makary/phpbb
1
0
Fork 0
mirror of https://github.com/phpbb/phpbb.git synced 2025-06-29 14:48:53 +00:00
Code Issues Projects Releases Packages Wiki Activity

- CAPTCHA: removed the extra slash

Browse source 
More backup stuff

- Made some things nicer for some of the DBs
- Made postgreSQL work on non empty databases
- Made SQLite ultra fast on restore

- Properly escaped (as far as I know) the profile data fields so that one may now use reserved words as column names


git-svn-id: file:///svn/phpbb/trunk@6144 89ea8834-ac86-4346-8a33-228a782c2dd0
This commit is contained in:
David M 2006-07-04 03:54:41 +00:00
parent 5ccfc08d09
commit 6a1f1f5721
5 changed files with 113 additions and 47 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
phpBB/includes/acp/acp_captcha.php
View file

@ -71,7 +71,7 @@ class acp_captcha
$template->assign_var('GD', true); $template->assign_var('GD', true);
foreach ($policy_modules as $module_name) foreach ($policy_modules as $module_name)
{ {
$template->assign_var('U_' . strtoupper($module_name), sprintf($user->lang['CAPTCHA_EXPLAIN'], '<a href="' . append_sid("{$phpbb_root_path}/adm/index.$phpEx", 'i=captcha&amp;mode=img&amp;policy=' . $module_name) . '" target="_blank">', '</a>')); $template->assign_var('U_' . strtoupper($module_name), sprintf($user->lang['CAPTCHA_EXPLAIN'], '<a href="' . append_sid("{$phpbb_root_path}adm/index.$phpEx", 'i=captcha&amp;mode=img&amp;policy=' . $module_name) . '" target="_blank">', '</a>'));
} }
if (function_exists('imagettfbbox') && function_exists('imagettftext')) if (function_exists('imagettfbbox') && function_exists('imagettftext'))
{ {

