inc/users.inc.php
changeset 192 3d18290ac993
parent 190 7a683326ccec
child 195 5ac118d6556c
--- a/inc/users.inc.php	Thu Jul 24 17:21:33 2008 +0000
+++ b/inc/users.inc.php	Thu Aug 07 18:45:13 2008 +0000
@@ -40,19 +40,19 @@
         // Set current user ID.
         $userid=$_SESSION['userid'];
 
-		$query = 'SELECT id FROM perm_items WHERE name='.$db->quote('user_is_ueberuser');
+		$query = 'SELECT id FROM perm_items WHERE name='.$db->quote('user_is_ueberuser', 'text');
 		$ueberUserId = $db->queryOne($query);
 
         // Find the template ID that this user has been assigned.
         $query = "SELECT perm_templ
 			FROM users 
-			WHERE id = " . $db->quote($userid) ;
+			WHERE id = " . $db->quote($userid, 'integer') ;
         $templ_id = $db->queryOne($query);
 
         // Does this user have ueberuser rights?
         $query = "SELECT id 
 			FROM perm_templ_items 
-			WHERE templ_id = " . $db->quote($templ_id) . " 
+			WHERE templ_id = " . $db->quote($templ_id, 'integer') . " 
 			AND perm_id = ".$ueberUserId;
         $response = $db->query($query);
 	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
@@ -63,14 +63,14 @@
         // Find the permission ID for the requested permission.
         $query = "SELECT id 
 			FROM perm_items 
-			WHERE name = " . $db->quote($permission) ;
+			WHERE name = " . $db->quote($permission, 'text') ;
         $perm_id = $db->queryOne($query);
 
         // Check if the permission ID is assigned to the template ID. 
         $query = "SELECT id 
 			FROM perm_templ_items 
-			WHERE templ_id = " . $db->quote($templ_id) . " 
-			AND perm_id = " . $db->quote($perm_id) ;
+			WHERE templ_id = " . $db->quote($templ_id, 'integer') . " 
+			AND perm_id = " . $db->quote($perm_id, 'integer') ;
 	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
         $response = $db->query($query);
         if ( $response->numRows() > 0 ) {
@@ -108,7 +108,7 @@
 	$add = '';
  	if(is_numeric($id)) {
                  //When a user id is given, it is excluded from the userlist returned.
-                 $add = " WHERE users.id!=".$db->quote($id);
+                 $add = " WHERE users.id!=".$db->quote($id, 'integer');
 	}
 
 	// Make a huge query.
@@ -161,7 +161,7 @@
 {
 	global $db;
 	if(is_numeric($id)) {
-		$response = $db->query("SELECT id FROM users WHERE id=".$db->quote($id));
+		$response = $db->query("SELECT id FROM users WHERE id=".$db->quote($id, 'integer'));
 		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
 		if ($response->numRows() == 1) {
 			return true;
@@ -179,7 +179,7 @@
 function user_exists($user)
 {
 	global $db;
-	$response = $db->query("SELECT id FROM users WHERE username=".$db->quote($user));
+	$response = $db->query("SELECT id FROM users WHERE username=".$db->quote($user, 'text'));
 	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
 	if ($response->numRows() == 0) {
                  return false;
@@ -215,11 +215,11 @@
 			}
 		}
 
-		$query = "DELETE FROM zones WHERE owner = " . $db->quote($uid) ;
+		$query = "DELETE FROM zones WHERE owner = " . $db->quote($uid, 'integer') ;
 		$response = $db->query($query);
 		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
 
-		$query = "DELETE FROM users WHERE id = " . $db->quote($uid) ;
+		$query = "DELETE FROM users WHERE id = " . $db->quote($uid, 'integer') ;
 		$response = $db->query($query);
 		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
 	}
@@ -284,7 +284,7 @@
 		// user, the username should apparantly changed. If so, check if the "new" 
 		// username already exists.
 
-		$query = "SELECT username FROM users WHERE id = " . $db->quote($id);
+		$query = "SELECT username FROM users WHERE id = " . $db->quote($id, 'integer');
 		$response = $db->query($query);
 		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
 
@@ -297,7 +297,7 @@
 			// we have been given. User wants a change of username. Now, make
 			// sure it doesn't already exist.
 			
-			$query = "SELECT id FROM users WHERE username = " . $db->quote($user);
+			$query = "SELECT id FROM users WHERE username = " . $db->quote($user, 'integer');
 			$response = $db->query($query);
 			if (PEAR::isError($response)) { error($response->getMessage()); return false; }
 
@@ -311,18 +311,18 @@
 		// another user that goes by the wanted username. So, go ahead!
 
