diff --git a/api/domains.php b/api/domains.php index 54f02c3..d35e728 100644 --- a/api/domains.php +++ b/api/domains.php @@ -39,7 +39,7 @@ if(isset($input->action) && $input->action == "getDomains") { SELECT COUNT(*) AS anzahl FROM domains D LEFT OUTER JOIN permissions P ON D.id = P.domain - WHERE (P.\"user\"=:user1 OR :user2) AND + WHERE (P.userid=:user1 OR :user2) AND (D.name LIKE :name1 OR :name2) AND (D.type=:type1 OR :type2) "; @@ -91,7 +91,7 @@ if(isset($input->action) && $input->action == "getDomains") { FROM domains D LEFT OUTER JOIN records R ON D.id = R.domain_id LEFT OUTER JOIN permissions P ON D.id = P.domain - WHERE (P.\"user\"=:user1 OR :user2) + WHERE (P.userid=:user1 OR :user2) GROUP BY D.id, D.name, D.type HAVING (D.name LIKE :name1 OR :name2) AND diff --git a/api/edit-master.php b/api/edit-master.php index ad0d670..14bd19d 100644 --- a/api/edit-master.php +++ b/api/edit-master.php @@ -31,7 +31,7 @@ if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) { //Permission check if(isset($input->domain)) { - $permquery = $db->prepare("SELECT COUNT(*) FROM permissions WHERE \"user\"=:user AND domain=:domain"); + $permquery = $db->prepare("SELECT COUNT(*) FROM permissions WHERE userid=:user AND domain=:domain"); $permquery->bindValue(':user', $_SESSION['id'], PDO::PARAM_INT); $permquery->bindValue(':domain', $input->domain, PDO::PARAM_INT); $permquery->execute(); diff --git a/api/edit-remote.php b/api/edit-remote.php index 79e097c..b4f1155 100644 --- a/api/edit-remote.php +++ b/api/edit-remote.php @@ -29,7 +29,7 @@ if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) { //Permission check if(isset($input->record)) { - $permquery = $db->prepare("SELECT COUNT(*) FROM records JOIN permissions ON records.domain_id=permissions.domain WHERE \"user\"=:user AND records.id=:id"); + $permquery = $db->prepare("SELECT COUNT(*) FROM records JOIN permissions ON records.domain_id=permissions.domain WHERE userid=:user AND records.id=:id"); $permquery->bindValue(':user', $_SESSION['id'], PDO::PARAM_INT); $permquery->bindValue(':id', $input->record, PDO::PARAM_INT); $permquery->execute(); diff --git a/api/edit-user.php b/api/edit-user.php index e6e2b63..0f48084 100644 --- a/api/edit-user.php +++ b/api/edit-user.php @@ -37,14 +37,14 @@ if(isset($input->action) && $input->action == "addUser") { $db->beginTransaction(); - $stmt = $db->prepare("INSERT INTO \"user\"(name,password,type) VALUES (:name,:password,:type)"); + $stmt = $db->prepare("INSERT INTO users(name,password,type) VALUES (:name,:password,:type)"); $stmt->bindValue(':name', $input->name, PDO::PARAM_STR); $stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR); $stmt->bindValue(':type', $input->type, PDO::PARAM_STR); $stmt->execute(); - $stmt = $db->prepare("SELECT MAX(id) FROM \"user\" WHERE name=:name AND password=:password AND type=:type"); + $stmt = $db->prepare("SELECT MAX(id) FROM users WHERE name=:name AND password=:password AND type=:type"); $stmt->bindValue(':name', $input->name, PDO::PARAM_STR); $stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR); $stmt->bindValue(':type', $input->type, PDO::PARAM_STR); @@ -58,7 +58,7 @@ if(isset($input->action) && $input->action == "addUser") { } if(isset($input->action) && $input->action == "getUserData") { - $stmt = $db->prepare("SELECT name,type FROM \"user\" WHERE id=:id LIMIT 1"); + $stmt = $db->prepare("SELECT name,type FROM users WHERE id=:id LIMIT 1"); $stmt->bindValue(':id', $input->id, PDO::PARAM_INT); $stmt->execute(); $stmt->bindColumn('name', $userName); @@ -73,14 +73,14 @@ if(isset($input->action) && $input->action == "getUserData") { if(isset($input->action) && $input->action == "saveUserChanges") { if(isset($input->password)) { $passwordHash = password_hash($input->password, PASSWORD_DEFAULT); - $stmt = $db->prepare("UPDATE \"user\" SET name=:name,password=:password,type=:type WHERE id=:id"); + $stmt = $db->prepare("UPDATE users SET name=:name,password=:password,type=:type WHERE id=:id"); $stmt->bindValue(':name', $input->name, PDO::PARAM_STR); $stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR); $stmt->bindValue(':type', $input->type, PDO::PARAM_STR); $stmt->bindValue(':id', $input->id, PDO::PARAM_INT); $stmt->execute(); } else { - $stmt = $db->prepare("UPDATE \"user\" SET name=:name,type=:type WHERE id=:id"); + $stmt = $db->prepare("UPDATE users SET name=:name,type=:type WHERE id=:id"); $stmt->bindValue(':name', $input->name, PDO::PARAM_STR); $stmt->bindValue(':type', $input->type, PDO::PARAM_STR); $stmt->bindValue(':id', $input->id, PDO::PARAM_INT); @@ -94,7 +94,7 @@ if(isset($input->action) && $input->action == "getPermissions") { SELECT D.id,D.name FROM permissions P JOIN domains D ON P.domain=D.id - WHERE P.\"user\"=:user + WHERE P.userid=:user "); $stmt->bindValue(':user', $input->id, PDO::PARAM_INT); @@ -109,7 +109,7 @@ if(isset($input->action) && $input->action == "getPermissions") { if(isset($input->action) && $input->action == "removePermission") { - $stmt = $db->prepare("DELETE FROM permissions WHERE \"user\"=:user AND domain=:domain"); + $stmt = $db->prepare("DELETE FROM permissions WHERE userid=:user AND domain=:domain"); $stmt->bindValue(':user', $input->userId, PDO::PARAM_INT); $stmt->bindValue(':domain', $input->domainId, PDO::PARAM_INT); @@ -117,7 +117,7 @@ if(isset($input->action) && $input->action == "removePermission") { } if(isset($input->action) && $input->action == "searchDomains" && isset($input->term)) { - $stmt = $db->prepare("SELECT id,name AS text FROM domains WHERE name LIKE :name AND id NOT IN(SELECT domain FROM permissions WHERE \"user\"=:user)"); + $stmt = $db->prepare("SELECT id,name AS text FROM domains WHERE name LIKE :name AND id NOT IN(SELECT domain FROM permissions WHERE userid=:user)"); $searchTerm = "%" . $input->term . "%"; @@ -133,7 +133,7 @@ if(isset($input->action) && $input->action == "searchDomains" && isset($input->t } if(isset($input->action) && $input->action == "addPermissions") { - $stmt = $db->prepare("INSERT INTO permissions(\"user\",domain) VALUES (:user,:domain)"); + $stmt = $db->prepare("INSERT INTO permissions(userid,domain) VALUES (:user,:domain)"); foreach($input->domains as $domain) { $stmt->bindValue(':user', $input->userId, PDO::PARAM_INT); diff --git a/api/index.php b/api/index.php