Skip to content

Commit 1d8f7f1

Browse files
author
nveid
committed
Fixes to allow the serverside to work correctly with mysqli, updating the datalog,
and make changes to mysql users in the mysql plugin module. Refs: 1722
1 parent 378935a commit 1d8f7f1

File tree

4 files changed

+57
-48
lines changed

4 files changed

+57
-48
lines changed

server/lib/app.inc.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ class app {
3333
var $loaded_modules = array();
3434
var $loaded_plugins = array();
3535

36-
function app() {
36+
function __construct() {
3737

3838
global $conf;
3939

@@ -47,7 +47,7 @@ function app() {
4747
*/
4848

4949
if($conf['dbmaster_host'] != '' && $conf['dbmaster_host'] != $conf['db_host']) {
50-
$this->dbmaster = new db;
50+
$this->dbmaster = new db($conf['dbmaster_host'], $conf['dbmaster_user'], $conf['dbmaster_password'], $conf['dbmaster_database']);
5151
} else {
5252
$this->dbmaster = $this->db;
5353
}

server/lib/classes/db_mysql.inc.php

Lines changed: 19 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@
3030

3131
class db extends mysqli
3232
{
33-
private $dbHost = ''; // hostname of the MySQL server
33+
protected $dbHost = ''; // hostname of the MySQL server
3434
private $dbName = ''; // logical database name on that server
3535
private $dbUser = ''; // database authorized user
3636
private $dbPass = ''; // user's password
@@ -48,29 +48,34 @@ class db extends mysqli
4848
public $show_error_messages = false; // false in server, true in interface
4949

5050
// constructor
51-
public function __construct() {
52-
global $conf;
53-
$this->dbHost = $conf['db_host'];
54-
$this->dbName = $conf['db_database'];
55-
$this->dbUser = $conf['db_user'];
56-
$this->dbPass = $conf['db_password'];
51+
public function __construct($host = NULL , $user = NULL, $pass = NULL, $database = NULL) {
52+
global $app, $conf;
53+
54+
$this->dbHost = $host ? $host : $conf['db_host'];
55+
$this->dbName = $database ? $database : $conf['db_database'];
56+
$this->dbUser = $user ? $user : $conf['db_user'];
57+
$this->dbPass = $pass ? $pass : $conf['db_password'];
5758
$this->dbCharset = $conf['db_charset'];
5859
$this->dbNewLink = $conf['db_new_link'];
5960
$this->dbClientFlags = $conf['db_client_flags'];
60-
parent::__construct($conf['db_host'], $conf['db_user'],$conf['db_password'],$conf['db_database']);
61+
62+
parent::__construct($this->dbHost, $this->dbUser, $this->dbPass,$this->dbName);
6163
if ($this->connect_error) {
6264
$this->updateError('DB::__construct');
63-
return false;
6465
}
6566
parent::query( 'SET NAMES '.$this->dbCharset);
6667
parent::query( "SET character_set_results = '".$this->dbCharset."', character_set_client = '".$this->dbCharset."', character_set_connection = '".$this->dbCharset."', character_set_database = '".$this->dbCharset."', character_set_server = '".$this->dbCharset."'");
67-
6868
}
6969

7070
public function __destruct() {
7171
$this->close(); // helps avoid memory leaks, and persitent connections that don't go away.
7272
}
7373

74+
/* This allows our private variables to be "read" out side of the class */
75+
public function __get($var) {
76+
return isset($this->$var) ? $this->$var : NULL;
77+
}
78+
7479
// error handler
7580
public function updateError($location) {
7681
global $app;
@@ -89,8 +94,11 @@ public function updateError($location) {
8994
// This right here will allow us to use the samefile for server & interface
9095
if($this->show_error_messages) {
9196
echo $error_msg;
92-
} else if(method_exists($app, 'log')) {
97+
} else if(is_object($app) && method_exists($app, 'log')) {
9398
$app->log($error_msg, LOGLEVEL_WARN);
99+
} else {
100+
/* This could be called before $app is ever declared.. In that case we should just spit out to error_log() */
101+
error_log($error_msg);
94102
}
95103
}
96104
}

server/plugins-available/mysql_clientdb_plugin.inc.php

Lines changed: 33 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -100,15 +100,15 @@ function process_host_list($action, $database_name, $database_user, $database_pa
100100
if($valid == false) continue;
101101

