Postgres SQL Fixes
A few commands changed to suit postgres and the "user" table.
This commit is contained in:
parent
47f3f9939e
commit
b9efd906e5
|
@ -39,7 +39,7 @@ if(isset($input->action) && $input->action == "getDomains") {
|
|||
SELECT COUNT(*) AS anzahl
|
||||
FROM domains D
|
||||
LEFT OUTER JOIN permissions P ON D.id = P.domain
|
||||
WHERE (P.user=:user1 OR :user2) AND
|
||||
WHERE (P.\"user\"=:user1 OR :user2) AND
|
||||
(D.name LIKE :name1 OR :name2) AND
|
||||
(D.type=:type1 OR :type2)
|
||||
";
|
||||
|
@ -91,7 +91,7 @@ if(isset($input->action) && $input->action == "getDomains") {
|
|||
FROM domains D
|
||||
LEFT OUTER JOIN records R ON D.id = R.domain_id
|
||||
LEFT OUTER JOIN permissions P ON D.id = P.domain
|
||||
WHERE (P.user=:user1 OR :user2)
|
||||
WHERE (P.\"user\"=:user1 OR :user2)
|
||||
GROUP BY D.id, D.name, D.type
|
||||
HAVING
|
||||
(D.name LIKE :name1 OR :name2) AND
|
||||
|
@ -120,13 +120,13 @@ if(isset($input->action) && $input->action == "getDomains") {
|
|||
|
||||
/*
|
||||
* Now the number of entries gets limited to the domainRows config value.
|
||||
* SQL LIMIT is used for that:
|
||||
* LIMIT lower, upper
|
||||
* Note that LIMIT 0,4 returns the first five rows!
|
||||
* SQL LIMIT and OFFSET is used for that:
|
||||
* LIMIT upper OFFSET lower
|
||||
* Note that LIMIT 5 OFFSET 0 returns the first five rows!
|
||||
*/
|
||||
$lower_limit = ($config['domain_rows'] * ($input->page - 1));
|
||||
|
||||
$sql .= " LIMIT " . $lower_limit . ", " . $config['domain_rows'];
|
||||
$sql .= " LIMIT " . $config['domain_rows'] . " OFFSET " . $lower_limit;
|
||||
|
||||
$stmt = $db->prepare($sql);
|
||||
|
||||
|
@ -156,7 +156,7 @@ if(isset($input->action) && $input->action == "getDomains") {
|
|||
$stmt->bindValue(':type1', $type_filter, PDO::PARAM_INT);
|
||||
$stmt->bindValue(':type2', $type_filter_used, PDO::PARAM_INT);
|
||||
$stmt->execute();
|
||||
|
||||
|
||||
while($obj = $stmt->fetchObject()) {
|
||||
$retval['data'][] = $obj;
|
||||
}
|
||||
|
|
|
@ -31,7 +31,7 @@ if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
|
|||
|
||||
//Permission check
|
||||
if(isset($input->domain)) {
|
||||
$permquery = $db->prepare("SELECT COUNT(*) FROM permissions WHERE user=:user AND domain=:domain");
|
||||
$permquery = $db->prepare("SELECT COUNT(*) FROM permissions WHERE \"user\"=:user AND domain=:domain");
|
||||
$permquery->bindValue(':user', $_SESSION['id'], PDO::PARAM_INT);
|
||||
$permquery->bindValue(':domain', $input->domain, PDO::PARAM_INT);
|
||||
$permquery->execute();
|
||||
|
|
|
@ -29,7 +29,7 @@ if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
|
|||
|
||||
//Permission check
|
||||
if(isset($input->record)) {
|
||||
$permquery = $db->prepare("SELECT COUNT(*) FROM records JOIN permissions ON records.domain_id=permissions.domain WHERE user=:user AND records.id=:id");
|
||||
$permquery = $db->prepare("SELECT COUNT(*) FROM records JOIN permissions ON records.domain_id=permissions.domain WHERE \"user\"=:user AND records.id=:id");
|
||||
$permquery->bindValue(':user', $_SESSION['id'], PDO::PARAM_INT);