index 90a2d64..5233d77 100644 --- a/api/index.php +++ b/api/index.php @@ -21,7 +21,7 @@ require_once '../lib/database.php'; $input = json_decode(file_get_contents('php://input')); -$stmt = $db->prepare("SELECT id,password,type FROM \"user\" WHERE name=:name LIMIT 1"); +$stmt = $db->prepare("SELECT id,password,type FROM users WHERE name=:name LIMIT 1"); $stmt->bindValue(':name', $input->user, PDO::PARAM_STR); $stmt->execute(); $stmt->bindColumn('id', $id); diff --git a/api/install.php b/api/install.php index 10b8aea..191f03f 100644 --- a/api/install.php +++ b/api/install.php @@ -38,13 +38,6 @@ CREATE TABLE IF NOT EXISTS domains ( UNIQUE KEY name_index (name) ) ENGINE=InnoDB DEFAULT CHARSET=latin1; -CREATE TABLE IF NOT EXISTS permissions ( - user int(11) NOT NULL, - domain int(11) NOT NULL, - PRIMARY KEY (user,domain), - KEY domain (domain) -) ENGINE=InnoDB DEFAULT CHARSET=latin1; - CREATE TABLE IF NOT EXISTS records ( id int(11) NOT NULL AUTO_INCREMENT, domain_id int(11) DEFAULT NULL, @@ -59,13 +52,11 @@ CREATE TABLE IF NOT EXISTS records ( PRIMARY KEY (id), KEY rec_name_index (name), KEY nametype_index (name,type), - KEY domain_id (domain_id) + KEY domain_id (domain_id), + CONSTRAINT records_ibfk_1 FOREIGN KEY (domain_id) REFERENCES domains (id) ON DELETE CASCADE ) ENGINE=InnoDB DEFAULT CHARSET=latin1; -ALTER TABLE records - ADD CONSTRAINT records_ibfk_1 FOREIGN KEY (domain_id) REFERENCES domains (id) ON DELETE CASCADE; - -CREATE TABLE IF NOT EXISTS user ( +CREATE TABLE IF NOT EXISTS users ( id int(11) NOT NULL AUTO_INCREMENT, name varchar(50) NOT NULL, password varchar(200) NOT NULL, @@ -74,10 +65,14 @@ CREATE TABLE IF NOT EXISTS user ( UNIQUE KEY user_name_index (name) ) ENGINE=InnoDB DEFAULT CHARSET=latin1; -ALTER TABLE permissions - ADD CONSTRAINT permissions_ibfk_1 FOREIGN KEY (domain) REFERENCES domains (id) ON DELETE CASCADE; -ALTER TABLE permissions - ADD CONSTRAINT permissions_ibfk_2 FOREIGN KEY (user) REFERENCES user (id) ON DELETE CASCADE; +CREATE TABLE IF NOT EXISTS permissions ( + userid int(11) NOT NULL, + domain int(11) NOT NULL, + PRIMARY KEY (userid,domain), + KEY domain (domain), + CONSTRAINT permissions_ibfk_1 FOREIGN KEY (domain) REFERENCES domains (id) ON DELETE CASCADE, + CONSTRAINT permissions_ibfk_2 FOREIGN KEY (userid) REFERENCES users (id) ON DELETE CASCADE +) ENGINE=InnoDB DEFAULT CHARSET=latin1; CREATE TABLE IF NOT EXISTS remote ( id int(11) NOT NULL AUTO_INCREMENT, @@ -87,18 +82,18 @@ CREATE TABLE IF NOT EXISTS remote ( security varchar(2000) NOT NULL, nonce varchar(255) DEFAULT NULL, PRIMARY KEY (id), - KEY record (record) + KEY record (record), + CONSTRAINT remote_ibfk_1 FOREIGN KEY (record) REFERENCES records (id) ON DELETE CASCADE ) ENGINE=InnoDB DEFAULT CHARSET=latin1; -ALTER TABLE remote - ADD CONSTRAINT remote_ibfk_1 FOREIGN KEY (record) REFERENCES records (id) ON DELETE CASCADE; - CREATE TABLE IF NOT EXISTS options ( name varchar(255) NOT NULL, value varchar(2000) DEFAULT NULL, PRIMARY KEY (name) ) ENGINE=InnoDB DEFAULT CHARSET=latin1; +DELETE FROM options where name='schema_version'; + INSERT INTO options(name,value) VALUES ('schema_version', 4); CREATE