mirror/postfixadmin
0
0
Fork 0
mirror of https://github.com/postfixadmin/postfixadmin.git synced 2024-09-19 19:22:14 +02:00
Code

reformat; fix some transition bugs

Browse Source
This commit is contained in:
David Goodwin 2019-01-06 21:03:43 +00:00 committed by David Goodwin
parent ea33d9951a
commit 1176c9ce78
11 changed files with 61 additions and 132 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

148
functions.inc.php
View File

@ -271,7 +271,7 @@ function get_password_expiration_value($domain) {
$query = "SELECT password_expiry FROM $table_domain WHERE domain= :domain";
$result = db_prepared_fetch_one($query, array('domain' => $domain));
if(is_array($result) && isset($result['password_expiry'])) {
if (is_array($result) && isset($result['password_expiry'])) {
return $result['password_expiry'];
}
return null;
@ -327,39 +327,13 @@ function check_email($email) {
* @return string cleaned data, suitable for use within an SQL statement.
*/
function escape_string($string) {
global $CONF;
if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
$string = stripslashes($string);
if (is_numeric($string)) {
return $string;
}
$escaped_string = '';
$link = db_connect();
if (!is_numeric($string)) {
$link = db_connect();
if ($CONF['database_type'] == "mysql" && is_resource($link)) {
$escaped_string = mysql_real_escape_string($string, $link);
}
if ($CONF['database_type'] == "mysqli" && $link instanceof mysqli) {
$escaped_string = mysqli_real_escape_string($link, $string);
}
if (db_sqlite()) {
$escaped_string = SQLite3::escapeString($string);
}
if (db_pgsql() && is_resource($link)) {
// php 5.2+ allows for $link to be specified.
if (version_compare(phpversion(), "5.2.0", ">=")) {
$escaped_string = pg_escape_string($link, $string);
} else {
$escaped_string = pg_escape_string($string);
}
}
} else {
$escaped_string = $string;
}
return $escaped_string;
return trim($link->quote($string), "'");
}
@ -584,16 +558,14 @@ function create_page_browser($idxfield, $querypart) {
$result = db_query($query);
$result = db_prepared_fetch_all($query);
foreach($result as $k => $row) {
if(isset($result[$k + 1])) {
foreach ($result as $k => $row) {
if (isset($result[$k + 1])) {
$row2 = $result[$k + 1];
$label = substr($row['label'], 0, $label_len) . '-' . substr($row2['label'], 0, $label_len);
}
else {
} else {
$label = substr($row['label'], 0, $label_len);
}
$pagebrowser[] = $label;
}
if (db_pgsql()) {
@ -632,7 +604,7 @@ function check_owner($username, $domain) {
array($username, $domain, db_get_boolean(true))
);
if(sizeof($result) == 1 || sizeof($result) == 2) { # "ALL" + specific domain permissions is possible
if (sizeof($result) == 1 || sizeof($result) == 2) { # "ALL" + specific domain permissions is possible
# TODO: if superadmin, check if given domain exists in the database
return true;
} else {
@ -652,7 +624,6 @@ function check_owner($username, $domain) {
* @return array of domain names.
*/
function list_domains_for_admin($username) {
$table_domain = table_by_key('domain');
$table_domain_admins = table_by_key('domain_admins');
@ -683,14 +654,13 @@ function list_domains_for_admin($username) {
$result = db_prepared_fetch_all($query, $pvalues);
return array_column($result, 'domain');
}
if(!function_exists('array_column')) {
if (!function_exists('array_column')) {
function array_column(array $array, $column) {
$retval = array();
foreach($array as $row) {
foreach ($array as $row) {
$retval[] = $row[$column];
}
return $retval;
@ -708,7 +678,7 @@ function list_domains() {
$table_domain = table_by_key('domain');
$result = db_prepared_fetch_all("SELECT domain FROM $table_domain WHERE domain!='ALL' ORDER BY domain");
$i = 0;
foreach($result as $row) {
foreach ($result as $row) {
$list[$i] = $row['domain'];
$i++;
}
@ -729,6 +699,7 @@ function list_admins() {
$handler = new AdminHandler();
$handler->getList('');
