mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Avoid creation of variables just to put the table names with prefix

This commit is contained in:
Aldo "xoen" Giambelluca 2010-07-04 11:32:39 +02:00
parent f3627a756e
commit 76672fe037
5 changed files with 45 additions and 70 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
inc/HTTP/WebDAV/Server/Filesystem.php
View File

@ -151,7 +151,6 @@
function fileinfo($path) function fileinfo($path)
{ {
global $CONFIG_DBTABLEPREFIX; global $CONFIG_DBTABLEPREFIX;
$dbTableProperties = $CONFIG_DBTABLEPREFIX . 'properties';
// map URI path to filesystem path // map URI path to filesystem path
$fspath =$path; $fspath =$path;
@ -186,7 +185,7 @@
$info["props"][] = $this->mkprop("getcontentlength", OC_FILESYSTEM::filesize($fspath)); $info["props"][] = $this->mkprop("getcontentlength", OC_FILESYSTEM::filesize($fspath));
} }
// get additional properties from database // get additional properties from database
$query = "SELECT ns, name, value FROM $dbTableProperties WHERE path = '$path'"; $query = "SELECT ns, name, value FROM {$CONFIG_DBTABLEPREFIX}properties WHERE path = '$path'";
$res = OC_DB::select($query); $res = OC_DB::select($query);
while ($row = $res[0]) { while ($row = $res[0]) {
$info["props"][] = $this->mkprop($row["ns"], $row["name"], $row["value"]); $info["props"][] = $this->mkprop($row["ns"], $row["name"], $row["value"]);
@ -396,7 +395,6 @@
function DELETE($options) function DELETE($options)
{ {
global $CONFIG_DBTABLEPREFIX; global $CONFIG_DBTABLEPREFIX;
$dbTableProperties = $CONFIG_DBTABLEPREFIX . 'properties';
$path =$options["path"]; $path =$options["path"];
if (!OC_FILESYSTEM::file_exists($path)) { if (!OC_FILESYSTEM::file_exists($path)) {
@ -404,13 +402,13 @@
} }
if (OC_FILESYSTEM::is_dir($path)) { if (OC_FILESYSTEM::is_dir($path)) {
$query = "DELETE FROM $dbTableProperties WHERE path LIKE '".$this->_slashify($options["path"])."%'"; $query = "DELETE FROM {$CONFIG_DBTABLEPREFIX}properties WHERE path LIKE '".$this->_slashify($options["path"])."%'";
OC_DB::query($query); OC_DB::query($query);
OC_FILESYSTEM::delTree($path); OC_FILESYSTEM::delTree($path);
} else { } else {
OC_FILESYSTEM::unlink($path); OC_FILESYSTEM::unlink($path);
} }
$query = "DELETE FROM $dbTableProperties WHERE path = '$options[path]'"; $query = "DELETE FROM {$CONFIG_DBTABLEPREFIX}properties WHERE path = '$options[path]'";
OC_DB::query($query); OC_DB::query($query);
return "204 No Content"; return "204 No Content";
@ -438,7 +436,6 @@
{ {
// TODO Property updates still broken (Litmus should detect this?) // TODO Property updates still broken (Litmus should detect this?)
global $CONFIG_DBTABLEPREFIX; global $CONFIG_DBTABLEPREFIX;
$dbTableProperties = $CONFIG_DBTABLEPREFIX . 'properties';
if (!empty($this->_SERVER["CONTENT_LENGTH"])) { // no body parsing yet if (!empty($this->_SERVER["CONTENT_LENGTH"])) { // no body parsing yet
return "415 Unsupported media type"; return "415 Unsupported media type";
@ -514,13 +511,13 @@
} }
$destpath = $this->_unslashify($options["dest"]); $destpath = $this->_unslashify($options["dest"]);
if (is_dir($source)) { if (is_dir($source)) {
$query = "UPDATE $dbTableProperties $query = "UPDATE {$CONFIG_DBTABLEPREFIX}properties
SET path = REPLACE(path, '".$options["path"]."', '".$destpath."') SET path = REPLACE(path, '".$options["path"]."', '".$destpath."')
WHERE path LIKE '".$this->_slashify($options["path"])."%'"; WHERE path LIKE '".$this->_slashify($options["path"])."%'";
OC_DB::query($query); OC_DB::query($query);
} }
$query = "UPDATE $dbTableProperties $query = "UPDATE {$CONFIG_DBTABLEPREFIX}properties
SET path = '".$destpath."' SET path = '".$destpath."'