 		$query = "UPDATE users SET
-				username = " . $db->quote($user) . ",
-				fullname = " . $db->quote($fullname) . ",
-				email = " . $db->quote($email) . ",
-				perm_templ = " . $db->quote($perm_templ) . ",
-				description = " . $db->quote($description) . ", 
-				active = " . $db->quote($active) ;
+				username = " . $db->quote($user, 'text') . ",
+				fullname = " . $db->quote($fullname, 'text') . ",
+				email = " . $db->quote($email, 'text') . ",
+				perm_templ = " . $db->quote($perm_templ, 'integer') . ",
+				description = " . $db->quote($description, 'text') . ", 
+				active = " . $db->quote($active, 'integer') ;
 
 		if($password != "") {
-			$query .= ", password = " . $db->quote(md5($password)) ;
+			$query .= ", password = " . $db->quote(md5($password), 'text') ;
 		}
 
-		$query .= " WHERE id = " . $db->quote($id) ;
+		$query .= " WHERE id = " . $db->quote($id, 'integer') ;
 
 		$response = $db->query($query);
 		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
@@ -347,14 +347,14 @@
 		return false;
 	}
 
-	$query = "SELECT id, password FROM users WHERE username = " . $db->quote($_SESSION["userlogin"]);
+	$query = "SELECT id, password FROM users WHERE username = " . $db->quote($_SESSION["userlogin"], 'text');
 	$response = $db->query($query);
 	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
 
 	$rinfo = $response->fetchRow();
 
 	if(md5($details['currentpass']) == $rinfo['password']) {
-		$query = "UPDATE users SET password = " . $db->quote(md5($details['newpass'])) . " WHERE id = " . $db->quote($rinfo['id']) ;
+		$query = "UPDATE users SET password = " . $db->quote(md5($details['newpass']), 'text') . " WHERE id = " . $db->quote($rinfo['id'], 'integer') ;
 		$response = $db->query($query);
 		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
 
@@ -373,7 +373,7 @@
 function get_fullname_from_userid($id) {
 	global $db;
 	if (is_numeric($id)) {
-		$response = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id));
+		$response = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id, 'integer'));
 		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
 		$r = $response->fetchRow();
 		return $r["fullname"];
@@ -393,7 +393,7 @@
 	global $db;
 	if (is_numeric($id))
 	{
-		$response = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id));
+		$response = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id, 'integer'));
 		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
 		if ($response->numRows() == 1)
 		{
@@ -419,7 +419,7 @@
 
 	global $db;
 	if (is_numeric($id)) {
-		$response = $db->query("SELECT users.id, users.fullname FROM users, zones WHERE zones.domain_id=".$db->quote($id)." AND zones.owner=users.id ORDER by fullname");
+		$response = $db->query("SELECT users.id, users.fullname FROM users, zones WHERE zones.domain_id=".$db->quote($id, 'integer')." AND zones.owner=users.id ORDER by fullname");
 		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
 		if ($response->numRows() == 0) {
 			return "";
@@ -444,8 +444,8 @@
 	if (is_numeric($zoneid)) {
 		$response = $db->query("SELECT zones.id 
 				FROM zones 
-				WHERE zones.owner = " . $db->quote($userid) . "
-				AND zones.domain_id = ". $db->quote($zoneid)) ;
+				WHERE zones.owner = " . $db->quote($userid, 'integer') . "
+				AND zones.domain_id = ". $db->quote($zoneid, 'integer')) ;
 		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
 		if ($response->numRows() == 0) {
 			return "0";
@@ -464,12 +464,12 @@
 
 
 	if (v_num($specific)) {
-		$sql_add = "AND users.id = " . $db->quote($specific) ;
+		$sql_add = "AND users.id = " . $db->quote($specific, 'integer') ;
 	} else {
 		if (verify_permission('user_view_others')) {
 			$sql_add = "";
 		} else {
-			$sql_add = "AND users.id = " . $db->quote($userid) ;
+			$sql_add = "AND users.id = " . $db->quote($userid, 'integer') ;
 		}
 	}
 
@@ -517,7 +517,7 @@
 	
 	if ($templ_id > 0) {
 		$limit = ", perm_templ_items 
-			WHERE perm_templ_items.templ_id = " . $db->quote($templ_id) . "
+			WHERE perm_templ_items.templ_id = " . $db->quote($templ_id, 'integer') . "
 			AND perm_templ_items.perm_id = perm_items.id";
 	}
 
@@ -553,7 +553,7 @@
 
 	$query = "SELECT *
 			FROM perm_templ
-			WHERE perm_templ.id = " . $db->quote($templ_id);
+			WHERE perm_templ.id = " . $db->quote($templ_id, 'integer');
 
 	$response = $db->query($query);
 	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
@@ -593,8 +593,8 @@
 
 	$query = "INSERT INTO perm_templ (name, descr)
 			VALUES (" 
-				. $db->quote($details['templ_name']) . ", " 
-				. $db->quote($details['templ_descr']) . ")";
+				. $db->quote($details['templ_name'], 'text') . ", " 
+				. $db->quote($details['templ_descr'], 'text') . ")";
 
 	$response = $db->query($query);
 	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
@@ -602,7 +602,7 @@
 	$perm_templ_id = $db->lastInsertId('perm_templ', 'id');
 
 	foreach ($details['perm_id'] AS $perm_id) {
-		$query = "INSERT INTO perm_templ_items (templ_id, perm_id) VALUES (" . $db->quote($perm_templ_id) . "," . $db->quote($perm_id) . ")";
+		$query = "INSERT INTO perm_templ_items (templ_id, perm_id) VALUES (" . $db->quote($perm_templ_id, 'integer') . "," . $db->quote($perm_id, 'integer') . ")";
 		$response = $db->query($query);
 		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
 	}
@@ -618,9 +618,9 @@
 	// Fix permission template name and description first. 
 
