public static function clearDatabase() { apc_clear_cache(); $database = new DatabaseManager(); //$resource = $database->query("SELECT DATABASE()"); //$name = $resource->fetch_row()[0]; //$resource->close(); //make sure we don't accidentally load dummy data on live database //to do: make sure this actually works //if(strpos($name, "test" === false)) { if (!$database->debug()) { throw new Exception("Database may not be safe to run tests on"); } //addon_addons, addon_boards, addon_tags, addon_tagmap, group_groups, group_usermap, addon_comments, addon_ratings if (!$database->query("SET FOREIGN_KEY_CHECKS=0")) { throw new Exception("Database error: " . $database->error()); } if (!$database->query("DROP TABLE IF EXISTS addon_tagmap, addon_tags, addon_dependency,\n\t\t\taddon_addons, addon_boards, addon_comments, addon_ratings, addon_stats,\n\t\t\tusers, build_builds, build_dependency, build_stats, tag_stats, group_groups, group_usermap,\n\t\t\tstatistics, screenshots, build_screenshotmap, addon_screenshotmap")) { throw new Exception("Database error: " . $database->error()); } if (!$database->query("SET FOREIGN_KEY_CHECKS=1")) { throw new Exception("Database error: " . $database->error()); } apc_clear_cache(); }
public function testError() { TestManager::clearDatabase(); $database = new DatabaseManager(); $resource = $database->query("SELECT `garbage` FROM `thingthatdoesnotexist`"); $this->assertEquals(false, $resource); $this->assertNotEquals("", $database->error()); }
public static function getAddons($page, $limit = 10) { $start = ($page - 1) * $limit; $db = new DatabaseManager(); $res = $db->query("SELECT * FROM `rtb_addons` ORDER BY `title` ASC LIMIT {$start}, {$limit}"); echo $db->error(); $ret = array(); while ($obj = $res->fetch_object()) { $ret[] = $obj; } return $ret; }
public static function getAllBoards() { $ret = array(); $db = new DatabaseManager(); $res = $db->query("SELECT `id` FROM `addon_boards`"); if (!$res) { throw new Exception("Error getting data from database: " . $db->error()); } while ($obj = $res->fetch_object()) { $ret[$obj->id] = BoardManager::getFromId($obj->id); } //improves performance with simultaneous connections $res->close(); return $ret; }
public static function addEntry($blid, $aid, $hash, $version, $beta = false, $date = null) { if ($date == null) { $date = time(); } $db = new DatabaseManager(); $res = $db->query($sq = "SELECT COUNT(*) FROM `stats_usage` WHERE `blid`='" . $db->sanitize($blid) . "' AND `aid`='" . $db->sanitize($aid) . "' AND `hash`='" . $db->sanitize($hash) . "' "); $ret = $res->fetch_row(); if (!isset($ret[0]) || $ret[0] == 0) { $res = $db->query($sq = "INSERT INTO `stats_usage` (`blid`, `aid`, `hash`, `version`, `beta`, `reported`) VALUES (\n '" . $db->sanitize($blid) . "',\n '" . $db->sanitize($aid) . "',\n '" . $db->sanitize($hash) . "',\n '" . $db->sanitize($version) . "',\n '" . ($beta ? 1 : 0) . "',\n '" . $db->sanitize(date("Y-m-d H:i:s", $date)) . "')"); } else { $db->update("stats_usage", ["blid" => $blid, "aid" => $aid, "hash" => $hash], ["version" => $version, "beta" => $beta ? 1 : 0, "reported" => date("Y-m-d H:i:s")]); } if ($error = $db->error()) { return array("status" => "error", "error" => $error); } else { return true; } }