return $handler->result();
}
@ -1509,8 +1480,7 @@ function db_connect_with_errors() {
}
$queries[] = 'SET CHARACTER SET utf8';
$queries[] = "SET COLLATION_CONNECTION='utf8_general_ci'";
}
elseif (db_sqlite()) {
} elseif (db_sqlite()) {
$dsn = "sqlite:{$CONF['database_name']}";
$username_password = false;
} elseif (db_pgsql()) {
@ -1522,10 +1492,9 @@ function db_connect_with_errors() {
$error_text = "<p>DEBUG INFORMATION:<br />Invalid \$CONF['database_type']! Please fix your config.inc.php! $DEBUG_TEXT";
}
if($username_password) {
$link = new PDO($dsn, Config::read_string('database_user'), Config::read_string('database_pass'), $options);
}
else {
if ($username_password) {
$link = new PDO($dsn, Config::read_string('database_user'), Config::read_string('database_password'), $options);
} else {
$link = new PDO($dsn, null, null, $options);
}
@ -1658,8 +1627,7 @@ function db_prepared_insert($sql, array $values = array()) {
try {
$stmt = $link->prepare($sql);
$stmt->execute($values);
}
catch(PDOException $e) {
} catch (PDOException $e) {
$error_text = "Invalid query: " . $e->getMessage() . " caused by " . $sql ;
error_log($error_text);
}
@ -1673,18 +1641,16 @@ function db_prepared_insert($sql, array $values = array()) {
* @return array e.g. ['result' => PDOStatement, 'error' => string ]
*/
function db_prepared_query($sql, array $values = array(), $ignore_errors = false) {
$link = db_connect();
$error_text = '';
try {
$stmt = $link->prepare($sql);
$stmt->execute($values);
}
catch(PDOException $e) {
} catch (PDOException $e) {
$error_text = "Invalid query: " . $e->getMessage() . " caused by " . $sql ;
error_log($error_text);
if(!$ignore_errors) {
if (!$ignore_errors) {
die("DEBUG INFORMATION: " . $e->getMessage() . "<br/> Check your error_log for the failed query");
}
}
@ -1701,32 +1667,10 @@ function db_prepared_query($sql, array $values = array(), $ignore_errors = false
* @param int $ignore_errors (default 0 aka do not ignore errors)
* @return array ['result' => resource, 'rows' => int ,'error' => string]
*/
function db_query($query, $ignore_errors = 0)
{
function db_query($query, $ignore_errors = 0) {
return db_prepared_query($query, array(), $ignore_errors == 0);
}
// db_row
// Action: Returns a row from a table
// Call: db_row (int result)
/**
* Get an associative array from a DB query resource.
*
* @param PDOStatement $result
* @return array
*/
function db_assoc(PDOStatement $result) {
$row = $result->fetch(PDO::FETCH_ASSOC);
if (!is_array($row)) {
$row = [];
}
return $row;
}
/**
@ -1746,7 +1690,6 @@ function db_delete($table, $where, $delete, $additionalwhere='') {
$query = "DELETE FROM $table WHERE $where = ? $additionalwhere";
return db_prepared_insert($query, [$delete]);
}
@ -1795,12 +1738,11 @@ function db_insert($table, array $values, $timestamp = array('created', 'modifie
$comma = '';
$prepared_statment_values = $values;
foreach($values as $field => $value) {
if(in_array($field, $timestamp)) {
foreach ($values as $field => $value) {
if (in_array($field, $timestamp)) {
$value_string .= $comma . $value; // see above.
unset($prepared_statment_values[$field]);
}
else {
} else {
$value_string .= $comma . ":{$field}";
}
$comma = ',';
@ -1810,7 +1752,6 @@ function db_insert($table, array $values, $timestamp = array('created', 'modifie
return db_prepared_insert(
"INSERT INTO $table (" . implode(",", array_keys($values)) .") VALUES ($value_string)",
$prepared_statment_values);
}
@ -1826,7 +1767,6 @@ function db_insert($table, array $values, $timestamp = array('created', 'modifie
* @return int - number of updated rows
*/
function db_update($table, $where_col, $where_value, $values, $timestamp = array('modified')) {
$table_key = table_by_key($table);
$sql_values = array();
@ -1834,20 +1774,17 @@ function db_update($table, $where_col, $where_value, $values, $timestamp = array