 	$query = "UPDATE perm_templ 
-			SET name = " . $db->quote($details['templ_name']) . ",
-			descr = " . $db->quote($details['templ_descr']) . "
-			WHERE id = " . $db->quote($details['templ_id']) ;
+			SET name = " . $db->quote($details['templ_name'], 'text') . ",
+			descr = " . $db->quote($details['templ_descr'], 'text') . "
+			WHERE id = " . $db->quote($details['templ_id'], 'integer') ;
 	$response = $db->query($query);
 	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
 
@@ -636,7 +636,7 @@
 	if (PEAR::isError($response)) { error($response->getMessage()); return false; }
 
 	foreach ($details['perm_id'] AS $perm_id) {
-		$query = "INSERT INTO perm_templ_items (templ_id, perm_id) VALUES (" . $db->quote($details['templ_id']) . "," . $db->quote($perm_id) . ")";
+		$query = "INSERT INTO perm_templ_items (templ_id, perm_id) VALUES (" . $db->quote($details['templ_id'], 'integer') . "," . $db->quote($perm_id, 'integer') . ")";
 		$response = $db->query($query);
 		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
 	}
@@ -674,7 +674,7 @@
 		// current username is not the same as the username that was given by the 
 		// user, the username should apparantly changed. If so, check if the "new" 
 		// username already exists.
-		$query = "SELECT username FROM users WHERE id = " . $db->quote($details['uid']);
+		$query = "SELECT username FROM users WHERE id = " . $db->quote($details['uid'], 'integer');
 		$response = $db->query($query);
 		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
 
@@ -685,7 +685,7 @@
 			// Username of user ID in the database is different from the name
 			// we have been given. User wants a change of username. Now, make
 			// sure it doesn't already exist.
-			$query = "SELECT id FROM users WHERE username = " . $db->quote($details['username']);
+			$query = "SELECT id FROM users WHERE username = " . $db->quote($details['username'], 'text');
 			$response = $db->query($query);
 			if (PEAR::isError($response)) { error($response->getMessage()); return false; }
 
@@ -699,23 +699,23 @@
 		// another user that goes by the wanted username. So, go ahead!
 
 		$query = "UPDATE users SET
-				username = " . $db->quote($details['username']) . ",
-				fullname = " . $db->quote($details['fullname']) . ",
-				email = " . $db->quote($details['email']) . ",
-				description = " . $db->quote($details['descr']) . ", 
-				active = " . $db->quote($active) ;
+				username = " . $db->quote($details['username'], 'text') . ",
+				fullname = " . $db->quote($details['fullname'], 'text') . ",
+				email = " . $db->quote($details['email'], 'text') . ",
+				description = " . $db->quote($details['descr'], 'text') . ", 
+				active = " . $db->quote($active, 'integer') ;
 
 		// If the user is alllowed to change the permission template, set it.
 		if ($perm_templ_perm_edit == "1") {
-			$query .= ", perm_templ = " . $db->quote($details['templ_id']) ;
+			$query .= ", perm_templ = " . $db->quote($details['templ_id'], 'integer') ;
 
 		}
 
 		if(isset($details['password']) && $details['password'] != "") {
-			$query .= ", password = '" . md5($db->quote($details['password'])) . "' ";
+			$query .= ", password = " . $db->quote(md5($details['password']), 'text');
 		}
 
-		$query .= " WHERE id = " . $db->quote($details['uid']) ;
+		$query .= " WHERE id = " . $db->quote($details['uid'], 'integer') ;
 
 		$response = $db->query($query);
 		if (PEAR::isError($response)) { error($response->getMessage()); return false; }
@@ -748,13 +748,13 @@
 	}
 
 	$query = "INSERT INTO users (username, password, fullname, email, description, perm_templ, active) VALUES ("
-			. $db->quote($details['username']) . ", "
-			. $db->quote(md5($details['password'])) . ", "
-			. $db->quote($details['fullname']) . ", "
-			. $db->quote($details['email']) . ", "
-			. $db->quote($details['descr']) . ", "
-			. $db->quote($details['perm_templ']) . ", "
-			. $db->quote($active) 
+			. $db->quote($details['username'], 'text') . ", "
+			. $db->quote(md5($details['password']), 'text') . ", "
+			. $db->quote($details['fullname'], 'text') . ", "
+			. $db->quote($details['email'], 'text') . ", "
+			. $db->quote($details['descr'], 'text') . ", "
+			. $db->quote($details['perm_templ'], 'integer') . ", "
+			. $db->quote($active, 'integer') 
 			. ")";
 
 	$response = $db->query($query);