|
||||
$permquery->bindValue(':id', $input->record, PDO::PARAM_INT);
|
||||
$permquery->execute();
|
||||
|
|
|
@ -37,14 +37,14 @@ if(isset($input->action) && $input->action == "addUser") {
|
|||
|
||||
$db->beginTransaction();
|
||||
|
||||
$stmt = $db->prepare("INSERT INTO user(name,password,type) VALUES (:name,:password,:type)");
|
||||
$stmt = $db->prepare("INSERT INTO \"user\"(name,password,type) VALUES (:name,:password,:type)");
|
||||
|
||||
$stmt->bindValue(':name', $input->name, PDO::PARAM_STR);
|
||||
$stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR);
|
||||
$stmt->bindValue(':type', $input->type, PDO::PARAM_STR);
|
||||
$stmt->execute();
|
||||
|
||||
$stmt = $db->prepare("SELECT MAX(id) FROM user WHERE name=:name AND password=:password AND type=:type");
|
||||
$stmt = $db->prepare("SELECT MAX(id) FROM \"user\" WHERE name=:name AND password=:password AND type=:type");
|
||||
$stmt->bindValue(':name', $input->name, PDO::PARAM_STR);
|
||||
$stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR);
|
||||
$stmt->bindValue(':type', $input->type, PDO::PARAM_STR);
|
||||
|
@ -58,7 +58,7 @@ if(isset($input->action) && $input->action == "addUser") {
|
|||
}
|
||||
|
||||
if(isset($input->action) && $input->action == "getUserData") {
|
||||
$stmt = $db->prepare("SELECT name,type FROM user WHERE id=:id LIMIT 1");
|
||||
$stmt = $db->prepare("SELECT name,type FROM \"user\" WHERE id=:id LIMIT 1");
|
||||
$stmt->bindValue(':id', $input->id, PDO::PARAM_INT);
|
||||
$stmt->execute();
|
||||
$stmt->bindColumn('name', $userName);
|
||||
|
@ -73,14 +73,14 @@ if(isset($input->action) && $input->action == "getUserData") {
|
|||
if(isset($input->action) && $input->action == "saveUserChanges") {
|
||||
if(isset($input->password)) {
|
||||
$passwordHash = password_hash($input->password, PASSWORD_DEFAULT);
|
||||
$stmt = $db->prepare("UPDATE user SET name=:name,password=:password,type=:type WHERE id=:id");
|
||||
$stmt = $db->prepare("UPDATE \"user\" SET name=:name,password=:password,type=:type WHERE id=:id");
|
||||
$stmt->bindValue(':name', $input->name, PDO::PARAM_STR);
|
||||
$stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR);
|
||||
$stmt->bindValue(':type', $input->type, PDO::PARAM_STR);
|
||||
$stmt->bindValue(':id', $input->id, PDO::PARAM_INT);
|
||||
$stmt->execute();
|
||||
} else {
|
||||
$stmt = $db->prepare("UPDATE user SET name=:name,type=:type WHERE id=:id");
|
||||
$stmt = $db->prepare("UPDATE \"user\" SET name=:name,type=:type WHERE id=:id");
|
||||
$stmt->bindValue(':name', $input->name, PDO::PARAM_STR);
|
||||
$stmt->bindValue(':type', $input->type, PDO::PARAM_STR);
|
||||
$stmt->bindValue(':id', $input->id, PDO::PARAM_INT);
|
||||
|
@ -94,7 +94,7 @@ if(isset($input->action) && $input->action == "getPermissions") {
|
|||
SELECT D.id,D.name
|
||||
FROM permissions P
|
||||
JOIN domains D ON P.domain=D.id
|
||||
WHERE P.user=:user
|
||||
WHERE P.\"user\"=:user
|
||||
");
|
||||
|
||||
$stmt->bindValue(':user', $input->id, PDO::PARAM_INT);
|
||||
|
