diff -r 963d62dc1c80 -r 3d18290ac993 inc/users.inc.php --- a/inc/users.inc.php Thu Jul 24 17:21:33 2008 +0000 +++ b/inc/users.inc.php Thu Aug 07 18:45:13 2008 +0000 @@ -40,19 +40,19 @@ // Set current user ID. $userid=$_SESSION['userid']; - $query = 'SELECT id FROM perm_items WHERE name='.$db->quote('user_is_ueberuser'); + $query = 'SELECT id FROM perm_items WHERE name='.$db->quote('user_is_ueberuser', 'text'); $ueberUserId = $db->queryOne($query); // Find the template ID that this user has been assigned. $query = "SELECT perm_templ FROM users - WHERE id = " . $db->quote($userid) ; + WHERE id = " . $db->quote($userid, 'integer') ; $templ_id = $db->queryOne($query); // Does this user have ueberuser rights? $query = "SELECT id FROM perm_templ_items - WHERE templ_id = " . $db->quote($templ_id) . " + WHERE templ_id = " . $db->quote($templ_id, 'integer') . " AND perm_id = ".$ueberUserId; $response = $db->query($query); if (PEAR::isError($response)) { error($response->getMessage()); return false; } @@ -63,14 +63,14 @@ // Find the permission ID for the requested permission. $query = "SELECT id FROM perm_items - WHERE name = " . $db->quote($permission) ; + WHERE name = " . $db->quote($permission, 'text') ; $perm_id = $db->queryOne($query); // Check if the permission ID is assigned to the template ID. $query = "SELECT id FROM perm_templ_items - WHERE templ_id = " . $db->quote($templ_id) . " - AND perm_id = " . $db->quote($perm_id) ; + WHERE templ_id = " . $db->quote($templ_id, 'integer') . " + AND perm_id = " . $db->quote($perm_id, 'integer') ; if (PEAR::isError($response)) { error($response->getMessage()); return false; } $response = $db->query($query); if ( $response->numRows() > 0 ) { @@ -108,7 +108,7 @@ $add = ''; if(is_numeric($id)) { //When a user id is given, it is excluded from the userlist returned. - $add = " WHERE users.id!=".$db->quote($id); + $add = " WHERE users.id!=".$db->quote($id, 'integer'); } // Make a huge query. @@ -161,7 +161,7 @@ { global $db; if(is_numeric($id)) { - $response = $db->query("SELECT id FROM users WHERE id=".$db->quote($id)); + $response = $db->query("SELECT id FROM users WHERE id=".$db->quote($id, 'integer')); if (PEAR::isError($response)) { error($response->getMessage()); return false; } if ($response->numRows() == 1) { return true; @@ -179,7 +179,7 @@ function user_exists($user) { global $db; - $response = $db->query("SELECT id FROM users WHERE username=".$db->quote($user)); + $response = $db->query("SELECT id FROM users WHERE username=".$db->quote($user, 'text')); if (PEAR::isError($response)) { error($response->getMessage()); return false; } if ($response->numRows() == 0) { return false; @@ -215,11 +215,11 @@ } } - $query = "DELETE FROM zones WHERE owner = " . $db->quote($uid) ; + $query = "DELETE FROM zones WHERE owner = " . $db->quote($uid, 'integer') ; $response = $db->query($query); if (PEAR::isError($response)) { error($response->getMessage()); return false; } - $query = "DELETE FROM users WHERE id = " . $db->quote($uid) ; + $query = "DELETE FROM users WHERE id = " . $db->quote($uid, 'integer') ; $response = $db->query($query); if (PEAR::isError($response)) { error($response->getMessage()); return false; } } @@ -284,7 +284,7 @@ // user, the username should apparantly changed. If so, check if the "new" // username already exists. - $query = "SELECT username FROM users WHERE id = " . $db->quote($id); + $query = "SELECT username FROM users WHERE id = " . $db->quote($id, 'integer'); $response = $db->query($query); if (PEAR::isError($response)) { error($response->getMessage()); return false; } @@ -297,7 +297,7 @@ // we have been given. User wants a change of username. Now, make // sure it doesn't already exist. - $query = "SELECT id FROM users WHERE username = " . $db->quote($user); + $query = "SELECT id FROM users WHERE username = " . $db->quote($user, 'integer'); $response = $db->query($query); if (PEAR::isError($response)) { error($response->getMessage()); return false; } @@ -311,18 +311,18 @@ // another user that goes by the wanted username. So, go ahead! $query = "UPDATE users SET - username = " . $db->quote($user) . ", - fullname = " . $db->quote($fullname) . ", - email = " . $db->quote($email) . ", - perm_templ = " . $db->quote($perm_templ) . ", - description = " . $db->quote($description) . ", - active = " . $db->quote($active) ; + username = " . $db->quote($user, 'text') . ", + fullname = " . $db->quote($fullname, 'text') . ", + email = " . $db->quote($email, 'text') . ", + perm_templ = " . $db->quote($perm_templ, 'integer') . ", + description = " . $db->quote($description, 'text') . ", + active = " . $db->quote($active, 'integer') ; if($password != "") { - $query .