WHERE path = '".$options["path"]."'"; WHERE path = '".$options["path"]."'";
OC_DB::query($query); OC_DB::query($query);
@ -561,7 +558,7 @@
} }
} }
$query = "INSERT INTO $dbTableProperties SELECT * FROM properties WHERE path = '".$options['path']."'"; $query = "INSERT INTO {$CONFIG_DBTABLEPREFIX}properties SELECT * FROM {$CONFIG_DBTABLEPREFIX}properties WHERE path = '".$options['path']."'";
} }
return ($new && !$existing_col) ? "201 Created" : "204 No Content"; return ($new && !$existing_col) ? "201 Created" : "204 No Content";
@ -578,8 +575,6 @@
global $prefs, $tab; global $prefs, $tab;
global $CONFIG_DBTABLEPREFIX; global $CONFIG_DBTABLEPREFIX;
$dbTableProperties = $CONFIG_DBTABLEPREFIX . 'properties';
$msg = ""; $msg = "";
$path = $options["path"]; $path = $options["path"];
$dir = dirname($path)."/"; $dir = dirname($path)."/";
@ -590,10 +585,10 @@
$options["props"][$key]['status'] = "403 Forbidden"; $options["props"][$key]['status'] = "403 Forbidden";
} else { } else {
if (isset($prop["val"])) { if (isset($prop["val"])) {
$query = "REPLACE INTO $dbTableProperties SET path = '$options[path]', name = '$prop[name]', ns= '$prop[ns]', value = '$prop[val]'"; $query = "REPLACE INTO {$CONFIG_DBTABLEPREFIX}properties SET path = '$options[path]', name = '$prop[name]', ns= '$prop[ns]', value = '$prop[val]'";
error_log($query); error_log($query);
} else { } else {
$query = "DELETE FROM $dbTableProperties WHERE path = '$options[path]' AND name = '$prop[name]' AND ns = '$prop[ns]'"; $query = "DELETE FROM {$CONFIG_DBTABLEPREFIX}properties WHERE path = '$options[path]' AND name = '$prop[name]' AND ns = '$prop[ns]'";
} }
OC_DB::query($query); OC_DB::query($query);
} }
@ -612,7 +607,7 @@
function LOCK(&$options) function LOCK(&$options)
{ {
global $CONFIG_DBTABLEPREFIX; global $CONFIG_DBTABLEPREFIX;
$dbTableLocks = $CONFIG_DBTABLEPREFIX . 'locks';
// get absolute fs path to requested resource // get absolute fs path to requested resource
$fspath = $options["path"]; $fspath = $options["path"];
@ -627,13 +622,13 @@
if (isset($options["update"])) { // Lock Update if (isset($options["update"])) { // Lock Update
$where = "WHERE path = '$options[path]' AND token = '$options[update]'"; $where = "WHERE path = '$options[path]' AND token = '$options[update]'";
$query = "SELECT owner, exclusivelock FROM $dbTableLocks $where"; $query = "SELECT owner, exclusivelock FROM {$CONFIG_DBTABLEPREFIX}locks $where";
$res = OC_DB::query($query); $res = OC_DB::query($query);
$row = OC_DB::fetch_assoc($res); $row = OC_DB::fetch_assoc($res);
OC_DB::free_result($res); OC_DB::free_result($res);
if (is_array($row)) { if (is_array($row)) {
$query = "UPDATE `$dbTableLocks` SET `expires` = '$options[timeout]', `modified` = ".time()." $where"; $query = "UPDATE `{$CONFIG_DBTABLEPREFIX}locks` SET `expires` = '$options[timeout]', `modified` = ".time()." $where";
OC_DB::query($query); OC_DB::query($query);
$options['owner'] = $row['owner']; $options['owner'] = $row['owner'];
@ -646,7 +641,7 @@
} }
} }
$query = "INSERT INTO `$dbTableLocks` $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}locks`
SET `token` = '$options[locktoken]' SET `token` = '$options[locktoken]'
, `path` = '$options[path]' , `path` = '$options[path]'
, `created` = ".time()." , `created` = ".time()."