@ -109,7 +109,7 @@ if(isset($input->action) && $input->action == "getPermissions") {
|
|||
|
||||
if(isset($input->action) && $input->action == "removePermission") {
|
||||
|
||||
$stmt = $db->prepare("DELETE FROM permissions WHERE user=:user AND domain=:domain");
|
||||
$stmt = $db->prepare("DELETE FROM permissions WHERE \"user\"=:user AND domain=:domain");
|
||||
|
||||
$stmt->bindValue(':user', $input->userId, PDO::PARAM_INT);
|
||||
$stmt->bindValue(':domain', $input->domainId, PDO::PARAM_INT);
|
||||
|
@ -117,7 +117,7 @@ if(isset($input->action) && $input->action == "removePermission") {
|
|||
}
|
||||
|
||||
if(isset($input->action) && $input->action == "searchDomains" && isset($input->term)) {
|
||||
$stmt = $db->prepare("SELECT id,name AS text FROM domains WHERE name LIKE :name AND id NOT IN(SELECT domain FROM permissions WHERE user=:user)");
|
||||
$stmt = $db->prepare("SELECT id,name AS text FROM domains WHERE name LIKE :name AND id NOT IN(SELECT domain FROM permissions WHERE \"user\"=:user)");
|
||||
|
||||
$searchTerm = "%" . $input->term . "%";
|
||||
|
||||
|
@ -133,7 +133,7 @@ if(isset($input->action) && $input->action == "searchDomains" && isset($input->t
|
|||
}
|
||||
|
||||
if(isset($input->action) && $input->action == "addPermissions") {
|
||||
$stmt = $db->prepare("INSERT INTO permissions(user,domain) VALUES (:user,:domain)");
|
||||
$stmt = $db->prepare("INSERT INTO permissions(\"user\",domain) VALUES (:user,:domain)");
|
||||
|
||||
foreach($input->domains as $domain) {
|
||||
$stmt->bindValue(':user', $input->userId, PDO::PARAM_INT);
|
||||
|
|
|
@ -21,7 +21,7 @@ require_once '../lib/database.php';
|
|||
|
||||
$input = json_decode(file_get_contents('php://input'));
|
||||
|
||||
$stmt = $db->prepare("SELECT id,password,type FROM user WHERE name=:name LIMIT 1");
|
||||
$stmt = $db->prepare("SELECT id,password,type FROM \"user\" WHERE name=:name LIMIT 1");
|
||||
$stmt->bindValue(':name', $input->user, PDO::PARAM_STR);
|
||||
$stmt->execute();
|
||||
$stmt->bindColumn('id', $id);
|
||||
|
|
|
@ -70,7 +70,8 @@ CREATE TABLE IF NOT EXISTS user (
|
|||
name varchar(50) NOT NULL,
|
||||
password varchar(200) NOT NULL,
|
||||
type varchar(20) NOT NULL,
|
||||
PRIMARY KEY (id)
|
||||
PRIMARY KEY (id),
|
||||
UNIQUE KEY user_name_index (name)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
|
||||
|
||||
ALTER TABLE permissions
|
||||
|
@ -158,7 +159,7 @@ CREATE TABLE IF NOT EXISTS domains (
|
|||
name VARCHAR(255) NOT NULL,
|
||||
master VARCHAR(128) DEFAULT NULL,
|
||||
last_check INT DEFAULT NULL,
|
||||
type VARCHAR(6) NOT NULL,
|
||||
\"type\" VARCHAR(6) NOT NULL,
|
||||
notified_serial INT DEFAULT NULL,
|
||||
account VARCHAR(40) DEFAULT NULL,
|
||||
CONSTRAINT c_lowercase_name CHECK (((name)::TEXT = LOWER((name)::TEXT)))
|
||||
|
@ -170,7 +171,7 @@ CREATE TABLE IF NOT EXISTS records (
|
|||
id SERIAL PRIMARY KEY,
|
||||
domain_id INT DEFAULT NULL,
|
||||
name VARCHAR(255) DEFAULT NULL,
|
||||
type VARCHAR(10) DEFAULT NULL,
|
||||
\"type\" VARCHAR(10) DEFAULT NULL,
|
||||
content VARCHAR(65535) DEFAULT NULL,