$set = array();
foreach ($values as $key => $value) {
if(in_array($key, $timestamp)) {
if(db_sqlite()) {
if (in_array($key, $timestamp)) {
if (db_sqlite()) {
$set[] = " $key = datetime('now') ";
}
else {
} else {
$set[] = " $key = now() ";
}
}
else {
} else {
$set[] = " $key = :$key ";
$pvalues[$key] = $value;
}
}
}
/* @todo this needs refactoring/moving out from here */
if (Config::bool('password_expiration')) {
@ -1867,7 +1804,6 @@ function db_update($table, $where_col, $where_value, $values, $timestamp = array
$sql="UPDATE $table_key SET " . implode(",", $set) . " WHERE $where_col = :where";
return db_prepared_insert($sql, $pvalues);
}
@ -2042,8 +1978,7 @@ function check_db_version($error_out = true) {
if (isset($row['value'])) {
$dbversion = (int) $row['value'];
}
else {
} else {
db_query("INSERT INTO $table (name, value) VALUES ('version', '0')", 0);
}
@ -2071,10 +2006,10 @@ function gen_show_status($show_alias) {
$stat_string = "";
$stat_goto = "";
$stat_result = db_prepared_fetch_all("SELECT goto FROM $table_alias WHERE address=?", [$show_alias]);
$stat_result = db_prepared_fetch_one("SELECT goto FROM $table_alias WHERE address=?", array($show_alias));
if (sizeof($stat_result) > 0) {
$stat_goto = $stat_result[0]['goto'];
if ($stat_result) {
$stat_goto = $stat_result['goto'];
}
$delimiter_regex = null;
@ -2115,11 +2050,12 @@ function gen_show_status($show_alias) {
$sql .= " OR address = ? ";
}
$stat_result = db_prepared_query($sql, $v);
$stat_result = db_prepared_fetch_one($sql, $v);
if (array_key_exists('rows', $stat_result) && $stat_result['rows'] == 0) {
if (empty($stat_result)) {
$stat_ok = 0;
}
if ($stat_ok == 0) {
if ($stat_domain == $CONF['vacation_domain'] || in_array($stat_domain, $CONF['show_undeliverable_exceptions'])) {
$stat_ok = 1;
@ -2135,8 +2071,8 @@ function gen_show_status($show_alias) {
// Vacation CHECK
if ( $CONF['show_vacation'] == 'YES' ) {
$stat_result = db_prepared_query("SELECT * FROM ". $CONF['database_tables']['vacation'] ." WHERE email = ? AND active = ? ", array($show_alias, db_get_boolean(true) )) ;
if ($stat_result['rows'] == 1) {
$stat_result = db_prepared_fetch_one("SELECT * FROM ". $CONF['database_tables']['vacation'] ." WHERE email = ? AND active = ? ", array($show_alias, db_get_boolean(true) )) ;
if (!empty($stat_result)) {
$stat_string .= "<span style='background-color:" . $CONF['show_vacation_color'] . "'>" . $CONF['show_status_text'] . "</span>&nbsp;";
} else {
$stat_string .= $CONF['show_status_text'] . "&nbsp;";
@ -2145,11 +2081,11 @@ function gen_show_status($show_alias) {
// Disabled CHECK
if ( $CONF['show_disabled'] == 'YES' ) {
$stat_result = db_prepared_query(
$stat_result = db_prepared_fetch_one(
"SELECT * FROM ". $CONF['database_tables']['mailbox'] ." WHERE username = ? AND active = ?",
array($show_alias, db_get_boolean(false))
);
if ($stat_result['rows'] == 1) {
if (!empty($stat_result)) {
$stat_string .= "<span style='background-color:" . $CONF['show_disabled_color'] . "'>" . $CONF['show_status_text'] . "</span>&nbsp;";
} else {
$stat_string .= $CONF['show_status_text'] . "&nbsp;";
@ -2163,9 +2099,9 @@ function gen_show_status($show_alias) {
$now = "datetime('now')";
}
$stat_result = db_prepared_query("SELECT * FROM ". $CONF['database_tables']['mailbox'] ." WHERE username = ? AND password_expiry <= ? AND active = ?", array( $show_alias , $now , db_get_boolean(true) ));
$stat_result = db_prepared_fetch_one("SELECT * FROM ". $CONF['database_tables']['mailbox'] ." WHERE username = ? AND password_expiry <= ? AND active = ?", array( $show_alias , $now , db_get_boolean(true) ));
if ($stat_result['rows'] == 1) {
if (!empty($stat_result)) {
$stat_string .= "<span style='background-color:" . $CONF['show_expired_color'] . "'>" . $CONF['show_status_text'] . "</span>&nbsp;";
} else {
$stat_string .= $CONF['show_status_text'] . "&nbsp;";