@ -669,8 +664,7 @@
function UNLOCK(&$options) function UNLOCK(&$options)
{ {
global $CONFIG_DBTABLEPREFIX; global $CONFIG_DBTABLEPREFIX;
$dbTableLocks = $CONFIG_DBTABLEPREFIX . 'locks'; $query = "DELETE FROM {$CONFIG_DBTABLEPREFIX}locks
$query = "DELETE FROM $dbTableLocks
WHERE path = '$options[path]' WHERE path = '$options[path]'
AND token = '$options[token]'"; AND token = '$options[token]'";
OC_DB::query($query); OC_DB::query($query);
@ -687,10 +681,10 @@
function checkLock($path) function checkLock($path)
{ {
global $CONFIG_DBTABLEPREFIX; global $CONFIG_DBTABLEPREFIX;
$dbTableLocks = $CONFIG_DBTABLEPREFIX . 'locks';
$result = false; $result = false;
$query = "SELECT * $query = "SELECT *
FROM $dbTableLocks FROM {$CONFIG_DBTABLEPREFIX}locks
WHERE path = '$path' WHERE path = '$path'
"; ";
$res = OC_DB::select($query); $res = OC_DB::select($query);

30
inc/lib_config.php
View File

@ -282,14 +282,8 @@ class OC_CONFIG{
global $CONFIG_DBTYPE; global $CONFIG_DBTYPE;
global $CONFIG_DBTABLEPREFIX; global $CONFIG_DBTABLEPREFIX;
$dbTableLocks = $CONFIG_DBTABLEPREFIX . 'locks';
$dbTableLog = $CONFIG_DBTABLEPREFIX . 'log';
$dbTableProperties = $CONFIG_DBTABLEPREFIX . 'properties';
$dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users';
$dbTableGroups = $CONFIG_DBTABLEPREFIX . 'groups';
$dbTableUserGroup = $CONFIG_DBTABLEPREFIX . 'user_group';
if($CONFIG_DBTYPE=='sqlite'){ if($CONFIG_DBTYPE=='sqlite'){
$query="CREATE TABLE '$dbTableLocks' ( $query="CREATE TABLE '{$CONFIG_DBTABLEPREFIX}locks' (
'token' VARCHAR(255) NOT NULL DEFAULT '', 'token' VARCHAR(255) NOT NULL DEFAULT '',
'path' varchar(200) NOT NULL DEFAULT '', 'path' varchar(200) NOT NULL DEFAULT '',
'created' int(11) NOT NULL DEFAULT '0', 'created' int(11) NOT NULL DEFAULT '0',
@ -303,7 +297,7 @@ class OC_CONFIG{
UNIQUE ('token') UNIQUE ('token')
); );
CREATE TABLE '$dbTableLog' ( CREATE TABLE '{$CONFIG_DBTABLEPREFIX}log' (
`id` INTEGER ASC DEFAULT '' NOT NULL, `id` INTEGER ASC DEFAULT '' NOT NULL,
'timestamp' int(11) NOT NULL, 'timestamp' int(11) NOT NULL,
'user' varchar(250) NOT NULL, 'user' varchar(250) NOT NULL,
@ -313,7 +307,7 @@ CREATE TABLE '$dbTableLog' (
); );
CREATE TABLE '$dbTableProperties' ( CREATE TABLE '{$CONFIG_DBTABLEPREFIX}properties' (
'path' varchar(255) NOT NULL DEFAULT '', 'path' varchar(255) NOT NULL DEFAULT '',
'name' varchar(120) NOT NULL DEFAULT '', 'name' varchar(120) NOT NULL DEFAULT '',
'ns' varchar(120) NOT NULL DEFAULT 'DAV:', 'ns' varchar(120) NOT NULL DEFAULT 'DAV:',
@ -321,7 +315,7 @@ CREATE TABLE '$dbTableProperties' (
PRIMARY KEY ('path','name','ns') PRIMARY KEY ('path','name','ns')
); );
CREATE TABLE '$dbTableUsers' ( CREATE TABLE '{$CONFIG_DBTABLEPREFIX}users' (
'user_id' INTEGER ASC DEFAULT '', 'user_id' INTEGER ASC DEFAULT '',
'user_name' varchar(64) NOT NULL DEFAULT '', 'user_name' varchar(64) NOT NULL DEFAULT '',
'user_name_clean' varchar(64) NOT NULL DEFAULT '', 'user_name_clean' varchar(64) NOT NULL DEFAULT '',
@ -330,14 +324,14 @@ CREATE TABLE '$dbTableUsers' (
UNIQUE ('user_name' ,'user_name_clean') UNIQUE ('user_name' ,'user_name_clean')
); );
CREATE TABLE '$dbTableGroups' ( CREATE TABLE '{$CONFIG_DBTABLEPREFIX}groups' (
'group_id' INTEGER ASC DEFAULT '', 'group_id' INTEGER ASC DEFAULT '',
'group_name' VARCHAR( 64 ) NOT NULL DEFAULT '', 'group_name' VARCHAR( 64 ) NOT NULL DEFAULT '',
