function updateDBConnection(DB_Connection $conn)
{
global $config_db, $user;
if ($conn->validateKey()) {
if (checkDBConnectionTable()) {
$sql = "UPDATE db_connections SET " . "Name = '" . $conn->getName() . "', " . "Desc = '" . $conn->getDesc() . "', " . "Server = '" . $conn->getServer() . "', " . "User = '******', " . "Password = '******', " . "Schema = '" . $conn->getSchema() . "', " . "Type = " . $conn->getType() . ", " . "updateDate = '" . date("Y-m-d") . "', " . "updatedBy = '" . $user->getEmail() . "'" . " WHERE id = " . $conn->getID();
// Execute SQL
$config_db->exec($sql);
// Reload Database Connections
loadDBConnections();
}
}
}
/**
* Function to test API Keys against Users
* @global API_Settings $api
* @param string $api_key
* @return boolean
*/
function testAPIKey($api_key)
{
global $api, $db_conn;
// Check if we need to test the API Key
if ($api->getUseAPIKey() == false) {
return true;
}
// Process 'public' as API Key
if (strtolower($api_key) == 'public') {
return true;
}
// Get Connection Details
$conn = new DB_Connection();
$set = false;
foreach ($db_conn as $conn) {
if (strtolower($conn->getName()) == strtolower($api->getAPIKeyConnection())) {
$set = true;
break;
}
}
// Error message if $conn is not set
if ($set != true) {
die("Cannot find the connection '{$api->getAPIKeyConnection()}'");
}
// Validate API Key
$_sql = "select {$api->getAPIKeyField()} " . "from {$conn->getSchema(false)}.{$api->getAPIKeyTable()} " . "where {$api->getAPIKeyField()} = '{$api_key}'";
try {
switch ($conn->getType()) {
case 0:
// SQLite
$_db = new PDO("sqlite:" . $conn->getServer(false));
$_sql = "select {$api->getAPIKeyField()} " . "from {$api->getAPIKeyTable()} " . "where {$api->getAPIKeyField()} = '{$api_key}'";
break;
case 1:
// MySQL
$_db = new PDO("mysql:host=" . $conn->getServer(false) . ";dbname=" . $conn->getSchema(false), $conn->getUser(false), $conn->getPassword(false));
break;
case 2:
// PostgreSQL
$_db = new PDO("pgsql:host=" . $conn->getServer(false) . ";dbname=" . $conn->getSchema(false), $conn->getUser(false), $conn->getPassword(false));
break;
case 3:
// Oracle
$_db = new PDO("oci:dbname=" . $conn->getServer(false), $conn->getUser(false), $password);
break;
case 4:
// Microsoft SQL
$_db = new PDO("sqlsrv:Server=" . $conn->getServer(false) . ";Database=" . $conn->getSchema(false), $conn->getUser(false), $conn->getPassword(false));
break;
}
$_db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// Get Response
$dbRes = $_db->query($_sql);
$iRes = 0;
foreach ($dbRes as $row) {
// Check API Key Again (incase someone used a wildcard)
// We are only checking the first record because it should be correct
if ($api_key == $row[0] && $iRes == 0) {
return true;
}
$iRes++;
break;
}
} catch (PDOException $ex) {
showMessage($_sql);
// Print PDOException message
$res = $ex->getMessage();
showMessage($res);
}
return false;
}