102102
if($action == 'GRANT') {
103-
if(!mysql_query("GRANT ALL ON ".mysql_real_escape_string($database_name,$link).".* TO '".mysql_real_escape_string($database_user,$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($database_password,$link)."';",$link)) $success = false;
103+
if(!$link->query("GRANT ALL ON ".$link->escape_string($database_name).".* TO '".$link->escape_string($database_user)."'@'$db_host' IDENTIFIED BY '".$link->escape_string($database_password)."';")) $success = false;
104104
} elseif($action == 'REVOKE') {
105105
//mysql_query("REVOKE ALL PRIVILEGES ON ".mysql_real_escape_string($database_name,$link).".* FROM '".mysql_real_escape_string($database_user,$link)."';",$link);
106106
} elseif($action == 'DROP') {
107-
if(!mysql_query("DROP USER '".mysql_real_escape_string($database_user,$link)."'@'$db_host';",$link)) $success = false;
107+
if(!$link->query("DROP USER '".$link->escape_string($database_user)."'@'$db_host';")) $success = false;
108108
} elseif($action == 'RENAME') {
109-
if(!mysql_query("RENAME USER '".mysql_real_escape_string($database_user,$link)."'@'$db_host' TO '".mysql_real_escape_string($database_rename_user,$link)."'@'$db_host'",$link)) $success = false;
109+
if(!$link->query("RENAME USER '".$link->escape_string($database_user)."'@'$db_host' TO '".$link->escape_string($database_rename_user)."'@'$db_host'")) $success = false;
110110
} elseif($action == 'PASSWORD') {
111-
if(!mysql_query("SET PASSWORD FOR '".mysql_real_escape_string($database_user,$link)."'@'$db_host' = PASSWORD('".mysql_real_escape_string($database_password,$link)."');",$link)) $success = false;
111+
if(!$link->query("SET PASSWORD FOR '".$link->escape_string($database_user)."'@'$db_host' = PASSWORD('".$link->escape_string($database_password)."');")) $success = false;
112112
}
113113
}
114114

@@ -130,9 +130,9 @@ function db_insert($event_name,$data) {
130130
}
131131

132132
//* Connect to the database
133-
$link = mysql_connect($clientdb_host, $clientdb_user, $clientdb_password);
134-
if (!$link) {
135-
$app->log('Unable to connect to the database'.mysql_error($link),LOGLEVEL_ERROR);
133+
$link = new mysqli($clientdb_host, $clientdb_user, $clientdb_password);
134+
if (!$link->connect_error) {
135+
$app->log('Unable to connect to mysql'.$link->connect_error,LOGLEVEL_ERROR);
136136
return;
137137
}
138138

@@ -144,10 +144,10 @@ function db_insert($event_name,$data) {
144144
}
145145

146146
//* Create the new database
147-
if (mysql_query('CREATE DATABASE '.mysql_real_escape_string($data['new']['database_name']).$query_charset_table,$link)) {
147+
if ($link->query('CREATE DATABASE '.$link->escape_string($data['new']['database_name']).$query_charset_table)) {
148148
$app->log('Created MySQL database: '.$data['new']['database_name'],LOGLEVEL_DEBUG);
149149
} else {
150-
$app->log('Unable to create the database: '.mysql_error($link),LOGLEVEL_WARNING);
150+
$app->log('Unable to create the database: '.$link->error,LOGLEVEL_WARNING);
151151
}
152152

153153
// Create the database user if database is active
@@ -158,13 +158,13 @@ function db_insert($event_name,$data) {
158158
}
159159

160160
$db_host = 'localhost';
161-
mysql_query("GRANT ALL ON `".str_replace(array('_','%'),array('\\_','\\%'),mysql_real_escape_string($data['new']['database_name'],$link))."`.* TO '".mysql_real_escape_string($data['new']['database_user'],$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data['new']['database_password'],$link)."';",$link);
161+
$link->query("GRANT ALL ON `".str_replace(array('_','%'),array('\\_','\\%'),$link->escape_string($data['new']['database_name']))."`.* TO '".$link->escape_string($data['new']['database_user'])."'@'$db_host' IDENTIFIED BY '".$link->escape_string($data['new']['database_password'])."';");
162162

163163

164164
}
165165

166-
mysql_query('FLUSH PRIVILEGES;',$link);
167-
mysql_close($link);
166+
$link->query('FLUSH PRIVILEGES;');
167+
$link->close();
168168
}
169169
}
170170