|
||||
ttl INT DEFAULT NULL,
|
||||
prio INT DEFAULT NULL,
|
||||
|
@ -189,22 +190,24 @@ CREATE INDEX IF NOT EXISTS nametype_index ON records(name,type);
|
|||
CREATE INDEX IF NOT EXISTS domain_id ON records(domain_id);
|
||||
CREATE INDEX IF NOT EXISTS recordorder ON records (domain_id, ordername text_pattern_ops);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS user (
|
||||
CREATE TABLE IF NOT EXISTS \"user\" (
|
||||
id SERIAL PRIMARY KEY,
|
||||
name varchar(50) NOT NULL,
|
||||
password varchar(200) NOT NULL,
|
||||
type varchar(20) NOT NULL
|
||||
\"type\" varchar(20) NOT NULL
|
||||
);
|
||||
|
||||
CREATE UNIQUE INDEX IF NOT EXISTS user_name_index ON \"user\"(name);
|
||||
|
||||
CREATE TABLE IF NOT EXISTS permissions (
|
||||
user INT NOT NULL,
|
||||
domain INT NOT NULL,
|
||||
PRIMARY KEY (user,domain),
|
||||
\"user\" INT NOT NULL,
|
||||
\"domain\" INT NOT NULL,
|
||||
PRIMARY KEY (\"user\",domain),
|
||||
CONSTRAINT domain_exists
|
||||
FOREIGN KEY(domain_id) REFERENCES domains(id)
|
||||
FOREIGN KEY(domain) REFERENCES domains(id)
|
||||
ON DELETE CASCADE,
|
||||
CONSTRAINT user_exists
|
||||
FOREIGN KEY(user) REFERENCES user(id)
|
||||
FOREIGN KEY(\"user\") REFERENCES \"user\"(id)
|
||||
ON DELETE CASCADE
|
||||
);
|
||||
|
||||
|
@ -214,11 +217,11 @@ CREATE TABLE IF NOT EXISTS remote (
|
|||
id SERIAL PRIMARY KEY,
|
||||
record INT NOT NULL,
|
||||
description varchar(255) NOT NULL,
|
||||
type varchar(20) NOT NULL,
|
||||
security varchar(2000) NOT NULL,
|
||||
nonce varchar(255) DEFAULT NULL,
|
||||
\"type\" varchar(20) NOT NULL,
|
||||
\"security\" varchar(2000) NOT NULL,
|
||||
nonce varchar(255) DEFAULT NULL,
|
||||
CONSTRAINT record_exists
|
||||
FOREIGN KEY(record_id) REFERENCES records(id)
|
||||
FOREIGN KEY(record) REFERENCES records(id)
|
||||
ON DELETE CASCADE
|
||||
);
|
||||
|
||||
|
@ -244,7 +247,7 @@ CREATE TABLE IF NOT EXISTS comments (
|
|||
id SERIAL PRIMARY KEY,
|
||||
domain_id INT NOT NULL,
|
||||
name VARCHAR(255) NOT NULL,
|
||||
type VARCHAR(10) NOT NULL,
|
||||
\"type\" VARCHAR(10) NOT NULL,
|
||||
modified_at INT NOT NULL,
|
||||
account VARCHAR(40) DEFAULT NULL,
|
||||
comment VARCHAR(65535) NOT NULL,
|
||||
|
@ -297,36 +300,47 @@ catch (PDOException $e) {
|
|||
$retval['status'] = "error";
|
||||
$retval['message'] = serialize($e);
|
||||
}
|
||||
|
||||
$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||||
|
||||
if (!isset($retval)) {
|
||||
$passwordHash = password_hash($input->userPassword, PASSWORD_DEFAULT);
|
||||
|
||||
$stmt = $db->query($sql[$input->type]);
|
||||
while ($stmt->nextRowset()) {;}
|
||||
|
||||
$stmt = $db->prepare("INSERT INTO user(name,password,type) VALUES (:user,:hash,'admin')");
|
||||
|
||||
$queries = explode(";", $sql[$input->type]);
|
||||
|
||||
$db->beginTransaction();
|
||||
|
||||
foreach ($queries as $query) {
|
||||
if (preg_replace('/\s+/', '', $query) != '') {
|
||||
$db->exec($query);
|
||||
}
|
||||
}
|
||||
|
||||
$db->commit();
|
||||
|
||||
$stmt = $db->prepare("INSERT INTO \"user\"(name,password,type) VALUES (:user,:hash,'admin')");