92
phpBB/includes/acp/acp_database.php
View file

@ -366,7 +366,7 @@ class acp_database
// and grope around for things that remind us of datatypes... // and grope around for things that remind us of datatypes...
if (version_compare(phpversion(), '5.1.3', '>=')) if (version_compare(phpversion(), '5.1.3', '>='))
{ {
$col_types = sqlite_fetch_column_types($table_name, $db->db_connect_id); $col_types = sqlite_fetch_column_types($db->db_connect_id, $table_name);
} }
else else
{ {
@ -399,7 +399,7 @@ class acp_database
// Unbueffered query and the foreach make this ultra fast, we wait for nothing. // Unbueffered query and the foreach make this ultra fast, we wait for nothing.
$sql = "SELECT * $sql = "SELECT *
FROM $table_name"; FROM $table_name";
$result = sqlite_unbuffered_query($sql, $db->db_connect_id); $result = sqlite_unbuffered_query($db->db_connect_id, $sql);
$rows = sqlite_fetch_all($result, SQLITE_ASSOC); $rows = sqlite_fetch_all($result, SQLITE_ASSOC);
foreach ($rows as $row) foreach ($rows as $row)
@ -471,12 +471,12 @@ class acp_database
FROM pg_attrdef d, pg_class c FROM pg_attrdef d, pg_class c
WHERE (c.relname = '{$table_name}') WHERE (c.relname = '{$table_name}')
AND (c.oid = d.adrelid) AND (c.oid = d.adrelid)
AND d.adnum = " . strval($i+1); AND d.adnum = " . strval($i + 1);
$result2 = $db->sql_query($sql); $result2 = $db->sql_query($sql);
if ($row = $db->sql_fetchrow($result2)) if ($row = $db->sql_fetchrow($result2))
{ {
// Determine if we must reset the sequences // Determine if we must reset the sequences
if (strpos($row['rowdefault'], 'nextval(\'') === 0) if (strpos($row['rowdefault'], "nextval('") === 0)
{ {
$seq .= "SELECT SETVAL('{$table_name}_seq',(select case when max({$ary_name[$i]})>0 then max({$ary_name[$i]})+1 else 1 end FROM {$table_name}));\n"; $seq .= "SELECT SETVAL('{$table_name}_seq',(select case when max({$ary_name[$i]})>0 then max({$ary_name[$i]})+1 else 1 end FROM {$table_name}));\n";
} }
@ -526,7 +526,7 @@ class acp_database
// Take the ordered fields and their associated data and build it // Take the ordered fields and their associated data and build it
// into a valid sql statement to recreate that field in the data. // into a valid sql statement to recreate that field in the data.
$sql_data .= "INSERT INTO $table_name (" . implode(', ', $schema_fields) . ') VALUES(' . implode(', ', $schema_vals) . ");\n"; $sql_data .= "INSERT INTO $table_name (" . implode(', ', $schema_fields) . ') VALUES (' . implode(', ', $schema_vals) . ");\n";
if ($store == true) if ($store == true)
{ {
@ -647,7 +647,7 @@ class acp_database
// Take the ordered fields and their associated data and build it // Take the ordered fields and their associated data and build it
// into a valid sql statement to recreate that field in the data. // into a valid sql statement to recreate that field in the data.
$sql_data .= "INSERT INTO $table_name (" . implode(', ', $schema_fields) . ') VALUES(' . implode(', ', $schema_vals) . ");\n"; $sql_data .= "INSERT INTO $table_name (" . implode(', ', $schema_fields) . ') VALUES (' . implode(', ', $schema_vals) . ");\n";
if ($store == true) if ($store == true)
{ {
@ -758,7 +758,7 @@ class acp_database
// Take the ordered fields and their associated data and build it // Take the ordered fields and their associated data and build it
// into a valid sql statement to recreate that field in the data. // into a valid sql statement to recreate that field in the data.
$sql_data .= "INSERT INTO $table_name (" . implode(', ', $schema_fields) . ') VALUES(' . implode(', ', $schema_vals) . ");\n"; $sql_data .= "INSERT INTO $table_name (" . implode(', ', $schema_fields) . ') VALUES (' . implode(', ', $schema_vals) . ");\n";
if ($store == true) if ($store == true)
{ {
@ -853,7 +853,7 @@ class acp_database