4
model/AdminHandler.php
View File

@ -154,8 +154,8 @@ class AdminHandler extends PFAHandler {
'domain' => 'ALL',
);
$where = db_where_clause(array('username' => $this->id, 'domain' => 'ALL'), $this->struct);
$result = db_query("SELECT username from " . table_by_key('domain_admins') . " " . $where);
if ($result['rows'] == 0) {
$result = db_prepared_fetch_one("SELECT username from " . table_by_key('domain_admins') . " " . $where);
if(empty($result)) {
db_insert('domain_admins', $values, array('created'));
# TODO: check for errors
}

8
model/PFAHandler.php
View File

@ -727,8 +727,10 @@ abstract class PFAHandler {
$db_result = array();
$result = db_prepared_fetch_all($query);
foreach($result as $row) {
foreach ($result as $row) {
$db_result[$row[$this->id_field]] = $row;
}
@ -814,7 +816,6 @@ abstract class PFAHandler {
* @return boolean true on successful login (i.e. password matches etc)
*/
public function login($username, $password) {
$table = table_by_key($this->db_table);
$active = db_get_boolean(true);
$query = "SELECT password FROM $table WHERE {$this->id_field} = :username AND active = :active";
@ -861,7 +862,6 @@ abstract class PFAHandler {
* @return boolean true on success (i.e. code matches etc)
*/
public function checkPasswordRecoveryCode($username, $token) {
$table = table_by_key($this->db_table);
$active = db_get_boolean(true);
@ -869,7 +869,7 @@ abstract class PFAHandler {
$values = array('username' => $username, 'active' => $active);
$result = db_prepared_fetch_all($query, $values);
if(sizeof($result) == 1) {
if (sizeof($result) == 1) {
$row = $result[0];
$crypt_token = pacrypt($token, $row['token']);

7
model/VacationHandler.php
View File

@ -186,12 +186,11 @@ class VacationHandler extends PFAHandler {
* will return false if no existing data
*/
public function get_details() {
$table_vacation = table_by_key('vacation');
$sql = "SELECT * FROM $table_vacation WHERE email = :username";
$result = db_prepared_fetch_all($sql, array('username' => $this->username));
if(sizeof($result) != 1) {
if (sizeof($result) != 1) {
return false;
}
@ -244,8 +243,8 @@ class VacationHandler extends PFAHandler {
// is there an entry in the vacaton table for the user, or do we need to insert?
$table_vacation = table_by_key('vacation');
$result = db_query("SELECT * FROM $table_vacation WHERE email = '$E_username'");
if ($result['rows'] == 1) {
$result = db_prepared_fetch_one("SELECT * FROM $table_vacation WHERE email = ?", array($this->username));
if(!empty($result)) {
$result = db_update('vacation', 'email', $this->username, $vacation_data);
} else {
$result = db_insert('vacation', $vacation_data);