|
||||
$stmt->bindValue(':user', $input->userName, PDO::PARAM_STR);
|
||||
$stmt->bindValue(':hash', $passwordHash, PDO::PARAM_STR);
|
||||
$stmt->execute();
|
||||
|
||||
$configFile = Array();
|
||||
|
||||
$configFile[] = '<?php';
|
||||
$configFile[] = '$config[\'db_host\'] = \'' . addslashes($input->host) . "';";
|
||||
$configFile[] = '$config[\'db_user\'] = \'' . addslashes($input->user) . "';";
|
||||
$configFile[] = '$config[\'db_password\'] = \'' . addslashes($input->password) . "';";
|
||||
$configFile[] = '$config[\'db_name\'] = \'' . addslashes($input->database) . "';";
|
||||
$configFile[] = '$config[\'db_port\'] = ' . addslashes($input->port) . ";";
|
||||
$configFile[] = '$config[\'db_type\'] = \'' . addslashes($input->type) . "';";
|
||||
$stmt->execute();
|
||||
|
||||
$configFile = Array();
|
||||
|
||||
$configFile[] = '<?php';
|
||||
$configFile[] = '$config[\'db_host\'] = \'' . addslashes($input->host) . "';";
|
||||
$configFile[] = '$config[\'db_user\'] = \'' . addslashes($input->user) . "';";
|
||||
$configFile[] = '$config[\'db_password\'] = \'' . addslashes($input->password) . "';";
|
||||
$configFile[] = '$config[\'db_name\'] = \'' . addslashes($input->database) . "';";
|
||||
$configFile[] = '$config[\'db_port\'] = ' . addslashes($input->port) . ";";
|
||||
$configFile[] = '$config[\'db_type\'] = \'' . addslashes($input->type) . "';";
|
||||
|
||||
$retval['status'] = "success";
|
||||
try {
|
||||
file_put_contents("../config/config-user.php", implode("\n", $configFile));
|
||||
$retval['status'] = "success";
|
||||
file_put_contents("../config/config-user.php", implode("\n", $configFile));
|
||||
}
|
||||
catch (Exception $e) {
|
||||
$retval['status'] = "error";
|
||||
$retval['message'] = serialize($e);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
if(isset($retval)) {
|
||||
|
|
|
@ -30,7 +30,7 @@ if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) {
|
|||
if(isset($input->action) && $input->action == "changePassword") {
|
||||
$passwordHash = password_hash($input->password, PASSWORD_DEFAULT);
|
||||
|
||||
$stmt = $db->prepare("UPDATE user SET password=:password WHERE id=:id");
|
||||
$stmt = $db->prepare("UPDATE \"user\" SET password=:password WHERE id=:id");
|
||||
$stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR);
|
||||
$stmt->bindValue(':id', $_SESSION['id'], PDO::PARAM_INT);
|
||||
$stmt->execute();
|
||||
|
|
|
@ -55,8 +55,17 @@ if(isset($input->action) && $input->action == "requestUpgrade") {
|
|||
INSERT INTO options(name,value) VALUES ('schema_version', 1);
|
||||
";
|
||||
$sql["pgsql"] = "INSERT INTO options(name,value) VALUES ('schema_version', 1);";
|
||||
$stmt = $db->query($sql[$dbType]);
|
||||
while ($stmt->nextRowset()) {;}
|
||||
$queries = explode(";", $sql[$dbType]);
|
||||
|
||||
$db->beginTransaction();
|
||||
|
||||
foreach ($queries as $query) {
|
||||
if (preg_replace('/\s+/', '', $query) != '') {
|
||||
$db->exec($query);
|
||||
}
|
||||
}
|
||||
|
||||
$db->commit();
|
||||
}
|
||||