PRIMARY KEY ('group_id'), PRIMARY KEY ('group_id'),
UNIQUE ('group_name') UNIQUE ('group_name')
); );
CREATE TABLE '$dbTableUserGroup' ( CREATE TABLE '{$CONFIG_DBTABLEPREFIX}user_group' (
'user_group_id' INTEGER ASC DEFAULT '', 'user_group_id' INTEGER ASC DEFAULT '',
'user_id' VARCHAR( 64 ) NOT NULL DEFAULT '', 'user_id' VARCHAR( 64 ) NOT NULL DEFAULT '',
'group_id' VARCHAR( 64 ) NOT NULL DEFAULT '', 'group_id' VARCHAR( 64 ) NOT NULL DEFAULT '',
@ -345,7 +339,7 @@ PRIMARY KEY ('user_group_id')
) )
"; ";
}elseif($CONFIG_DBTYPE=='mysql'){ }elseif($CONFIG_DBTYPE=='mysql'){
$query="CREATE TABLE IF NOT EXISTS `$dbTableLocks` ( $query="CREATE TABLE IF NOT EXISTS `{$CONFIG_DBTABLEPREFIX}locks` (
`token` varchar(255) NOT NULL DEFAULT '', `token` varchar(255) NOT NULL DEFAULT '',
`path` varchar(200) NOT NULL DEFAULT '', `path` varchar(200) NOT NULL DEFAULT '',
`created` int(11) NOT NULL DEFAULT '0', `created` int(11) NOT NULL DEFAULT '0',
@ -363,7 +357,7 @@ PRIMARY KEY ('user_group_id')
KEY `expires` (`expires`) KEY `expires` (`expires`)
); );
CREATE TABLE IF NOT EXISTS `$dbTableLog` ( CREATE TABLE IF NOT EXISTS `{$CONFIG_DBTABLEPREFIX}log` (
`id` int(11) NOT NULL AUTO_INCREMENT, `id` int(11) NOT NULL AUTO_INCREMENT,
`timestamp` int(11) NOT NULL, `timestamp` int(11) NOT NULL,
`user` varchar(250) NOT NULL, `user` varchar(250) NOT NULL,
@ -373,7 +367,7 @@ CREATE TABLE IF NOT EXISTS `$dbTableLog` (
); );
CREATE TABLE IF NOT EXISTS `$dbTableProperties` ( CREATE TABLE IF NOT EXISTS `{$CONFIG_DBTABLEPREFIX}properties` (
`path` varchar(255) NOT NULL DEFAULT '', `path` varchar(255) NOT NULL DEFAULT '',
`name` varchar(120) NOT NULL DEFAULT '', `name` varchar(120) NOT NULL DEFAULT '',
`ns` varchar(120) NOT NULL DEFAULT 'DAV:', `ns` varchar(120) NOT NULL DEFAULT 'DAV:',
@ -382,7 +376,7 @@ CREATE TABLE IF NOT EXISTS `$dbTableProperties` (
KEY `path` (`path`) KEY `path` (`path`)
); );
CREATE TABLE IF NOT EXISTS `$dbTableUsers` ( CREATE TABLE IF NOT EXISTS `{$CONFIG_DBTABLEPREFIX}users` (
`user_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY , `user_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`user_name` VARCHAR( 64 ) NOT NULL , `user_name` VARCHAR( 64 ) NOT NULL ,
`user_name_clean` VARCHAR( 64 ) NOT NULL , `user_name_clean` VARCHAR( 64 ) NOT NULL ,
@ -393,7 +387,7 @@ UNIQUE (
) )
); );
CREATE TABLE IF NOT EXISTS `$dbTableGroups` ( CREATE TABLE IF NOT EXISTS `{$CONFIG_DBTABLEPREFIX}groups` (
`group_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY , `group_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`group_name` VARCHAR( 64 ) NOT NULL , `group_name` VARCHAR( 64 ) NOT NULL ,
UNIQUE ( UNIQUE (
@ -401,7 +395,7 @@ UNIQUE (
) )
); );
CREATE TABLE IF NOT EXISTS `$dbTableUserGroup` ( CREATE TABLE IF NOT EXISTS `{$CONFIG_DBTABLEPREFIX}user_group` (
`user_group_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY , `user_group_id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY ,
`user_id` VARCHAR( 64 ) NOT NULL , `user_id` VARCHAR( 64 ) NOT NULL ,
`group_id` VARCHAR( 64 ) NOT NULL `group_id` VARCHAR( 64 ) NOT NULL

9
inc/lib_log.php
View File

@ -49,8 +49,8 @@ class OC_LOG {
*/ */
public static function event($user, $type, $message){ public static function event($user, $type, $message){
global $CONFIG_DBTABLEPREFIX; global $CONFIG_DBTABLEPREFIX;
$dbTableLog = $CONFIG_DBTABLEPREFIX . 'log';
