public static function install($data, &$fail, &$errno, &$error)
{
if (!$fail && (isset($data['action']) && $data['action'] == 'update' || isset($data['DB']['db_user_override_operator']) && $data['DB']['db_user_override_operator'] === 'override')) {
$oldName = $data['DB']['db_name'];
$data['DB']['db_name'] = null;
$sql = "DROP USER '{$data['DB']['db_user_operator']}'@'%';";
$sql2 = "DROP USER '{$data['DB']['db_user_operator']}'@'localhost';";
$result = DBRequest::request2($sql, false, $data);
$result = DBRequest::request2($sql2, false, $data);
/*if ($result["errno"] !== 0){
$fail = true; $errno = $result["errno"];$error = isset($result["error"]) ? $result["error"] : '';
}*/
$data['DB']['db_name'] = $oldName;
}
$userExists = false;
if (!$fail) {
$oldName = $data['DB']['db_name'];
$data['DB']['db_name'] = null;
$sql = "SELECT count(1) as 'exists' FROM mysql.user WHERE user = '******'DB']['db_user_operator']}';";
$result = DBRequest::request($sql, false, $data);
if ($result["errno"] !== 0 || !isset($result["content"])) {
$fail = true;
$errno = $result["errno"];
$error = isset($result["error"]) ? $result["error"] : '';
} else {
$result = DBJson::getRows($result['content']);
if (count($result) > 0 && isset($result[0]['exists']) && $result[0]['exists'] > 0) {
$userExists = true;
}
}
$data['DB']['db_name'] = $oldName;
}
if (!$fail && !$userExists) {
$oldName = $data['DB']['db_name'];
$data['DB']['db_name'] = null;
$sql = "GRANT CREATE VIEW,EXECUTE,ALTER ROUTINE,CREATE ROUTINE,SHOW VIEW,CREATE TEMPORARY TABLES,INDEX,ALTER,SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,TRIGGER " . "ON `{$oldName}`.* " . "TO '{$data['DB']['db_user_operator']}'@'%' " . "IDENTIFIED BY '{$data['DB']['db_passwd_operator']}';";
$sql .= "GRANT CREATE VIEW,EXECUTE,ALTER ROUTINE,CREATE ROUTINE,SHOW VIEW,CREATE TEMPORARY TABLES,INDEX,ALTER,SELECT,INSERT,UPDATE,DELETE,CREATE,DROP,TRIGGER " . "ON `{$oldName}`.* " . "TO '{$data['DB']['db_user_operator']}'@'localhost' " . "IDENTIFIED BY '{$data['DB']['db_passwd_operator']}';";
$result = DBRequest::request2($sql, false, $data);
if ($result[0]["errno"] !== 0 && (count($result) < 2 || $result[1]["errno"] !== 0)) {
$fail = true;
$errno = $result[0]["errno"];
$error = isset($result[0]["error"]) ? $result[0]["error"] : '';
}
$data['DB']['db_name'] = $oldName;
} elseif ($userExists) {
$fail = true;
$errno = 0;
$error = 'user already exists';
}
return null;
}
/**
* performs a database query
*
* @param string $sql_statement the sql statement you want to send
*
* @return assoc array with multiple query result informations (String[])
* - ['content'] = the content/table you received from database
* - ['affectedRows'] = the affected rows
* - ['insertId'] = on post/insert with auto-increment, the id of the inserted entry
* - ['errno'] = the error number
* - ['error'] = the error message
* - ['numRows'] = on get, the received number of rows
* - you have to check for yourself, that the records exist, with isset()
*/
public static function request($sqlStatement, $checkSession, $config = null, $useDbOperator = false)
{
if ($config === null) {
// loads the mysql server config from file
$config = parse_ini_file('config.ini', TRUE);
}
//ini_set('mysql.connect_timeout','60');
// creates a new connection to database
if (!isset($config['ZV']['zv_type']) || isset($config['ZV']['zv_type']) && $config['ZV']['zv_type'] == 'local') {
$path = strpos($config['PL']['urlExtern'], $config['DB']['db_path']) === false ? $config['DB']['db_path'] : 'localhost';
} else {
