ( `group_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY , `group_name` VARCHAR( 64 ) NOT NULL , UNIQUE ( @@ -401,7 +395,7 @@ UNIQUE ( ) ); -CREATE TABLE IF NOT EXISTS `$dbTableUserGroup` ( +CREATE TABLE IF NOT EXISTS `{$CONFIG_DBTABLEPREFIX}user_group` ( `user_group_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY , `user_id` VARCHAR( 64 ) NOT NULL , `group_id` VARCHAR( 64 ) NOT NULL diff --git a/inc/lib_log.php b/inc/lib_log.php index 675f1c0b75c..b6288eee045 100755 --- a/inc/lib_log.php +++ b/inc/lib_log.php @@ -49,8 +49,8 @@ class OC_LOG { */ public static function event($user, $type, $message){ global $CONFIG_DBTABLEPREFIX; - $dbTableLog = $CONFIG_DBTABLEPREFIX . 'log'; - $query = 'insert into ' . $dbTableLog . ' (timestamp,user,type,message) values + + $query = 'insert into ' . $CONFIG_DBTABLEPREFIX . 'log (timestamp,user,type,message) values ("' . time() . '","' . addslashes($user) . '","' . addslashes($type) . '","' . addslashes($message) . '")'; $result = OC_DB::query($query); OC_DB::free_result($result); @@ -66,12 +66,11 @@ class OC_LOG { global $CONFIG_DBTABLEPREFIX; echo('
'); - $dbTableLog = $CONFIG_DBTABLEPREFIX . 'log'; if(OC_USER::ingroup($_SESSION['username_clean'],'admin')){ - $query = "select timestamp,user,type,message from $dbTableLog order by timestamp desc limit 20"; + $query = "select timestamp,user,type,message from {$CONFIG_DBTABLEPREFIX}log order by timestamp desc limit 20"; }else{ $user = $_SESSION['username_clean']; - $query = "select timestamp,user,type,message from $dbTableLog where user='$user' order by timestamp desc limit 20"; + $query = "select timestamp,user,type,message from {$CONFIG_DBTABLEPREFIX}log where user='$user' order by timestamp desc limit 20"; } $result = OC_DB::select($query); foreach($result as $entry){ diff --git a/inc/lib_ocs.php b/inc/lib_ocs.php index c2fe6dba33a..e464d2ed9fb 100755 --- a/inc/lib_ocs.php +++ b/inc/lib_ocs.php @@ -374,15 +374,14 @@ class OC_OCS { private static function activityget($format,$page,$pagesize) { global $CONFIG_DBTABLEPREFIX; - $dbTableLog = $CONFIG_DBTABLEPREFIX . 'Log'; $user=OC_OCS::checkpassword(); - $result = OC_DB::query("select count(*) as co from $dbTableLog"); + $result = OC_DB::query("select count(*) as co from {$CONFIG_DBTABLEPREFIX}log"); $entry=$result->fetchRow(); $totalcount=$entry['co']; OC_DB::free_result($result); - $result = OC_DB::select("select id,timestamp,user,type,message from $dbTableLog order by timestamp desc limit " . ($page*$pagesize) . ",$pagesize"); + $result = OC_DB::select("select id,timestamp,user,type,message from {$CONFIG_DBTABLEPREFIX}log order by timestamp desc limit " . ($page*$pagesize) . ",$pagesize"); $itemscount=count($result); $url='http://'.substr($_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'],0,-11).''; diff --git a/inc/lib_user.php b/inc/lib_user.php index d3b38bc2ea3..e8f6ce0357b 100755 --- a/inc/lib_user.php +++ b/inc/lib_user.php @@ -64,8 +64,7 @@ class OC_USER { $usernameclean=strtolower($username); $username=OC_DB::escape($username); $usernameclean=OC_DB::escape($usernameclean); - $dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; - $query = "INSERT INTO `$dbTableUsers` (`user_id` ,`user_name` ,`user_name_clean` ,`user_password`) VALUES (NULL , '$username', '$usernameclean', '$password')"; + $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}users` (`user_id` ,`user_name` ,`user_name_clean` ,`user_password`) VALUES (NULL , '$username', '$usernameclean', '$password')"; $result=OC_DB::query($query); return ($result)?true:false; } @@ -83,8 +82,7 @@ class OC_USER { $usernameclean=strtolower($username); $username=OC_DB::escape($username); $usernameclean=OC_DB::escape($usernameclean); - $dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; - $query = "SELECT user_id FROM $dbTableUsers WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1"; + $query = "SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1"; $result=OC_DB::select($query); if(isset($result[0]) && isset($result[0]['user_id'])){ $_SESSION['user_id']=$result[0]['user_id']; @@ -126,8 +124,7 @@ class OC_USER { if(OC_USER::getgroupid($groupname)==0){ $groupname=OC_DB::escape($groupname); - $dbTableGroups = $CONFIG_DBTABLEPREFIX . 