$query = 'insert into ' . $dbTableLog . ' (timestamp,user,type,message) values $query = 'insert into ' . $CONFIG_DBTABLEPREFIX . 'log (timestamp,user,type,message) values
("' . time() . '","' . addslashes($user) . '","' . addslashes($type) . '","' . addslashes($message) . '")'; ("' . time() . '","' . addslashes($user) . '","' . addslashes($type) . '","' . addslashes($message) . '")';
$result = OC_DB::query($query); $result = OC_DB::query($query);
OC_DB::free_result($result); OC_DB::free_result($result);
@ -66,12 +66,11 @@ class OC_LOG {
global $CONFIG_DBTABLEPREFIX; global $CONFIG_DBTABLEPREFIX;
echo('<div class="center"><table cellpadding="6" cellspacing="0" border="0" class="log">'); echo('<div class="center"><table cellpadding="6" cellspacing="0" border="0" class="log">');
$dbTableLog = $CONFIG_DBTABLEPREFIX . 'log';
if(OC_USER::ingroup($_SESSION['username_clean'],'admin')){ if(OC_USER::ingroup($_SESSION['username_clean'],'admin')){
$query = "select timestamp,user,type,message from $dbTableLog order by timestamp desc limit 20"; $query = "select timestamp,user,type,message from {$CONFIG_DBTABLEPREFIX}log order by timestamp desc limit 20";
}else{ }else{
$user = $_SESSION['username_clean']; $user = $_SESSION['username_clean'];
$query = "select timestamp,user,type,message from $dbTableLog where user='$user' order by timestamp desc limit 20"; $query = "select timestamp,user,type,message from {$CONFIG_DBTABLEPREFIX}log where user='$user' order by timestamp desc limit 20";
} }
$result = OC_DB::select($query); $result = OC_DB::select($query);
foreach($result as $entry){ foreach($result as $entry){

5
inc/lib_ocs.php
View File

@ -374,15 +374,14 @@ class OC_OCS {
private static function activityget($format,$page,$pagesize) { private static function activityget($format,$page,$pagesize) {
global $CONFIG_DBTABLEPREFIX; global $CONFIG_DBTABLEPREFIX;
$dbTableLog = $CONFIG_DBTABLEPREFIX . 'Log';
$user=OC_OCS::checkpassword(); $user=OC_OCS::checkpassword();
$result = OC_DB::query("select count(*) as co from $dbTableLog"); $result = OC_DB::query("select count(*) as co from {$CONFIG_DBTABLEPREFIX}log");
$entry=$result->fetchRow(); $entry=$result->fetchRow();
$totalcount=$entry['co']; $totalcount=$entry['co'];
OC_DB::free_result($result); OC_DB::free_result($result);
$result = OC_DB::select("select id,timestamp,user,type,message from $dbTableLog order by timestamp desc limit " . ($page*$pagesize) . ",$pagesize"); $result = OC_DB::select("select id,timestamp,user,type,message from {$CONFIG_DBTABLEPREFIX}log order by timestamp desc limit " . ($page*$pagesize) . ",$pagesize");
$itemscount=count($result); $itemscount=count($result);
$url='http://'.substr($_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'],0,-11).''; $url='http://'.substr($_SERVER['HTTP_HOST'].$_SERVER['SCRIPT_NAME'],0,-11).'';

33
inc/lib_user.php
View File

@ -64,8 +64,7 @@ class OC_USER {
$usernameclean=strtolower($username); $usernameclean=strtolower($username);
$username=OC_DB::escape($username); $username=OC_DB::escape($username);
$usernameclean=OC_DB::escape($usernameclean); $usernameclean=OC_DB::escape($usernameclean);
$dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; $query = "INSERT INTO `{$CONFIG_DBTABLEPREFIX}users` (`user_id` ,`user_name` ,`user_name_clean` ,`user_password`) VALUES (NULL , '$username', '$usernameclean', '$password')";