if($currentVersion < 2) {
|
||||
$sql["mysql"] = "
|
||||
|
@ -80,8 +89,18 @@ if(isset($input->action) && $input->action == "requestUpgrade") {
|
|||
UPDATE options SET value=2 WHERE name='schema_version';
|
||||
";
|
||||
$sql["pgsql"] = "UPDATE options SET value=2 WHERE name='schema_version';";
|
||||
$stmt = $db->query($sql[$dbType]);
|
||||
while ($stmt->nextRowset()) {;}
|
||||
$queries = explode(";", $sql[$dbType]);
|
||||
|
||||
$db->beginTransaction();
|
||||
|
||||
foreach ($queries as $query) {
|
||||
if (preg_replace('/\s+/', '', $query) != '') {
|
||||
$db->exec($query);
|
||||
}
|
||||
}
|
||||
|
||||
$db->commit();
|
||||
|
||||
}
|
||||
if($currentVersion < 3) {
|
||||
$sql["mysql"] = "
|
||||
|
@ -99,8 +118,17 @@ if(isset($input->action) && $input->action == "requestUpgrade") {
|
|||
UPDATE options SET value=3 WHERE name='schema_version';
|
||||
";
|
||||
$sql["pgsql"] = "UPDATE options SET value=3 WHERE name='schema_version';";
|
||||
$stmt = $db->query($sql[$dbType]);
|
||||
while ($stmt->nextRowset()) {;}
|
||||
$queries = explode(";", $sql[$dbType]);
|
||||
|
||||
$db->beginTransaction();
|
||||
|
||||
foreach ($queries as $query) {
|
||||
if (preg_replace('/\s+/', '', $query) != '') {
|
||||
$db->exec($query);
|
||||
}
|
||||
}
|
||||
|
||||
$db->commit();
|
||||
|
||||
}
|
||||
if($currentVersion < 4) {
|
||||
|
@ -146,11 +174,22 @@ if(isset($input->action) && $input->action == "requestUpgrade") {
|
|||
UNIQUE KEY namealgoindex (name, algorithm)
|
||||
) Engine=InnoDB DEFAULT CHARSET=latin1;
|
||||
|
||||
ALTER TABLE user ADD UNIQUE KEY user_name_index (name);
|
||||
|
||||
UPDATE options SET value=4 WHERE name='schema_version';
|
||||
";
|
||||
$sql["pgsql"] = "UPDATE options SET value=4 WHERE name='schema_version';";
|
||||
$stmt = $db->query($sql[$dbType]);
|
||||
while ($stmt->nextRowset()) {;}
|
||||
$queries = explode(";", $sql[$dbType]);
|
||||
|
||||
$db->beginTransaction();
|
||||
|
||||
foreach ($queries as $query) {
|
||||
if (preg_replace('/\s+/', '', $query) != '') {
|
||||
$db->exec($query);
|
||||
}
|
||||
}
|
||||
|
||||
$db->commit();
|
||||
}
|
||||
$retval['status'] = "success";
|
||||
}
|
||||
|
|
|
@ -36,7 +36,7 @@ if(isset($input->action) && $input->action == "getUsers") {
|
|||
|
||||
$sql = "
|
||||
SELECT id,name,type
|
||||
FROM user
|
||||
FROM \"user\"
|
||||
WHERE
|
||||
(name LIKE :name1 OR :name2) AND
|
||||
(type=:type1 OR :type2)
|
||||
|
@ -96,11 +96,11 @@ if(isset($input->action) && $input->action == "deleteUser") {
|
|||
|
||||
$db->beginTransaction();
|
||||
|
||||
$stmt = $db->prepare("DELETE FROM permissions WHERE user=:userid");
|
||||
$stmt = $db->prepare("DELETE FROM permissions WHERE \"user\"=:userid");
|
||||
$stmt->bindValue(':userid', $userId, PDO::PARAM_INT);
|
||||
$stmt->execute();
|
||||
|
||||
$stmt = $db->prepare("DELETE FROM user WHERE id=:id");
|
||||
$stmt = $db->prepare("DELETE FROM \"user\" WHERE id=:id");
|
||||
$stmt->bindValue(':id', $userId, PDO::PARAM_INT);
|
||||
$stmt->execute();
|
||||
|
||||
|
|
Loading…
Reference in a new issue