// Take the ordered fields and their associated data and build it // Take the ordered fields and their associated data and build it
// into a valid sql statement to recreate that field in the data. // into a valid sql statement to recreate that field in the data.
$sql_data .= "INSERT INTO $table_name (" . implode(', ', $schema_fields) . ') VALUES(' . implode(', ', $schema_vals) . ");\n"; $sql_data .= "INSERT INTO $table_name (" . implode(', ', $schema_fields) . ') VALUES (' . implode(', ', $schema_vals) . ");\n";
if ($store == true) if ($store == true)
{ {
@ -937,7 +937,7 @@ class acp_database
// Take the ordered fields and their associated data and build it // Take the ordered fields and their associated data and build it
// into a valid sql statement to recreate that field in the data. // into a valid sql statement to recreate that field in the data.
$sql_data .= "INSERT INTO $table_name (" . implode(', ', $schema_fields) . ') VALUES(' . implode(', ', $schema_vals) . ");\n"; $sql_data .= "INSERT INTO $table_name (" . implode(', ', $schema_fields) . ') VALUES (' . implode(', ', $schema_vals) . ");\n";
if ($store == true) if ($store == true)
{ {
@ -1037,9 +1037,9 @@ class acp_database
break; break;
case 'postgres': case 'postgres':
$sql = "SELECT relname $sql = 'SELECT relname
FROM pg_stat_user_tables FROM pg_stat_user_tables
ORDER BY relname;"; ORDER BY relname';
$result = $db->sql_query($sql); $result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) while ($row = $db->sql_fetchrow($result))
{ {
@ -1194,39 +1194,47 @@ class acp_database
{ {
// Strip out sql comments... // Strip out sql comments...
remove_remarks($data); remove_remarks($data);
switch (SQL_LAYER)
// SQLite gets improved performance when you shove all of these disk write queries at once :D
if (SQL_LAYER == 'sqlite')
{ {
case 'firebird': $db->sql_query($data);
$delim = ';;';
break;
case 'mysql':
case 'mysql4':
case 'mysqli':
case 'sqlite':
case 'postgres':
$delim = ';';
break;
case 'oracle':
$delim = '/';
break;
case 'mssql':
case 'mssql-odbc':
$delim = 'GO';
break;
} }
$pieces = split_sql_file($data, $delim); else
$sql_count = count($pieces);
for($i = 0; $i < $sql_count; $i++)
{ {
$sql = trim($pieces[$i]); switch (SQL_LAYER)
if (!empty($sql) && $sql[0] != '#')
{ {
$db->sql_query($sql); case 'firebird':
$delim = ';;';
break;
case 'mysql':
case 'mysql4':
case 'mysqli':
case 'postgres':
$delim = ';';
break;
case 'oracle':
$delim = '/';
break;
case 'mssql':
case 'mssql-odbc':
$delim = 'GO';
break;
}
$pieces = split_sql_file($data, $delim);
$sql_count = count($pieces);
for($i = 0; $i < $sql_count; $i++)
{
$sql = trim($pieces[$i]);
if (!empty($sql) && $sql[0] != '#')
{
$db->sql_query($sql);
}
} }
} }
} }
@ -1456,6 +1464,7 @@ class acp_database
// We don't even care about storing the results. We already know the answer if we get rows back. // We don't even care about storing the results. We already know the answer if we get rows back.
if ($db->sql_fetchrow($result)) if ($db->sql_fetchrow($result))
{ {
$sql_data .= "DROP SEQUENCE {$table_name}_seq;\n";
$sql_data .= "CREATE SEQUENCE {$table_name}_seq;\n"; $sql_data .= "CREATE SEQUENCE {$table_name}_seq;\n";
} }
$db->sql_freeresult($result); $db->sql_freeresult($result);
@ -1539,7 +1548,8 @@ class acp_database
AND (bc.relname = '" . $db->sql_escape($table_name) . "') AND (bc.relname = '" . $db->sql_escape($table_name) . "')
AND (ta.attrelid = i.indrelid) AND (ta.attrelid = i.indrelid)
AND (ta.attnum = i.indkey[ia.attnum-1]) AND (ta.attnum = i.indkey[ia.attnum-1])
ORDER BY index_name, tab_name, column_name "; ORDER BY index_name, tab_name, column_name";
$result = $db->sql_query($sql_pri_keys); $result = $db->sql_query($sql_pri_keys);
$index_create = $index_rows = $primary_key = array(); $index_create = $index_rows = $primary_key = array();

