Beispiel #1
0
function updateDBConnection(DB_Connection $conn)
{
    global $config_db, $user;
    if ($conn->validateKey()) {
        if (checkDBConnectionTable()) {
            $sql = "UPDATE db_connections SET " . "Name = '" . $conn->getName() . "', " . "Desc = '" . $conn->getDesc() . "', " . "Server = '" . $conn->getServer() . "', " . "User = '******', " . "Password = '******', " . "Schema = '" . $conn->getSchema() . "', " . "Type = " . $conn->getType() . ", " . "updateDate = '" . date("Y-m-d") . "', " . "updatedBy = '" . $user->getEmail() . "'" . " WHERE id = " . $conn->getID();
            // Execute SQL
            $config_db->exec($sql);
            // Reload Database Connections
            loadDBConnections();
        }
    }
}
Beispiel #2
0
/**
 * Function to test API Keys against Users
 * @global API_Settings $api
 * @param string $api_key
 * @return boolean
 */
function testAPIKey($api_key)
{
    global $api, $db_conn;
    // Check if we need to test the API Key
    if ($api->getUseAPIKey() == false) {
        return true;
    }
    // Process 'public' as API Key
    if (strtolower($api_key) == 'public') {
        return true;
    }
    // Get Connection Details
    $conn = new DB_Connection();
    $set = false;
    foreach ($db_conn as $conn) {
        if (strtolower($conn->getName()) == strtolower($api->getAPIKeyConnection())) {
            $set = true;
            break;
        }
    }
    // Error message if $conn is not set
    if ($set != true) {
        die("Cannot find the connection '{$api->getAPIKeyConnection()}'");
    }
    // Validate API Key
    $_sql = "select {$api->getAPIKeyField()} " . "from {$conn->getSchema(false)}.{$api->getAPIKeyTable()} " . "where {$api->getAPIKeyField()} = '{$api_key}'";
    try {
        switch ($conn->getType()) {
            case 0:
                // SQLite
                $_db = new PDO("sqlite:" . $conn->getServer(false));
                $_sql = "select {$api->getAPIKeyField()} " . "from {$api->getAPIKeyTable()} " . "where {$api->getAPIKeyField()} = '{$api_key}'";
                break;
            case 1:
                // MySQL
                $_db = new PDO("mysql:host=" . $conn->getServer(false) . ";dbname=" . $conn->getSchema(false), $conn->getUser(false), $conn->getPassword(false));
                break;
            case 2:
                // PostgreSQL
                $_db = new PDO("pgsql:host=" . $conn->getServer(false) . ";dbname=" . $conn->getSchema(false), $conn->getUser(false), $conn->getPassword(false));
                break;
            case 3:
                // Oracle
                $_db = new PDO("oci:dbname=" . $conn->getServer(false), $conn->getUser(false), $password);
                break;
            case 4:
                // Microsoft SQL
                $_db = new PDO("sqlsrv:Server=" . $conn->getServer(false) . ";Database=" . $conn->getSchema(false), $conn->getUser(false), $conn->getPassword(false));
                break;
        }
        $_db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
        // Get Response
        $dbRes = $_db->query($_sql);
        $iRes = 0;
        foreach ($dbRes as $row) {
            // Check API Key Again (incase someone used a wildcard)
            // We are only checking the first record because it should be correct
            if ($api_key == $row[0] && $iRes == 0) {
                return true;
            }
            $iRes++;
            break;
        }
    } catch (PDOException $ex) {
        showMessage($_sql);
        // Print PDOException message
        $res = $ex->getMessage();
        showMessage($res);
    }
    return false;
}