function app_auth($USER, $PASSWD)
{
//echo "user='******' pass='******'<br>\n";
$user = db_esc_sql($USER);
$pass = db_esc_sql($PASSWD);
$query = "select * from users u join profiles p using(profile_name) where user_name = {$user} and (user_password = password({$pass}) or ({$user} = 'root') and password({$pass}) in (select Password from mysql.user where User='******'))";
//echo "$query<br>\n";
$data = _db_do_query("", $query);
//print_r($data); echo "<br>\n";
return @$data[0];
}
function _mysql_make_update_tp(&$stack, $qstruct, &$cb_list)
{
global $ERROR;
$mode = $qstruct["MODE"];
if ($mode == "DELETE") {
// this need not depend on $qstruct["DATA"]
return _mysql_make_delete_tp($stack, $qstruct, $cb_list);
}
$res = "";
$table = $qstruct["TABLE"];
$realtable = _db_realname($table);
$realtable_tp = _db_2temporal($realtable);
$autoinc = _db_autoinc($table);
$version = _db_version($table);
$deleted = _db_extfield($table, "deleted");
$fields = implode(", ", _db_realname($table, $qstruct["ALL_FIELDS"]));
$count = 0;
foreach ($qstruct["DATA"] as $row) {
$idcond = _mysql_make_idcond_base($qstruct, $row);
if ($count++) {
$res .= "; ";
}
//$res .= "replace into $realtable_tp($fields) ";
$res .= "insert into {$realtable_tp}({$fields}) ";
$where = _mysql_make_idwhere($qstruct, $row);
if ($ERROR) {
return null;
}
$newdata = "";
$rowcount = 0;
$oldcount = 0;
foreach ($qstruct["ALL_FIELDS"] as $field) {
$realfield = _db_realname($table, $field);
if ($rowcount++) {
$newdata .= ", ";
}
if ($field == $deleted) {
$row[$field] = false;
}
if ($mode == "INSERT" && $field == $autoinc || $field == $version) {
// give AUTO_INCREMENT / versioning a chance
$newdata .= "null";
} elseif (array_key_exists($field, $row) && in_array($field, $qstruct["UPDATE_FIELDS"])) {
// take new value
$value = @$row[$field];
if ($field == $autoinc && $mode == "INSERT") {
$value = null;
}
if (!@$qstruct["RAW_MODE"] && !_mysql_check_allref($stack, $table, $field, $value, $mode, $idcond)) {
return null;
}
$newdata .= db_esc_sql($value);
} elseif ($mode == "REPLACE") {
// caution: we cannot be sure that the data already exists, handle that case
$newdata .= "case when exists(select {$realfield} from {$realtable} where {$where}) then (select max({$realfield}) from {$realtable} where {$where}) else null end";
} else {
// fallback to old value from the db
$oldcount++;
$newdata .= $realfield;
}
}
if ($mode == "REPLACE") {
$res .= "select {$newdata}";
} elseif (($oldcount || $mode == "UPDATE") && $mode != "INSERT") {
$res .= "select {$newdata} from {$realtable} where {$where}";
} else {
$res .= "values ({$newdata})";
}
$cb_list[] = $qstruct["CB"];
}
return $res;
}