= ", password = " . $db->quote(md5($password)) ; + $query .= ", password = " . $db->quote(md5($password), 'text') ; } - $query .= " WHERE id = " . $db->quote($id) ; + $query .= " WHERE id = " . $db->quote($id, 'integer') ; $response = $db->query($query); if (PEAR::isError($response)) { error($response->getMessage()); return false; } @@ -347,14 +347,14 @@ return false; } - $query = "SELECT id, password FROM users WHERE username = " . $db->quote($_SESSION["userlogin"]); + $query = "SELECT id, password FROM users WHERE username = " . $db->quote($_SESSION["userlogin"], 'text'); $response = $db->query($query); if (PEAR::isError($response)) { error($response->getMessage()); return false; } $rinfo = $response->fetchRow(); if(md5($details['currentpass']) == $rinfo['password']) { - $query = "UPDATE users SET password = " . $db->quote(md5($details['newpass'])) . " WHERE id = " . $db->quote($rinfo['id']) ; + $query = "UPDATE users SET password = " . $db->quote(md5($details['newpass']), 'text') . " WHERE id = " . $db->quote($rinfo['id'], 'integer') ; $response = $db->query($query); if (PEAR::isError($response)) { error($response->getMessage()); return false; } @@ -373,7 +373,7 @@ function get_fullname_from_userid($id) { global $db; if (is_numeric($id)) { - $response = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id)); + $response = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id, 'integer')); if (PEAR::isError($response)) { error($response->getMessage()); return false; } $r = $response->fetchRow(); return $r["fullname"]; @@ -393,7 +393,7 @@ global $db; if (is_numeric($id)) { - $response = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id)); + $response = $db->query("SELECT fullname FROM users WHERE id=".$db->quote($id, 'integer')); if (PEAR::isError($response)) { error($response->getMessage()); return false; } if ($response->numRows() == 1) { @@ -419,7 +419,7 @@ global $db; if (is_numeric($id)) { - $response = $db->query("SELECT users.id, users.fullname FROM users, zones WHERE zones.domain_id=".$db->quote($id)." AND zones.owner=users.id ORDER by fullname"); + $response = $db->query("SELECT users.id, users.fullname FROM users, zones WHERE zones.domain_id=".$db->quote($id, 'integer')." AND zones.owner=users.id ORDER by fullname"); if (PEAR::isError($response)) { error($response->getMessage()); return false; } if ($response->numRows() == 0) { return ""; @@ -444,8 +444,8 @@ if (is_numeric($zoneid)) { $response = $db->query("SELECT zones.id FROM zones - WHERE zones.owner = " . $db->quote($userid) . " - AND zones.domain_id = ". $db->quote($zoneid)) ; + WHERE zones.owner = " . $db->quote($userid, 'integer') . " + AND zones.domain_id = ". $db->quote($zoneid, 'integer')) ; if (PEAR::isError($response)) { error($response->getMessage()); return false; } if ($response->numRows() == 0) { return "0"; @@ -464,12 +464,12 @@ if (v_num($specific)) { - $sql_add = "AND users.id = " . $db->quote($specific) ; + $sql_add = "AND users.id = " . $db->quote($specific, 'integer') ; } else { if (verify_permission('user_view_others')) { $sql_add = ""; } else { - $sql_add = "AND users.id = " . $db->quote($userid) ; + $sql_add = "AND users.id = " . $db->quote($userid, 'integer') ; } } @@ -517,7 +517,7 @@ if ($templ_id > 0) { $limit = ", perm_templ_items - WHERE perm_templ_items.templ_id = " . $db->quote($templ_id) . " + WHERE perm_templ_items.templ_id = " . $db->quote($templ_id, 'integer') . " AND perm_templ_items.perm_id = perm_items.id"; } @@ -553,7 +553,7 @@ $query = "SELECT * FROM perm_templ - WHERE perm_templ.id = " . $db->quote($templ_id); + WHERE perm_templ.id = " . $db->quote($templ_id, 'integer'); $response = $db->query($query); if (PEAR::isError($response)) { error($response->getMessage()); return false; } @@ -593,8 +593,8 @@ $query = "INSERT INTO perm_templ (name, descr) VALUES (" - . $db->quote($details['templ_name']) . ", " - . $db->quote($details['templ_descr']) . ")"; + . $db->quote($details['templ_name'], 'text') . ", " + . $db->quote($details['templ_descr'], 'text') . ")"; $response = $db->query($query); if (PEAR::isError($response)) { error($response->getMessage()); return false; } @@ -602,7 +602,7 @@ $perm_templ_id = $db->lastInsertId('perm_templ', 'id'); foreach ($details['perm_id'] AS $perm_id) { - $query = "INSERT INTO perm_templ_items (templ_id, perm_id) VALUES (" . $db->quote($perm_templ_id) . "," . $db->quote($perm_id) . ")"; + $query = "INSERT INTO perm_templ_items (templ_id, perm_id) VALUES (" . $db->quote($perm_templ_id, 'integer') . "," . $db->quote($perm_id, 'integer') . ")"; $response = $db->query($query); if (PEAR::isError($response)) { error($response->getMessage()); return false; } } @@ -618,9 +618,9 @@ // Fix permission template name and description first. $query = "UPDATE perm_templ - SET name = " . $db->quote($details['templ_name']) . ", - descr = " . $db->quote($details['templ_descr']) . " - WHERE id = " . $db->quote($details['templ_id']) ; + SET name = " . $db->quote($details['templ_name'], 'text') . ", + descr = " . $db->quote($details['templ_descr'], 'text') . " + WHERE id = " . $db->quote($details['templ_id'], 'integer') ; $response = $db->query($query); if (PEAR::isError($response)) { error($response->getMessage()); return false; } @@ -636,7 +636,7 @@ if (PEAR::isError($response)) { error($response->getMessage()); return false; } foreach ($details['perm_id'] AS $perm_id) { - $query = "INSERT INTO perm_templ_items (templ_id, perm_id) VALUES (" . $db->quote($details['templ_id']) . "," . $db->quote($perm_id) . ")"; + $query = "INSERT INTO perm_templ_items (templ_id, perm_id) VALUES (" . $db->quote($details['templ_id'], 'integer') . "," . $db->quote($perm_id, 'integer') . ")"; $response = $db->query($query); if (PEAR::isError($response)) { error($response->getMessage()); return false; } } @@ -674,7 +674,7 @@ // current username is not the same as the username that was given by the // user, the username should apparantly changed. If so, check if the "new" // username already exists. - $query = "SELECT username FROM users WHERE id = " . $db->quote($details['uid']); + $query = "SELECT username FROM users WHERE id = " . $db->quote($details['uid'], 'integer'); $response = $db->query($query); if (PEAR::isError($response)) { error($response->getMessage()); return false; } @@ -685,7 +685,7 @@ // Username of user ID in the database is different from the name // we have been given. User wants a change of username. Now, make // sure it doesn't already exist. - $query = "SELECT id FROM users WHERE username = " . $db->quote($details['username']); + $query = "SELECT id FROM users WHERE username = " . $db->quote($details['username'], 'text'); $response = $db->query($query); if (PEAR::isError($response)) { error($response->getMessage()); return false; } @@ -699,23 +699,23 @@ // another user that goes by the wanted username. So, go ahead! $query = "UPDATE users SET - username = " . $db->quote($details['username']) . ", - fullname = " . $db->quote($details['fullname']) . ", - email = " . $db->quote($details['email']) . ", - description = " . $db->quote($details['descr']) . ", - active = " . $db->quote($active) ; + username = " . $db->quote($details['username'], 'text') . ", + fullname = " . $db->quote($details['fullname'], 'text') . ", + email = " . $db->quote($details['email'], 'text') . ", + description = " . $db->quote($details['descr'], 'text') . ", + active = " . $db->quote($active, 'integer') ; // If the user is alllowed to change the permission template, set it. if ($perm_templ_perm_edit == "1") { - $query .= ", perm_templ = " . $db->quote($details['templ_id']) ; + $query .= ", perm_templ = " . $db->quote($details['templ_id'], 'integer') ; } if(isset($details['password']) && $details['password'] != "") { - $query .= ", password = '" . md5($db->quote($details['password'])) . "' "; + $query .= ", password = " . $db->quote(md5($details['password']), 'text'); } - $query .= " WHERE id = " . $db->quote($details['uid']) ; + $query .= " WHERE id = " . $db->quote($details['uid'], 'integer') ; $response = $db->query($query); if (PEAR::isError($response)) { error($response->getMessage()); return false; } @@ -748,13 +748,13 @@ } $query = "INSERT INTO users (username, password, fullname, email, description, perm_templ, active) VALUES (" - . $db->quote($details['username']) . ", " - . $db->quote(md5($details['password'])) . ", " - . $db->quote($details['fullname']) . ", " - . $db->quote($details['email']) . ", " - . $db->quote($details['descr']) . ", " - . $db->quote($details['perm_templ']) . ", " - . $db->quote($active) + . $db->quote($details['username'], 'text') . ", " + . $db->quote(md5($details['password']), 'text') . ", " + . $db->quote($details['fullname'], 'text') . ", " + . $db->quote($details['email'], 'text') . ", " + . $db->quote($details['descr'], 'text') . ", " + . $db->quote($details['perm_templ'], 'integer') . ", " + . $db->quote($active, 'integer') . ")"; $response = $db->query($query);