Ejemplo n.º 1
0
     // execute the database query for our matching record
     if (($value = $db->dbQuery($val->ValidateSQL($sql, $dbconn), $dbconn)) !== -1) {
         $ids = $db->dbArrayResults($value);
     }
     // create new `update` sql statement with matching id to overwrite record as per requested
     if ($group === "admin") {
         $update = "UPDATE `conf_hosts` SET `hostname` = \"" . $hostname . "\", `mac-address` = \"" . $mac_address . "\", `ip-address` = \"" . $ip_address . "\", `subnet-name` = \"" . $subnet_name . "\", `pxe-group` = \"" . $pxe_group . "\", `group` = \"" . $group . "\" WHERE `id` = \"" . $ids[0]['id'] . "\" LIMIT 1";
     } else {
         $update = "UPDATE `conf_hosts` SET `hostname` = \"" . $hostname . "\", `mac-address` = \"" . $mac_address . "\", `ip-address` = \"" . $ip_address . "\", `subnet-name` = \"" . $subnet_name . "\", `pxe-group` = \"" . $pxe_group . "\" WHERE `id` = \"" . $ids[0]['id'] . "\" LIMIT 1";
     }
     // perform update on record
     if (($value = $db->dbQuery($val->ValidateSQL($update, $dbconn), $dbconn)) === -1) {
         $error = $err->GenerateErrorLink("help/help.html", "#host_search", $defined['error'], $errors['db_edit_err'], NULL, NULL);
     } else {
         // was anything updated?
         if ($db->dbAffectedRows($dbconn) === 0) {
             $error = $err->GenerateErrorLink("help/help.html", "#host_search", $defined['error'], $errors['db_edit_err'], NULL, NULL);
         } else {
             $error = $err->GenerateErrorLink("help/help.html", "#host_search", $defined['good'], $errors['db_edit'], NULL, NULL);
         }
     }
 } else {
     // we will perform a search for the existing record and allow the user to proceed on `updating` duplicate
     @preg_match('/.*\\"(.*)\\".*/', $db->dbCatchError(), $dup);
     if ($group !== "admin" || empty($_POST['allow'])) {
         $sql = "SELECT * FROM `conf_hosts` WHERE `id` = \"" . $dup[1] . "\" AND `group` = \"" . $group . "\"";
     } else {
         $sql = "SELECT * FROM `conf_hosts` WHERE `id` = \"" . $dup[1] . "\"";
     }
     // execute the database query for our matching record
     if (($value = $db->dbQuery($val->ValidateSQL($sql, $dbconn), $dbconn)) !== -1) {