$branchId["stable"] = 1; $branchId["unstable"] = 2; $branchId["development"] = 3; $file["stable"] = $res->file_stable; $versionData = array(); foreach ($file as $branch => $fid) { if ($fid != 0) { $version = new stdClass(); $fileRes = $mysql->query("SELECT * FROM `addon_files` WHERE `id`='" . $fid . "'"); $hash = $fileRes->fetch_object()->hash; $oldfile = $dir . $hash . ".zip"; $bid = $branchId[$branch]; echo "Uploading {$oldfile} to AWS as {$res->id}_{$bid}.zip"; //AWSFileManager::upload("addons/{$res->id}_{$bid}", $oldfile); AWSFileManager::uploadNewAddon($res->id, $bid, $res->filename, $oldfile); $updateRes = $mysql->query("SELECT *\nFROM `addon_updates`\nWHERE `aid` = '" . $aid . "'\nAND `branch`='" . $bid . "' ORDER BY `time` DESC\nLIMIT 0 , 1"); if ($updateRes->num_rows == 0) { $version->version = "0.0.0"; $version->restart = "0.0.0"; } else { $obj = $updateRes->fetch_object(); $version->version = $obj->version; $version->restart = $obj->version; //not worth it } $versionData[$branch] = $version; } } $db->query($sql = "INSERT INTO `addon_addons` (`id`, `board`, `blid`, `name`, `filename`, `description`, `version`, `authorInfo`, `reviewInfo`, `deleted`, `approved`, `uploadDate`) VALUES " . "('" . $db->sanitize($res->id) . "'," . "NULL," . "'" . $db->sanitize($res->author) . "'," . "'" . $db->sanitize($res->name) . "'," . "'" . $db->sanitize($res->filename) . "'," . "'" . $db->sanitize($res->description) . "'," . "'" . $db->sanitize($versionData['stable']->version) . "'," . "'" . $db->sanitize(json_encode($authorDat)) . "'," . "''," . "'0'," . "'0'," . "CURRENT_TIMESTAMP);"); echo $db->error();
public static function getRecentUpdates($time = null) { if ($time == null) { $time = 60 * 24 * 7; } $db = new DatabaseManager(); $res = $db->query("SELECT * FROM `addon_updates` WHERE `submitted` > now() - INTERVAL " . $db->sanitize($time) . " MINUTE AND `approved`=1 ORDER BY `submitted` DESC"); echo $db->error(); $arr = array(); while ($obj = $res->fetch_object()) { $arr[] = new AddonUpdateObject($obj); } return $arr; }
<table class="commenttable"> <tbody> <?php //This page is designed to be requested by ajax //I also want it to be possible to request this content in-game. //In the future the file that actually interacts with the database should be in /private/class, while this one processes get requests and formats data require_once realpath(dirname(__DIR__) . "/private/class/DatabaseManager.php"); $database = new DatabaseManager(); //the "and `verified` = 1 can be deleted if we decide to force blid database entries to be unique $result = $database->query("SELECT * FROM `addon_comments` WHERE `blid` = '" . $database->sanitize($_GET['blid']) . "' AND `verified` = 1"); if (!$result) { echo "Database error: " . $database->error(); } else { if ($result->num_rows == 0) { echo "<tr style=\"vertical-align:top\">"; echo "<td colspan=\"2\" style=\"text-align: center;\">"; echo "There are no comments here yet."; echo "</td></tr>"; } else { require_once realpath(dirname(__DIR__) . "/private/class/UserHandler.php"); while ($row = $result->fetch_object()) { $user = UserManager::getFromId($row->uid); echo "<tr style=\"vertical-align:top\">"; echo "<td style=\"width: 150px;\">"; echo "<a href=\"/user/view.php?id=" . $user->getID() . "\">" . utf8_encode($user->getUsername()) . "</a>"; //Not sure where administrator status is stored. My guess is 'groups' but I can't be certain. //At any rate, we should probably go and rethink the database tables for long term use. echo "<br /><span style=\"font-size: .8em;\">" . $user->getBLID() . "<br />Administrator?</span>"; echo "</td><td>"; echo utf8_encode($row->comment); echo "</td></tr>";