TABLE IF NOT EXISTS supermasters ( @@ -159,7 +154,7 @@ CREATE TABLE IF NOT EXISTS domains ( name VARCHAR(255) NOT NULL, master VARCHAR(128) DEFAULT NULL, last_check INT DEFAULT NULL, - \"type\" VARCHAR(6) NOT NULL, + type VARCHAR(6) NOT NULL, notified_serial INT DEFAULT NULL, account VARCHAR(40) DEFAULT NULL, CONSTRAINT c_lowercase_name CHECK (((name)::TEXT = LOWER((name)::TEXT))) @@ -171,7 +166,7 @@ CREATE TABLE IF NOT EXISTS records ( id SERIAL PRIMARY KEY, domain_id INT DEFAULT NULL, name VARCHAR(255) DEFAULT NULL, - \"type\" VARCHAR(10) DEFAULT NULL, + type VARCHAR(10) DEFAULT NULL, content VARCHAR(65535) DEFAULT NULL, ttl INT DEFAULT NULL, prio INT DEFAULT NULL, @@ -190,24 +185,24 @@ CREATE INDEX IF NOT EXISTS nametype_index ON records(name,type); CREATE INDEX IF NOT EXISTS domain_id ON records(domain_id); CREATE INDEX IF NOT EXISTS recordorder ON records (domain_id, ordername text_pattern_ops); -CREATE TABLE IF NOT EXISTS \"user\" ( +CREATE TABLE IF NOT EXISTS users ( id SERIAL PRIMARY KEY, name varchar(50) NOT NULL, password varchar(200) NOT NULL, - \"type\" varchar(20) NOT NULL + type varchar(20) NOT NULL ); -CREATE UNIQUE INDEX IF NOT EXISTS user_name_index ON \"user\"(name); +CREATE UNIQUE INDEX IF NOT EXISTS user_name_index ON users(name); CREATE TABLE IF NOT EXISTS permissions ( - \"user\" INT NOT NULL, - \"domain\" INT NOT NULL, - PRIMARY KEY (\"user\",domain), + userid INT NOT NULL, + domain INT NOT NULL, + PRIMARY KEY (userid,domain), CONSTRAINT domain_exists FOREIGN KEY(domain) REFERENCES domains(id) ON DELETE CASCADE, CONSTRAINT user_exists - FOREIGN KEY(\"user\") REFERENCES \"user\"(id) + FOREIGN KEY(userid) REFERENCES users(id) ON DELETE CASCADE ); @@ -217,8 +212,8 @@ CREATE TABLE IF NOT EXISTS remote ( id SERIAL PRIMARY KEY, record INT NOT NULL, description varchar(255) NOT NULL, - \"type\" varchar(20) NOT NULL, - \"security\" varchar(2000) NOT NULL, + type varchar(20) NOT NULL, + security varchar(2000) NOT NULL, nonce varchar(255) DEFAULT NULL, CONSTRAINT record_exists FOREIGN KEY(record) REFERENCES records(id) @@ -233,6 +228,8 @@ CREATE TABLE IF NOT EXISTS options ( PRIMARY KEY (name) ); +DELETE FROM options where name='schema_version'; + INSERT INTO options(name,value) VALUES ('schema_version', 4); CREATE TABLE IF NOT EXISTS supermasters ( @@ -247,7 +244,7 @@ CREATE TABLE IF NOT EXISTS comments ( id SERIAL PRIMARY KEY, domain_id INT NOT NULL, name VARCHAR(255) NOT NULL, - \"type\" VARCHAR(10) NOT NULL, + type VARCHAR(10) NOT NULL, modified_at INT NOT NULL, account VARCHAR(40) DEFAULT NULL, comment VARCHAR(65535) NOT NULL, @@ -318,7 +315,7 @@ if (!isset($retval)) { $db->commit(); - $stmt = $db->prepare("INSERT INTO \"user\"(name,password,type) VALUES (:user,:hash,'admin')"); + $stmt = $db->prepare("INSERT INTO users(name,password,type) VALUES (:user,:hash,'admin')"); $stmt->bindValue(':user', $input->userName, PDO::PARAM_STR); $stmt->bindValue(':hash', $passwordHash, PDO::PARAM_STR); $stmt->execute(); diff --git a/api/password.php b/api/password.php index 7c48f93..60d41c2 100644 --- a/api/password.php +++ b/api/password.php @@ -30,7 +30,7 @@ if(!isset($input->csrfToken) || $input->csrfToken !