$path = $config['DB']['db_path'];
}
$dbconn = @mysql_connect($path, $config['DB']['db_user'], $config['DB']['db_passwd'], false, MYSQL_CLIENT_COMPRESS);
if (!$dbconn) {
$query_result['errno'] = mysql_errno();
$query_result['error'] = mysql_error();
return $query_result;
}
// use UTF8
mysql_query("SET NAMES 'utf8'");
// selects the database
if ($config['DB']['db_name'] !== null) {
mysql_select_db($config['DB']['db_name']);
}
// check session
///if (error_reporting() & E_NOTICE)
$checkSession = false;
// remove the comment this line to disable the session examination
// Storing whether or not a session condition is not satisfied
$sessionFail = false;
if ($checkSession === true) {
Logger::Log('starts session validation', LogLevel::DEBUG);
if (isset($_SERVER['HTTP_SESSION']) && isset($_SERVER['HTTP_USER']) && isset($_SERVER['HTTP_DATE']) && ctype_digit($_SERVER['HTTP_USER']) && (int) $_SERVER['REQUEST_TIME'] <= (int) $_SERVER['HTTP_DATE'] + 10 * 60) {
$content = mysql_query('select SE_sessionID from Session where U_id = ' . $_SERVER['HTTP_USER'], $dbconn);
// evaluates the session
$errno = mysql_errno();
if ($errno == 0 && gettype($content) != 'boolean') {
$data = DBJson::getRows($content);
if ($data != null && $data[0]['SE_sessionID'] == $_SERVER['HTTP_SESSION']) {
$sessionFail = false;
$query_result['error'] = 'access denied V';
} else {
$sessionFail = true;
$query_result['error'] = 'access denied IV';
}
} else {
$sessionFail = true;
$query_result['error'] = 'access denied III';
}
} else {
$sessionFail = true;
$query_result['error'] = "access denied II";
}
}
// if a condition is not met, the request is invalid
if ($sessionFail == true) {
$query_result['content'] = '';
$query_result['errno'] = 401;
if (!isset($query_result['error'])) {
$query_result['error'] = 'unknown access denied';
}
$query_result['numRows'] = 0;
mysql_close($dbconn);
$dbconn = null;
return $query_result;
}
// performs the request
$query_result['content'] = mysql_query($sqlStatement, $dbconn);
// evaluates the request
$query_result['affectedRows'] = mysql_affected_rows();
$query_result['insertId'] = mysql_insert_id();
$query_result['errno'] = mysql_errno();
$query_result['error'] = mysql_error();
if (gettype($query_result['content']) != 'boolean') {
$query_result['numRows'] = mysql_num_rows($query_result['content']);
}
// closes the connection and returns the result
mysql_close($dbconn);
$dbconn = null;
return $query_result;
}
public function getTableReferences()
{
Logger::Log('starts GET GetTableReferences', LogLevel::DEBUG);
if (!file_exists(dirname(__FILE__) . '/config.ini')) {
$this->_app->response->setStatus(409);
$this->_app->stop();
}
$conf = parse_ini_file(dirname(__FILE__) . '/config.ini', TRUE);
// starts a query
ob_start();
eval("?>" . file_get_contents(dirname(__FILE__) . '/Sql/GetTableReferences.sql'));
$sql = ob_get_contents();
ob_end_clean();
$result = DBRequest::request($sql, false, $conf);
// checks the correctness of the query
if ((!isset($result['errno']) || !$result['errno']) && $result['content']) {
$data = DBJson::getRows($result['content']);
$res = array();
foreach ($data as $dat) {
if (!isset($res)) {
$res[$dat['table_name']] = array();
}
$res[$dat['table_name']][] = $dat['referenced_table_name'];
}
$this->_app->response->setStatus(200);
$this->_app->response->setBody(json_encode($res));
} else {
Logger::Log('GET GetTableReferences failed', LogLevel::ERROR);
$this->_app->response->setStatus(409);
$this->_app->response->setBody('');
$this->_app->stop();
}
}