'groups'; - $query="INSERT INTO `$dbTableGroups` (`group_id` ,`group_name`) VALUES (NULL , '$groupname')"; + $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}groups` (`group_id` ,`group_name`) VALUES (NULL , '$groupname')"; $result=OC_DB::query($query); return ($result)?true:false; }else{ @@ -145,8 +142,7 @@ class OC_USER { $usernameclean=strtolower($username); $username=OC_DB::escape($username); $usernameclean=OC_DB::escape($usernameclean); - $dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; - $query="SELECT user_id FROM $dbTableUsers WHERE user_name_clean = '$usernameclean'"; + $query="SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean'"; $result=OC_DB::select($query); if(!is_array($result)){ return 0; @@ -166,8 +162,7 @@ class OC_USER { global $CONFIG_DBTABLEPREFIX; $groupname=OC_DB::escape($groupname); - $dbTableGroups = $CONFIG_DBTABLEPREFIX . 'groups'; - $query="SELECT group_id FROM $dbTableGroups WHERE group_name = '$groupname'"; + $query="SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_name = '$groupname'"; $result=OC_DB::select($query); if(!is_array($result)){ return 0; @@ -187,8 +182,7 @@ class OC_USER { global $CONFIG_DBTABLEPREFIX; $groupid=(integer)$groupid; - $dbTableGroups = $CONFIG_DBTABLEPREFIX . 'groups'; - $query="SELECT group_name FROM $dbTableGroups WHERE group_id = '$groupid' LIMIT 1"; + $query="SELECT group_name FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_id = '$groupid' LIMIT 1"; $result=OC_DB::select($query); if(isset($result[0]) && isset($result[0]['group_name'])){ return $result[0]['group_name']; @@ -207,8 +201,7 @@ class OC_USER { $userid=OC_USER::getuserid($username); $groupid=OC_USER::getgroupid($groupname); if($groupid>0 and $userid>0){ - $dbTableUserGroup = $CONFIG_DBTABLEPREFIX . 'user_group'; - $query="SELECT user_group_id FROM $dbTableUserGroup WHERE group_id = $groupid AND user_id = $userid LIMIT 1"; + $query="SELECT user_group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE group_id = $groupid AND user_id = $userid LIMIT 1"; $result=OC_DB::select($query); if(isset($result[0]) && isset($result[0]['user_group_id'])){ return true; @@ -231,8 +224,7 @@ class OC_USER { $userid=OC_USER::getuserid($username); $groupid=OC_USER::getgroupid($groupname); if($groupid!=0 and $userid!=0){ - $dbTableUserGroup = $CONFIG_DBTABLEPREFIX . 'user_group'; - $query="INSERT INTO `$dbTableUserGroup` (`user_group_id` ,`user_id` ,`group_id`) VALUES (NULL , '$userid', '$groupid');"; + $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_group_id` ,`user_id` ,`group_id`) VALUES (NULL , '$userid', '$groupid');"; $result=OC_DB::query($query); if($result){ return true; @@ -259,8 +251,7 @@ class OC_USER { global $CONFIG_DBTABLEPREFIX; $userid=OC_USER::getuserid($username); - $dbTableUserGroup = $CONFIG_DBTABLEPREFIX . 'user_group'; - $query = "SELECT group_id FROM $dbTableUserGroup WHERE user_id = '$userid'"; + $query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE user_id = '$userid'"; $result=OC_DB::select($query); $groups=array(); if(is_array($result)){ @@ -281,8 +272,7 @@ class OC_USER { $password=sha1($password); $userid=OC_USER::getuserid($username); - $dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; - $query = "UPDATE $dbTableUsers SET user_password = '$password' WHERE user_id ='$userid'"; + $query = "UPDATE {$CONFIG_DBTABLEPREFIX}users SET user_password = '$password' WHERE user_id ='$userid'"; $result=OC_DB::query($query); if($result){ return true; @@ -302,8 +292,7 @@ class OC_USER { $usernameclean=strtolower($username); $username=OC_DB::escape($username); $usernameclean=OC_DB::escape($usernameclean); - $dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; - $query = "SELECT user_id FROM '$dbTableUsers' WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1"; + $query = "SELECT user_id FROM '{$CONFIG_DBTABLEPREFIX}users' WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1"; $result=OC_DB::select($query); if(isset($result[0]) && isset($result[0]['user_id']) && $result[0]['user_id']>0){ return true;