$query = "INSERT INTO `$dbTableUsers` (`user_id` ,`user_name` ,`user_name_clean` ,`user_password`) VALUES (NULL , '$username', '$usernameclean', '$password')";
$result=OC_DB::query($query); $result=OC_DB::query($query);
return ($result)?true:false; return ($result)?true:false;
} }
@ -83,8 +82,7 @@ class OC_USER {
$usernameclean=strtolower($username); $usernameclean=strtolower($username);
$username=OC_DB::escape($username); $username=OC_DB::escape($username);
$usernameclean=OC_DB::escape($usernameclean); $usernameclean=OC_DB::escape($usernameclean);
$dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; $query = "SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1";
$query = "SELECT user_id FROM $dbTableUsers WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1";
$result=OC_DB::select($query); $result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['user_id'])){ if(isset($result[0]) && isset($result[0]['user_id'])){
$_SESSION['user_id']=$result[0]['user_id']; $_SESSION['user_id']=$result[0]['user_id'];
@ -126,8 +124,7 @@ class OC_USER {
if(OC_USER::getgroupid($groupname)==0){ if(OC_USER::getgroupid($groupname)==0){
$groupname=OC_DB::escape($groupname); $groupname=OC_DB::escape($groupname);
$dbTableGroups = $CONFIG_DBTABLEPREFIX . 'groups'; $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}groups` (`group_id` ,`group_name`) VALUES (NULL , '$groupname')";
$query="INSERT INTO `$dbTableGroups` (`group_id` ,`group_name`) VALUES (NULL , '$groupname')";
$result=OC_DB::query($query); $result=OC_DB::query($query);
return ($result)?true:false; return ($result)?true:false;
}else{ }else{
@ -145,8 +142,7 @@ class OC_USER {
$usernameclean=strtolower($username); $usernameclean=strtolower($username);
$username=OC_DB::escape($username); $username=OC_DB::escape($username);
$usernameclean=OC_DB::escape($usernameclean); $usernameclean=OC_DB::escape($usernameclean);
$dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; $query="SELECT user_id FROM {$CONFIG_DBTABLEPREFIX}users WHERE user_name_clean = '$usernameclean'";
$query="SELECT user_id FROM $dbTableUsers WHERE user_name_clean = '$usernameclean'";
$result=OC_DB::select($query); $result=OC_DB::select($query);
if(!is_array($result)){ if(!is_array($result)){
return 0; return 0;
@ -166,8 +162,7 @@ class OC_USER {
global $CONFIG_DBTABLEPREFIX; global $CONFIG_DBTABLEPREFIX;
$groupname=OC_DB::escape($groupname); $groupname=OC_DB::escape($groupname);
$dbTableGroups = $CONFIG_DBTABLEPREFIX . 'groups'; $query="SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_name = '$groupname'";
$query="SELECT group_id FROM $dbTableGroups WHERE group_name = '$groupname'";
$result=OC_DB::select($query); $result=OC_DB::select($query);
if(!is_array($result)){ if(!is_array($result)){
return 0; return 0;
@ -187,8 +182,7 @@ class OC_USER {
global $CONFIG_DBTABLEPREFIX; global $CONFIG_DBTABLEPREFIX;
$groupid=(integer)$groupid; $groupid=(integer)$groupid;
$dbTableGroups = $CONFIG_DBTABLEPREFIX . 'groups'; $query="SELECT group_name FROM {$CONFIG_DBTABLEPREFIX}groups WHERE group_id = '$groupid' LIMIT 1";
$query="SELECT group_name FROM $dbTableGroups WHERE group_id = '$groupid' LIMIT 1";
$result=OC_DB::select($query); $result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['group_name'])){ if(isset($result[0]) && isset($result[0]['group_name'])){
return $result[0]['group_name']; return $result[0]['group_name'];