@@ -183,21 +183,21 @@ function db_update($event_name,$data) {
183183
}
184184

185185
//* Connect to the database
186-
$link = mysql_connect($clientdb_host, $clientdb_user, $clientdb_password);
186+
$link = new mysqli($clientdb_host, $clientdb_user, $clientdb_password);
187187
if (!$link) {
188-
$app->log('Unable to connect to the database: '.mysql_error($link),LOGLEVEL_ERROR);
188+
$app->log('Unable to connect to the database: '.$link->connect_error,LOGLEVEL_ERROR);
189189
return;
190190
}
191191

192192
// Create the database user if database was disabled before
193193
if($data['new']['active'] == 'y' && $data['old']['active'] == 'n') {
194194

195195
if($data['new']['remote_access'] == 'y') {
196-
$this->process_host_list('GRANT', $data['new']['database_name'], $data['new']['database_user'], $data['new']['database_password'], $data['new']['remote_ips'], $link);
196+
$this->process_host_list('GRANT', $data['new']['database_name'], $data['new']['database_user'], $data['new']['database_password'], $data['new']['remote_ips'], $link);
197197
}
198198

199199
$db_host = 'localhost';
200-
mysql_query("GRANT ALL ON `".str_replace(array('_','%'),array('\\_','\\%'),mysql_real_escape_string($data['new']['database_name'],$link))."`.* TO '".mysql_real_escape_string($data['new']['database_user'],$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data['new']['database_password'],$link)."';",$link);
200+
$link->query("GRANT ALL ON `".str_replace(array('_','%'),array('\\_','\\%'),$link->escape_string($data['new']['database_name']))."`.* TO '".$link->escape_string($data['new']['database_user'])."'@'$db_host' IDENTIFIED BY '".$link->escape_string($data['new']['database_password'])."';");
201201

202202
// mysql_query("GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* TO '".mysql_real_escape_string($data["new"]["database_user"],$link)."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"],$link)."';",$link);
203203
//echo "GRANT ALL ON ".mysql_real_escape_string($data["new"]["database_name"]).".* TO '".mysql_real_escape_string($data["new"]["database_user"])."'@'$db_host' IDENTIFIED BY '".mysql_real_escape_string($data["new"]["database_password"])."';";
@@ -211,16 +211,14 @@ function db_update($event_name,$data) {
211211
}
212212

213213
$db_host = 'localhost';
214-
mysql_query("DROP USER '".mysql_real_escape_string($data['old']['database_user'],$link)."'@'$db_host';",$link);
215-
216-
214+
$link->query("DROP USER '".$link->escape_string($data['old']['database_user'])."'@'$db_host';");
217215
//mysql_query("REVOKE ALL PRIVILEGES ON ".mysql_real_escape_string($data["new"]["database_name"],$link).".* FROM '".mysql_real_escape_string($data["new"]["database_user"],$link)."';",$link);
218216
}
219217

220218
//* Rename User
221219
if($data['new']['database_user'] != $data['old']['database_user']) {
222220
$db_host = 'localhost';
223-
mysql_query("RENAME USER '".mysql_real_escape_string($data['old']['database_user'],$link)."'@'$db_host' TO '".mysql_real_escape_string($data['new']['database_user'],$link)."'@'$db_host'",$link);
221+
$link->query("RENAME USER '".$link->escape_string($data['old']['database_user'])."'@'$db_host' TO '".$link->escape_string($data['new']['database_user'])."'@'$db_host'");
224222
if($data['old']['remote_access'] == 'y') {
225223
$this->process_host_list('RENAME', '', $data['old']['database_user'], '', $data['new']['remote_ips'], $link, $data['new']['database_user']);
226224
}
@@ -249,16 +247,19 @@ function db_update($event_name,$data) {
249247
//* Change password
250248
if($data['new']['database_password'] != $data['old']['database_password']) {
251249
$db_host = 'localhost';
252-
mysql_query("SET PASSWORD FOR '".mysql_real_escape_string($data['new']['database_user'],$link)."'@'$db_host' = PASSWORD('".mysql_real_escape_string($data['new']['database_password'],$link)."');",$link);
250+
$link->query("SET PASSWORD FOR '".$link->escape_string($data['new']['database_user'])."'@'$db_host' = PASSWORD('".$link->escape_string($data['new']['database_password'])."');");
251+
if($link->error) {
252+
error_log($link->error);
253+
}
253254