public static function register($email, $password1, $password2, $blid) { //if(!AccountManager::validUsername($username)) { // return [ // "message" => "Invalid username provided. You may only use up to 20 characters." // ]; //} if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { return ["message" => "Invalid e-mail address"]; } if ($password1 !== $password2) { return ["message" => "Your passwords do not match."]; } if (strlen($password1) < 4) { return ["message" => "Your password must be at least 4 characters"]; } $blid = trim($blid); if (!is_numeric($blid)) { return ["message" => "INVALID BL_ID"]; } $loginDetails1 = AccountManager::getLoginDetailsFromBLID($blid); $loginDetails2 = AccountManager::getLoginDetailsFromEmail($email); if ($loginDetails1) { return ["message" => "That BL_ID is already in use!"]; } else { if ($loginDetails2) { return ["message" => "That E-mail address is already in use."]; } } $database = new DatabaseManager(); //AccountManager::verifyTable($database); $intermediateSalt = md5(uniqid(rand(), true)); $salt = substr($intermediateSalt, 0, 6); $hash = hash("sha256", $password1 . $salt); //long if statement because oh well //I am assuming 'groups' is a json array, so by default it is "[]" if ($database->query("INSERT INTO users (password, salt, blid, email, groups, username) VALUES ('" . $database->sanitize($hash) . "', '" . $database->sanitize($salt) . "', '" . $database->sanitize($blid) . "', '" . $database->sanitize($email) . "', '" . $database->sanitize("[]") . "', '" . $database->sanitize("Blockhead" . $blid) . "')")) { //$_SESSION['justregistered'] = 1; //header("Location: " . $redirect); //I think this is the only way to do a redirect containing post information //echo("<!doctype html><head><meta charset=\"utf-8\"></head><body>"); //echo("<form class=\"hidden\" action=\"/login.php\" name=\"redirectForm\" method=\"post\">"); //echo("<input type=\"hidden\" name=\"redirect\" value=\"" . htmlspecialchars($redirect) . "\">"); //echo("<input type=\"hidden\" name=\"justregistered\" value=\"1\">"); //echo("<input type=\"submit\" value=\"Click here if your browser does not automatically redirect you\">"); //echo("</form>"); //echo("<script language=\"JavaScript\">document.redirectForm.submit();</script>"); //echo("</body></html>"); //die(); return ["redirect" => "/login.php"]; } else { throw new Exception("Error adding new user into databse: " . $database->error()); } }
public static function register($email, $password1, $password2, $blid) { if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { return ["message" => "Invalid e-mail address"]; } if ($password1 !== $password2) { return ["message" => "Your passwords do not match."]; } if (strlen($password1) < 4) { return ["message" => "Your password must be at least 4 characters."]; } $blid = trim($blid); if (!is_numeric($blid)) { return ["message" => "INVALID BL_ID"]; } $loginDetails1 = UserManager::getLoginDetailsFromBLID($blid); $loginDetails2 = UserManager::getLoginDetailsFromEmail($email); if ($loginDetails1) { return ["message" => "That BL_ID is already in use! Contact administration if you believe this is a mistake."]; } else { if ($loginDetails2) { return ["message" => "That E-mail address is already in use."]; } } $database = new DatabaseManager(); $intermediateSalt = md5(uniqid(rand(), true)); $salt = substr($intermediateSalt, 0, 6); $hash = hash("sha256", $password1 . $salt); //long if statement because oh well //I am assuming 'groups' is a json array, so by default it is "[]" if ($database->query("INSERT INTO users (password, salt, blid, email, username) VALUES ('" . $database->sanitize($hash) . "', '" . $database->sanitize($salt) . "', '" . $database->sanitize($blid) . "', '" . $database->sanitize($email) . "', '" . $database->sanitize("Blockhead" . $blid) . "')")) { return ["redirect" => "/login.php"]; } else { throw new Exception("Error adding new user into database: " . $database->error()); } }