6
public/backup.php
View File

@ -98,10 +98,9 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") {
for ($i = 0 ; $i < sizeof($tables) ; ++$i) {
$result = db_prepared_fetch_all("SHOW CREATE TABLE " . table_by_key($tables[$i]));
foreach($result as $row) {
foreach ($result as $row) {
fwrite($fh, array_pop($row));
}
}
for ($i = 0 ; $i < sizeof($tables) ; ++$i) {
@ -109,7 +108,7 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") {
$pdo = db_connect();
$stmt = $pdo->prepare('SELECT * FROM ' . table_by_key($tables[$i]));
$stmt->execute();
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$fields = array_keys($row);
$values = array_values($row);
$values = array_map(function ($str) {
@ -120,7 +119,6 @@ if ($_SERVER['REQUEST_METHOD'] == "GET") {
$fields = "";
$values = "";
}
}
}
header("Content-Type: text/plain");

3
public/list-virtual.php
View File

@ -228,8 +228,7 @@ $tMailbox = array();
$delimiter = preg_quote($CONF['recipient_delimiter'], "/");
$goto_single_rec_del = "";
foreach($result as $row) {
foreach ($result as $row) {
if ($display_mailbox_aliases) {
$goto_split = explode(",", $row['goto']);
$row['goto_mailbox'] = 0;

1
public/list.php
View File

@ -76,6 +76,7 @@ if (count($search)) {
} else {
$handler->getList('');
}
$items = $handler->result();
if (count($handler->errormsg)) {

2
public/setup.php
View File

@ -304,7 +304,7 @@ if ($error != 0) {
// XXX need to ensure domains table includes an 'ALL' entry.
$table_domain = table_by_key('domain');
$rows = db_prepared_fetch_all("SELECT * FROM $table_domain WHERE domain = 'ALL'");
if(empty($rows)) {
if (empty($rows)) {
db_insert('domain', array('domain' => 'ALL', 'description' => '', 'transport' => '')); // all other fields should default through the schema.
}

7
public/upgrade.php
View File

@ -65,7 +65,7 @@ function _sqlite_field_exists($table, $field) {
$sql = "PRAGMA table_info($table)";
$r = db_prepared_fetch_all($sql);
foreach($r as $row) {
foreach ($r as $row) {
if ($row[1] == $field) {
return true;
}
@ -119,7 +119,7 @@ function printdebug($text) {
$table = table_by_key('config');
if ($CONF['database_type'] == 'pgsql') {
// check if table already exists, if so, don't recreate it
if(!_pgsql_object_exists($table)) {
if (!_pgsql_object_exists($table)) {
$pgsql = "
CREATE TABLE $table (
id SERIAL,
@ -1412,11 +1412,10 @@ function upgrade_1284_mysql_pgsql() {
$result = db_prepared_fetch_all("SELECT username FROM " . table_by_key('domain_admins') . " where domain='ALL'");
foreach($result as $row) {
foreach ($result as $row) {
printdebug("Setting superadmin flag for " . $row['username']);
db_update('admin', 'username', $row['username'], array('superadmin' => db_get_boolean(true)));
}
}
function upgrade_1345_mysql() {

2
public/viewlog.php
View File

@ -67,7 +67,7 @@ if ($error != 1) {
$query = "SELECT extract(epoch from timestamp) as timestamp,username,domain,action,data FROM $table_log WHERE domain= :domain ORDER BY timestamp DESC LIMIT $page_size";
}
$result = db_prepared_fetch_all($query, array('domain' => $fDomain));
foreach($result as $row) {
foreach ($result as $row) {
if (is_array($row) && db_pgsql()) {
$row['timestamp'] = gmstrftime('%c %Z', $row['timestamp']);
}

5
tests/DbBasicTest.php
View File

@ -3,7 +3,6 @@
require_once('common.php');
class DbBasicTest extends \PHPUnit\Framework\TestCase {
private $test_domain;
public function setUp() {
@ -12,11 +11,9 @@ class DbBasicTest extends \PHPUnit\Framework\TestCase {
$this->test_domain = $test_domain;
$db->exec("DELETE FROM domain WHERE domain = '$test_domain'");
}
public function testInsertDeleteDomain() {
$domain = $this->test_domain;
$domain = $this->test_domain;
$username = 'testusername' . uniqid();