== $_SESSION['csrfToken']) { if(isset($input->action) && $input->action == "changePassword") { $passwordHash = password_hash($input->password, PASSWORD_DEFAULT); - $stmt = $db->prepare("UPDATE \"user\" SET password=:password WHERE id=:id"); + $stmt = $db->prepare("UPDATE users SET password=:password WHERE id=:id"); $stmt->bindValue(':password', $passwordHash, PDO::PARAM_STR); $stmt->bindValue(':id', $_SESSION['id'], PDO::PARAM_INT); $stmt->execute(); diff --git a/api/upgrade.php b/api/upgrade.php index 9f1255c..19e4323 100644 --- a/api/upgrade.php +++ b/api/upgrade.php @@ -174,8 +174,58 @@ if(isset($input->action) && $input->action == "requestUpgrade") { UNIQUE KEY namealgoindex (name, algorithm) ) Engine=InnoDB DEFAULT CHARSET=latin1; - ALTER TABLE user ADD UNIQUE KEY user_name_index (name); + DELETE FROM permissions + WHERE user IN ( + SELECT id FROM user + LEFT OUTER JOIN ( + SELECT MIN(U.id) AS minid, U.name + FROM user AS U + GROUP BY U.name + ) as KeepRows ON user.id = KeepRows.minid + WHERE KeepRows.minid IS NULL + ); + + ALTER TABLE permissions ADD userid INT NOT NULL; + UPDATE permissions SET userid = user; + + ALTER TABLE permissions DROP FOREIGN KEY permissions_ibfk_2; + + ALTER TABLE permissions DROP user; + + CREATE TABLE IF NOT EXISTS users ( + id int(11) NOT NULL, + name varchar(50) NOT NULL, + password varchar(200) NOT NULL, + type varchar(20) NOT NULL, + PRIMARY KEY (id) + ) ENGINE=InnoDB DEFAULT CHARSET=latin1; + + INSERT INTO users (id, name, password, type) SELECT id, name, password, type FROM user; + + DELETE FROM users + WHERE users.id IN ( + SELECT user.id FROM user + LEFT OUTER JOIN ( + SELECT MIN(U.id) AS minid, U.name + FROM user AS U + GROUP BY U.name + ) as KeepRows ON user.id = KeepRows.minid + WHERE KeepRows.minid IS NULL + ); + + ALTER TABLE users ADD CONSTRAINT UNIQUE KEY user_name_index (name); + + ALTER TABLE users MODIFY COLUMN id int(11) NOT NULL AUTO_INCREMENT; + + ALTER TABLE permissions ADD CONSTRAINT permissions_ibfk_2 FOREIGN KEY (userid) REFERENCES users (id) ON DELETE CASCADE; + + DROP TABLE user; + + UPDATE domains SET name=LOWER(name); + + UPDATE records SET name=LOWER(name); + UPDATE options SET value=4 WHERE name='schema_version'; "; $sql["pgsql"] = "UPDATE options SET value=4 WHERE name='schema_version';"; diff --git a/api/users.php b/api/users.php index 75c7a2d..d4d31c3 100644 --- a/api/users.php +++ b/api/users.php @@ -36,7 +36,7 @@ if(isset($input->action) && $input->action == "getUsers") { $sql = " SELECT id,name,type - FROM \"user\" + FROM users WHERE (name LIKE :name1 OR :name2) AND (type=:type1 OR :type2) @@ -96,11 +96,11 @@ if(isset($input->action) && $input->action == "deleteUser") { $db->beginTransaction(); - $stmt = $db->prepare("DELETE FROM permissions WHERE \"user\"=:userid"); + $stmt = $db->prepare("DELETE FROM permissions WHERE userid=:userid"); $stmt->bindValue(':userid', $userId, PDO::PARAM_INT); $stmt->execute(); - $stmt = $db->prepare("DELETE FROM \"user\" WHERE id=:id"); + $stmt = $db->prepare("DELETE FROM users WHERE id=:id"); $stmt->bindValue(':id', $userId, PDO::PARAM_INT); $stmt->execute();