254255
if($data['new']['remote_access'] == 'y') {
255-
$this->process_host_list('PASSWORD', '', $data['new']['database_user'], $data['new']['database_password'], $data['new']['remote_ips'], $link);
256+
$this->process_host_list('PASSWORD', '', $data['new']['database_user'], $data['new']['database_password'], $data['new']['remote_ips']);
256257
}
257258
$app->log('Changing MySQL user password for: '.$data['new']['database_user'],LOGLEVEL_DEBUG);
258259
}
259260

260-
mysql_query('FLUSH PRIVILEGES;',$link);
261-
mysql_close($link);
261+
$link->query('FLUSH PRIVILEGES;');
262+
$link->close();
262263
}
263264

264265
}
@@ -273,9 +274,9 @@ function db_delete($event_name,$data) {
273274
}
274275

275276
//* Connect to the database
276-
$link = mysql_connect($clientdb_host, $clientdb_user, $clientdb_password);
277-
if (!$link) {
278-
$app->log('Unable to connect to the database: '.mysql_error($link),LOGLEVEL_ERROR);
277+
$link = new mysqli($clientdb_host, $clientdb_user, $clientdb_password);
278+
if ($link->connect_error) {
279+
$app->log('Unable to connect to mysql: '.$link->connect_error,LOGLEVEL_ERROR);
279280
return;
280281
}
281282

@@ -284,24 +285,24 @@ function db_delete($event_name,$data) {
284285
if($this->process_host_list('DROP', '', $data['old']['database_user'], '', $data['old']['remote_ips'], $link)) {
285286
$app->log('Dropping MySQL user: '.$data['old']['database_user'],LOGLEVEL_DEBUG);
286287
} else {
287-
$app->log('Error while dropping MySQL user: '.$data['old']['database_user'].' '.mysql_error($link),LOGLEVEL_WARNING);
288+
$app->log('Error while dropping MySQL user: '.$data['old']['database_user'].' '.$link->error,LOGLEVEL_WARNING);
288289
}
289290
}
290291
$db_host = 'localhost';
291-
if(mysql_query("DROP USER '".mysql_real_escape_string($data['old']['database_user'],$link)."'@'$db_host';",$link)) {
292+
if($link->query("DROP USER '".$link->escape_string($data['old']['database_user'])."'@'$db_host';")) {
292293
$app->log('Dropping MySQL user: '.$data['old']['database_user'],LOGLEVEL_DEBUG);
293294
} else {
294295
$app->log('Error while dropping MySQL user: '.$data['old']['database_user'].' '.mysql_error($link),LOGLEVEL_WARNING);
295296
}
296297

297-
if(mysql_query('DROP DATABASE '.mysql_real_escape_string($data['old']['database_name'],$link),$link)) {
298+
if($link->query('DROP DATABASE '.$link->escape_string($data['old']['database_name']))) {
298299
$app->log('Dropping MySQL database: '.$data['old']['database_name'],LOGLEVEL_DEBUG);
299300
} else {
300301
$app->log('Error while dropping MySQL database: '.$data['old']['database_name'].' '.mysql_error($link),LOGLEVEL_WARNING);
301302
}
302303

303-
mysql_query('FLUSH PRIVILEGES;',$link);
304-
mysql_close($link);
304+
$link->query('FLUSH PRIVILEGES;');
305+
$link->close();
305306
}
306307

307308

server/server.php

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@
4040
/*
4141
* Try to Load the server configuration from the master-db
4242
*/
43-
if ($app->dbmaster->connect()) {
43+
if ($app->dbmaster->connect_error == NULL) {
4444
$server_db_record = $app->dbmaster->queryOneRecord("SELECT * FROM server WHERE server_id = " . $conf['server_id']);
4545

4646
$conf['last_datalog_id'] = (int) $server_db_record['updated'];
@@ -133,7 +133,7 @@
133133
/*
134134
* Next we try to process the datalog
135135
*/
136-
if ($app->db->connect() && $app->dbmaster->connect()) {
136+
if ($app->db->connect_error == NULL && $app->dbmaster->connect_error == NULL) {
137137

138138
// Check if there is anything to update
139139
if ($conf['mirror_server_id'] > 0) {
@@ -166,7 +166,7 @@
166166
$needStartCore = false;
167167
}
168168
} else {
169-
if (!$app->db->connect()) {
169+
if ($app->db->connect->connect_error == NULL) {
170170
$app->log('Unable to connect to local server.' . $app->db->errorMessage, LOGLEVEL_WARN);
171171
} else {
172172
$app->log('Unable to connect to master server.' . $app->dbmaster->errorMessage, LOGLEVEL_WARN);

0 commit comments

Comments
 (0)