10
phpBB/includes/acp/acp_profile.php
View file

@ -1049,7 +1049,7 @@ class acp_profile
} }
else else
{ {
$sql = 'ALTER TABLE ' . PROFILE_FIELDS_DATA_TABLE . " ADD $field_ident $type"; $sql = 'ALTER TABLE ' . PROFILE_FIELDS_DATA_TABLE . " ADD $field_ident [$type]";
} }
@ -1059,7 +1059,7 @@ class acp_profile
case 'mssql_odbc': case 'mssql_odbc':
// We are defining the biggest common value, because of the possibility to edit the min/max values of each field. // We are defining the biggest common value, because of the possibility to edit the min/max values of each field.
$sql = 'ALTER TABLE [' . PROFILE_FIELDS_DATA_TABLE . "] ADD $field_ident "; $sql = 'ALTER TABLE [' . PROFILE_FIELDS_DATA_TABLE . "] ADD [$field_ident] ";
switch ($field_type) switch ($field_type)
{ {
@ -1092,7 +1092,7 @@ class acp_profile
case 'postgres': case 'postgres':
// We are defining the biggest common value, because of the possibility to edit the min/max values of each field. // We are defining the biggest common value, because of the possibility to edit the min/max values of each field.
$sql = 'ALTER TABLE ' . PROFILE_FIELDS_DATA_TABLE . " ADD COLUMN $field_ident "; $sql = 'ALTER TABLE ' . PROFILE_FIELDS_DATA_TABLE . " ADD COLUMN \"$field_ident\" ";
switch ($field_type) switch ($field_type)
{ {
@ -1128,7 +1128,7 @@ class acp_profile
case 'firebird': case 'firebird':
// We are defining the biggest common value, because of the possibility to edit the min/max values of each field. // We are defining the biggest common value, because of the possibility to edit the min/max values of each field.
$sql = 'ALTER TABLE ' . PROFILE_FIELDS_DATA_TABLE . " ADD $field_ident "; $sql = 'ALTER TABLE ' . PROFILE_FIELDS_DATA_TABLE . " ADD \"$field_ident\" ";
switch ($field_type) switch ($field_type)
{ {
@ -1161,7 +1161,7 @@ class acp_profile
case 'oracle': case 'oracle':
// We are defining the biggest common value, because of the possibility to edit the min/max values of each field. // We are defining the biggest common value, because of the possibility to edit the min/max values of each field.
$sql = 'ALTER TABLE ' . PROFILE_FIELDS_DATA_TABLE . " ADD $field_ident "; $sql = 'ALTER TABLE ' . PROFILE_FIELDS_DATA_TABLE . " ADD \"$field_ident\" ";
switch ($field_type) switch ($field_type)
{ {
case FIELD_STRING: case FIELD_STRING:

28
phpBB/includes/acp/acp_users.php
View file

@ -971,6 +971,34 @@ class acp_users
// Update Custom Fields // Update Custom Fields
if (sizeof($cp_data)) if (sizeof($cp_data))
{ {
switch (SQL_LAYER)
{
case 'oracle':
case 'firebird':
case 'postgres':
$right_delim = $left_delim = '"';
break;
case 'sqlite':
case 'mssql':
case 'mssql_odbc':
$right_delim = ']';
$left_delim = '[';
break;
case 'mysql':
case 'mysql4':
case 'mysqli':
$right_delim = $left_delim = '`';
break;
}
foreach ($cp_data as $key => $value)
{
$cp_data[$right_delim . $key . $left_delim] = $value;
unset($cp_data[$key]);
}
$sql = 'UPDATE ' . PROFILE_FIELDS_DATA_TABLE . ' $sql = 'UPDATE ' . PROFILE_FIELDS_DATA_TABLE . '
SET ' . $db->sql_build_array('UPDATE', $cp_data) . " SET ' . $db->sql_build_array('UPDATE', $cp_data) . "
WHERE user_id = $user_id"; WHERE user_id = $user_id";

28
phpBB/includes/functions_user.php
View file

@ -219,6 +219,34 @@ function user_add($user_row, $cp_data = false)
{ {
$cp_data['user_id'] = (int) $user_id; $cp_data['user_id'] = (int) $user_id;
switch (SQL_LAYER)
{
case 'oracle':
case 'firebird':
case 'postgres':
$right_delim = $left_delim = '"';
break;
case 'sqlite':
case 'mssql':
case 'mssql_odbc':
$right_delim = ']';
$left_delim = '[';
break;
case 'mysql':
case 'mysql4':
case 'mysqli':
$right_delim = $left_delim = '`';
break;
}
foreach ($cp_data as $key => $value)
{
$cp_data[$right_delim . $key . $left_delim] = $value;
unset($cp_data[$key]);
}
if (!class_exists('custom_profile')) if (!class_exists('custom_profile'))
{ {
include_once($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx); include_once($phpbb_root_path . 'includes/functions_profile_fields.' . $phpEx);