@ -207,8 +201,7 @@ class OC_USER {
$userid=OC_USER::getuserid($username); $userid=OC_USER::getuserid($username);
$groupid=OC_USER::getgroupid($groupname); $groupid=OC_USER::getgroupid($groupname);
if($groupid>0 and $userid>0){ if($groupid>0 and $userid>0){
$dbTableUserGroup = $CONFIG_DBTABLEPREFIX . 'user_group'; $query="SELECT user_group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE group_id = $groupid AND user_id = $userid LIMIT 1";
$query="SELECT user_group_id FROM $dbTableUserGroup WHERE group_id = $groupid AND user_id = $userid LIMIT 1";
$result=OC_DB::select($query); $result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['user_group_id'])){ if(isset($result[0]) && isset($result[0]['user_group_id'])){
return true; return true;
@ -231,8 +224,7 @@ class OC_USER {
$userid=OC_USER::getuserid($username); $userid=OC_USER::getuserid($username);
$groupid=OC_USER::getgroupid($groupname); $groupid=OC_USER::getgroupid($groupname);
if($groupid!=0 and $userid!=0){ if($groupid!=0 and $userid!=0){
$dbTableUserGroup = $CONFIG_DBTABLEPREFIX . 'user_group'; $query="INSERT INTO `{$CONFIG_DBTABLEPREFIX}user_group` (`user_group_id` ,`user_id` ,`group_id`) VALUES (NULL , '$userid', '$groupid');";
$query="INSERT INTO `$dbTableUserGroup` (`user_group_id` ,`user_id` ,`group_id`) VALUES (NULL , '$userid', '$groupid');";
$result=OC_DB::query($query); $result=OC_DB::query($query);
if($result){ if($result){
return true; return true;
@ -259,8 +251,7 @@ class OC_USER {
global $CONFIG_DBTABLEPREFIX; global $CONFIG_DBTABLEPREFIX;
$userid=OC_USER::getuserid($username); $userid=OC_USER::getuserid($username);
$dbTableUserGroup = $CONFIG_DBTABLEPREFIX . 'user_group'; $query = "SELECT group_id FROM {$CONFIG_DBTABLEPREFIX}user_group WHERE user_id = '$userid'";
$query = "SELECT group_id FROM $dbTableUserGroup WHERE user_id = '$userid'";
$result=OC_DB::select($query); $result=OC_DB::select($query);
$groups=array(); $groups=array();
if(is_array($result)){ if(is_array($result)){
@ -281,8 +272,7 @@ class OC_USER {
$password=sha1($password); $password=sha1($password);
$userid=OC_USER::getuserid($username); $userid=OC_USER::getuserid($username);
$dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; $query = "UPDATE {$CONFIG_DBTABLEPREFIX}users SET user_password = '$password' WHERE user_id ='$userid'";
$query = "UPDATE $dbTableUsers SET user_password = '$password' WHERE user_id ='$userid'";
$result=OC_DB::query($query); $result=OC_DB::query($query);
if($result){ if($result){
return true; return true;
@ -302,8 +292,7 @@ class OC_USER {
$usernameclean=strtolower($username); $usernameclean=strtolower($username);
$username=OC_DB::escape($username); $username=OC_DB::escape($username);
$usernameclean=OC_DB::escape($usernameclean); $usernameclean=OC_DB::escape($usernameclean);
$dbTableUsers = $CONFIG_DBTABLEPREFIX . 'users'; $query = "SELECT user_id FROM '{$CONFIG_DBTABLEPREFIX}users' WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1";
$query = "SELECT user_id FROM '$dbTableUsers' WHERE user_name_clean = '$usernameclean' AND user_password = '$password' LIMIT 1";
$result=OC_DB::select($query); $result=OC_DB::select($query);
if(isset($result[0]) && isset($result[0]['user_id']) && $result[0]['user_id']>0){ if(isset($result[0]) && isset($result[0]['user_id']) && $result[0]['user_id']>0){
return true; return true;